Retro Virus Zimuse which overwrites Master Boot Record hits U.S

January 29th, 2010 Comments off

Though the virus name sounds Greek and Latin, it just finished Doctorate in modifying the Master Boot Record (MBR) and making the PC data inaccessible. Now its sounds not great Though.

It spreads in two ways, via compromised websites and through a self exec Zip archive. This type of threat overwrites the MBR of all the drives available with its own data of just 50KB. Also it deletes Boot.ini,, NTLDR, Bootmgr and hiberfil.sys.

retro-virus-zimuse ESET, a global provider of security solutions spotted this worm Win32/Zimuse.A and B spreading in Slovakian region created to prank a small community of bikers. It spreads beyond its boundaries and slowly injected greatest number of computers in United States. The two above said A and B variants has little bit time difference in activating itself since infiltration. ESET warns that if correct removal method is not initialized the virus switches itself to destructive mode.

If you see any payload regarding this worm in any systems please do backup the data just in case to avoid potential data loss. ESET also provided a tool to kick out this worm.

Download the tool from ESET: Zimuse Removal Tool

Wordpress SEO Plugin by Wordpress SEO Plugin