new threat

Discussion in 'NOD32 version 2 Forum' started by Big Apple, Feb 28, 2007.

Thread Status:
Not open for further replies.
  1. Big Apple

    Big Apple Frequent Poster

    Joined:
    Aug 22, 2006
    Posts:
    724
    This is something I noticed as a detection:

    Time Module Object Name Threat Action User Information
    28-2-2007 9:50:06 AMON file C:\WINDOWS\system32\cmdow.exe Win32/CMDOW.143 application error while cleaning - operation unavailable for this type of object NT AUTHORITY\Netwerkservice Event occurred at an attempt to access the file by the application: C:\WINDOWS\system32\wbem\wmiprvse.exe.


    Anybody any idea what this is?
     
  2. ASpace

    ASpace Guest

    Hi ! As its name shows , it is just an application.I have found it mainly on Dell computers.Detected as Pottentially unwanted/unsafe program.

    Neither me nor my clients need it (I even don't know what it is) and I delete it . Since you don't know it , you obviously don't use it so it is safe to delete , I think .

    Your AMON settings are set to "Clean automatically" but since this is not a virus (but trojan/application) , it can't be cleaned . Open your AMON->Setup->"Actions" tab and choose Prohibit access and show alert window.Confirm with OK and Hide the Control Center .

    Next time it tries to access , AMON will pop-up and you can decide to ignore it or delete it , you can also back it up with "Copy to quarantine".

    Another way to eliminate it is to perform full scan and clean ;)
     
  3. Big Apple

    Big Apple Frequent Poster

    Joined:
    Aug 22, 2006
    Posts:
    724
    Thanks very much for your help. Just great and I'll delete it.

    ;) Big Apple
     
  4. ASpace

    ASpace Guest

    You are most welcome ! :thumb:
     
  5. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,729
    Location:
    localhost
    See here for more info.....
    https://www.wilderssecurity.com/showthread.php?t=23527

    Fax
     
  6. Big Apple

    Big Apple Frequent Poster

    Joined:
    Aug 22, 2006
    Posts:
    724
    Hi Fax,

    Thanks for the link.....gives a good explanation of this service.

    ;) Big Apple
     
Thread Status:
Not open for further replies.