Trojan Horse Generic6.UMU or UMS

By rgrizz
Aug 23, 2007
  1. I've been up all night trying to figure this trojan out and how to stop it. Here's what

    I've determined so far. The trojan seems to be self mutating with multiple payloads that

    are randomized as to selection of payload (a,b,c,d.....) Example: payload a= game file

    infection, payload b= file permission changes/tampering, payload c= spontaneous reboot,

    payload d= setup.exe and ISSetup.dll and so forth. Multiple antivirus scans with Trend

    Micro Housecall and AVG results in no infection found. Scans with ClamWin Anti virus

    results in permission to scan all files denied on a file by file basis. There is a

    possibility of rootkit, but I have not fully tested as of yet with results of rootkit

    detectors being sometimes cryptic and too informative. Has anyone seen this behavior before

    August 21, 2007 which appears to be when the first initial reports started appearing in

    this form and my system was compromised.? People are saying this is a False Positive, but everytime I run a AVG scan 4 to 6 of the same trojans seem to be detected.
    Grizz of CTGNY
  2. raybay

    raybay TS Evangelist Posts: 7,241   +10

    Not an infestion. It is an error or a false positive from AVG. No other antivirus or Antispyware program but AVG is finding it.
    Don't worry about it... but you may need to do some work to recover the 6 files it normally quarantines.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...