Researching IMISERV (wupdt.exe)

[<rlh () hush ai>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello everyone,

I am in the process of developing network security labs for some
community college students. Very recently I assisted a neighbor
with removing the IMISERV virus from a friend's laptop. It's not
possible to get the laptop back, but I would very much like to
write a lab for my students in which they would operate a machine
infected with IMISERV, identify the wupdt.exe process, and then
gather information from the net on how to remove this themselves.

I've been looking all over the net but have not been able to find a
copy of this virus/trojan. Can anyone point me in the right
direction?

These are some of the sites I've check so far, but have not been
able to locate IMISERV:

http://www.infosyssec.net
http://el-killer.chez.tiscali.fr/Virii.htm
http://membres.lycos.fr/asle/virii.2.html
http://www.security.nnov.ru
http://biohazard.xz.cz
http://www.astalavista.com

And several others.

Can anyone shed some light on where to grab this?

thx,

rlh
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkLMOdwACgkQ0aOW5JYQzBsgKACfczCrcfotPuoESgI7VlfBlfJNwGsA
njo6r1D6fsXSrO6BzyurufYp6lio
=GD7t
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/