Hi, I don't have avast! antivirus, I use Norton, and it couldn't detect it, but I've searched all the internet for these file and didn't found many info, I've read a website that maybe thinks is a kind of Nachi or Welchia variant; but I downloaded some removal tools and none found it. I don't beleive any antivirus will detect it. Another problem is that I searched all my computer with a file named "mssmgrd.exe" but I couldn't found it even though it is listed on the services list and it also shows on the registry in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run.
I've already had a RPC crash, giving me 60 seconds, a typical MyDoom-ish or RPC vulnerability symptom. Other strange symptoms I had was a strange screen telling me something about "svchost.exe"; unluckily I didn't pay too much attention to it. Oddly I read some reports of virus that create other "svchost.exe" files in other folders so antivirus don't detect them but I couldn' t find another one.
Also I've noticed a lot of traffic in my network, netstat shows my computer tries to communicate through epmap, ip through ip, for ex:
192.168.1.1:epmap
192.168.1.2:epmap
Can somebody please help me!
At least I want to find the "mssmgrd.file on my computer, because I used the search tool with the "search hidden and system files" and I didn't found anything.
Thnx
Emilio
Update
I was able to find the file by showing protected operating system files. My first issue is solved, but I still want to know if it is a virus.
