TechSpot

NEW VIRUS - 25th DECEMBER NASTY - TSPY_GOLDUN.BI

By meatologist
Jan 4, 2006
  1. Hey,

    Has anyone heard of this little virus that's appeared as of 25th December ?

    TSPY_GOLDUN.BI

    It cloaks itself as epsonsys.sys - I think... but there is NO info on this when google'ing!

    apart from some dodgy french site that (when translated) says something about a guy in France who's machine blue screened on December 25th with an error pointing to epsonsys.sys.

    anyway - We had a power cut, our Primary Domain Controller wouldnt boot after we fixed the power problem - booted into safe mode and saw this error to do with epsonsys.sys - so I changed the Binary from 1 to 0 (basically disabled the service) and rebooted ... it booted fine.

    So - the service is here in the registry:

    HKLM\SYSTEM\CurrentControlSet\Services\epsonsys

    but I cant find anything to do with this?!

    Can anyone help?
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    epsonsys.sys is one of your Epson printer drivers. it is perfectly safe.

    The fact that your computer crashed with this drivers means that the driver has probably become corrupted.

    Uninstall, and reinstall your printer drivers.

    If you`re worried that this driver may be a virus. Check to see where it is located. It should be located in Windows/system32/drivers, or some such bonafide location.

    Regards Howard :)
     
  3. meatologist

    meatologist TS Rookie Topic Starter Posts: 134

    There is no epson printer installed or ANY printer installed as it's the Primary Domain Controller. not a client machine.

    It's definately a virus as it's spreading on the network.

    Has ANYONE heard of this virus ?
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

  5. Samstoned

    Samstoned TechSpot Paladin Posts: 1,018

    I have epson installed on my net and none of my machine reg has this file in them and not any named driver for it anywhere
    do sound like a duck to me
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...