|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: wmon16.exe
From: Willem Tahon (tahon
un.org)
Date: Mon May 10 2004 - 17:13:24 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Also keep in mind that some of the AV developers require specific handling
of viruses (e.g. password-protected zipping) before sending them.
|---------+---------------------------->
| | Nick FitzGerald |
| | <nickvirus-l.dem|
| | on.co.uk> |
| | |
| | 10/05/2004 03:31 |
| | PM |
| | Please respond to|
| | nick |
| | |
|---------+---------------------------->
>------------------------------------------------------------------------------------------------------------------------------|
| |
| To: incidentssecurityfocus.com |
| cc: |
| Subject: Re: wmon16.exe |
>------------------------------------------------------------------------------------------------------------------------------|
"Jason High" <strongcypherhotmail.com> wrote:
> I believe that I have a HUGE problem, and I can't find anything anywhere.
> Here are our symptoms:
<<snip>>
> I am completely lost. No removal tools have worked, no A/V is picking it
> up. I've got about four hosts with these symptoms (so far) and I'm just
> unplugging network cables at this point. Anyone with any pointers?
Further to Harlan's excellent advice, you would do well to forward such
suspect files to your preferred AV developers' sample submission
addresses. To save you having to look them up, here is a list of such
addresses for the better-known developers:
Authentium (Command Antivirus) <virusauthentium.com>
Computer Associates (US) <virusca.com>
Computer Associates (Vet/EZ) <ipevirusvet.com.au>
DialogueScience (Dr. Web) <Antivirdials.ru>
Eset (NOD32) <samplenod32.com>
F-Secure Corp. <samplesf-secure.com>
Frisk Software (F-PROT) <viruslabf-prot.com>
Grisoft (AVG) <virusgrisoft.cz>
H+BEDV (AntiVir, Vexira engine) <virusantivir.de>
Kaspersky Labs <newviruskaspersky.com>
Network Associates (McAfee) <virus_researchnai.com>
(use a ZIP file with the password 'infected' without the quotes)
Norman (NVC) <analysisnorman.no>
Panda Software <labspandasoftware.com>
Sophos Plc. <supportsophos.com>
Symantec (Norton) <avsubmitsymantec.com>
Trend Micro (PC-cillin) <virus_doctortrendmicro.com>
(Trend may only accept files from users of its products)
--
Nick FitzGerald
Computer Virus Consulting Ltd.
Ph/FAX: +64 3 3529854
---------------------------------------------------------------------------
----------------------------------------------------------------------------
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]