Know Your Malware: Exploit winamp pls Removal

Winamp 5.12, a popular media player, has a critical vulnerability, which can be utilized by the Exploit.winamp.pls exploit. This threat installs widely spread parasites including SpySheriff and a variant of the CoolWebSearch hijacker to the compromised system. The following manual removal instructions should be used in order to eliminate the parasites that Exploit.winamp.pls drops. To prevent the infection update to Winamp 5.13, which includes a fix for the vulnerability.

Related files: addas32.exe, atlya32.exe, f2install.exe, iepn32.exe, javaee32.exe, mfcsp32.exe, netef32.exe, netrl.exe, ntbe.exe, ntxo32.exe, sdkuk32.exe, spysheriff.exe, winstall.exe, [X1]32.exe, [X2].tmp.exe, iesecurity.dll, procmon.dll, [X3]32.dll, desktop.html, wallpaper.html, x.pls

Exploit.winamp.pls properties:
Changes browser settings
Shows commercial adverts
Connects itself to the internet
Hides from the user
Stays resident in background Remove Exploit.winamp.pls, removal instructions

Linked by shanmuga Sunday, 5th February 2006 12:12AM