|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Puzzled....
From: Jean-Marie Monnier (kedves
attglobal.net)
Date: Wed Aug 04 2004 - 02:13:37 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Aditya, thanks a lot!
As a matter of fact, the following procedure "try rebooting in safe mode
and running the scan" provided to me by Stephen Blass
<Stephen.Blassasu.edu> did the trick.
I also got from Bernardo Quintero <bernardohispasec.com> this
alternate solution (untested, as the file seems to be deleted right
away, as you pointed out),
"Create a new message with scanvirustotal.com as destination of such
e-mail Put only SCAN in the subject field
Attach the file to be scanned You will receive an e-mail with a report
of the tile analysis." Merci to all!
jmm
> This is a typical behavior where the resident sheild simply put the
> file in quarantine or deletes the file is this what is happening
> please see the options to see what AVG is doing ....
>
>
> -aditya
>
> -----Original Message-----
> From: full-disclosure-adminlists.netsys.com
> [mailto:full-disclosure-adminlists.netsys.com]On Behalf Of
> Jean-Marie Monnier
> Sent: Wednesday, August 04, 2004 12:06 AM
> To: full-disclosurelists.netsys.com
> Subject: [Full-Disclosure] Puzzled....
>
> Since mid day today, I am flooded with interrupts from AVG
> resident shield yelling at me; and saying, in a nice little box..:.
> =================================
> Virus
> !
> Trojan horse Downloader Crypter C !
>
> !
> is found in file !
> C\WINDOWS\TEMP\WKNxxxx.exe ! <= (xxxx taking all kind
> of values, the most recent one being A0803 )
>
> !
> to remove this virus, run AVG for Windows !
> ____________________________________!
>
> Running AVG doesn't find anything..... Any clues? Thanks in
> advance for any... jm (retired IBM'er... yes, it shows.. :-[ )
>
> Delivered using the Free Personal Edition of Mailtraq
> (www.mailtraq.com) <http://www.mailtraq.com>
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]