lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <41108CA1.1080602@attglobal.net>
From: kedves at attglobal.net (Jean-Marie Monnier)
Subject: Puzzled....

Aditya, thanks a lot!

As a matter of fact, the following procedure "try rebooting in safe mode 
and running the scan" provided to me by Stephen Blass 
<Stephen.Blass@....edu> did the trick.

 I also got from Bernardo Quintero <bernardo@...pasec.com> this 
alternate solution (untested, as the file seems to be deleted right 
away, as you pointed out),
"Create a new message with scan@...ustotal.com as destination of such 
e-mail Put only SCAN in the subject field
Attach the file to be scanned You will receive an e-mail with a report 
of the tile analysis." Merci to all!
 jmm

> This is a typical behavior where the resident sheild simply put the 
> file in quarantine or deletes the file is this what is happening 
> please see the options to see what AVG is doing ....
>  
>  
> -aditya
>
>     -----Original Message-----
>     From: full-disclosure-admin@...ts.netsys.com
>     [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of
>     Jean-Marie Monnier
>     Sent: Wednesday, August 04, 2004 12:06 AM
>     To: full-disclosure@...ts.netsys.com
>     Subject: [Full-Disclosure] Puzzled....
>
>     Since mid day today, I am flooded with interrupts from AVG
>     resident shield  yelling at me; and saying, in a nice little box..:.
>     =================================
>      Virus                                                   
>                !  
>     Trojan horse Downloader Crypter C             !
>                                                                             
>     !
>     is found in file                                                  !
>     C\WINDOWS\TEMP\WKNxxxx.exe           ! <=  (xxxx taking all kind
>     of values, the most recent one being A0803 )
>                                                                             
>     !
>     to remove this virus, run AVG for Windows !
>     ____________________________________!
>
>     Running AVG doesn't find  anything.....   Any clues?    Thanks in
>     advance for any... jm    (retired IBM'er... yes, it shows.. :-[ )
>
> Delivered using the Free Personal Edition of Mailtraq 
> (www.mailtraq.com) <http://www.mailtraq.com>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ