[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <41108CA1.1080602@attglobal.net>
From: kedves at attglobal.net (Jean-Marie Monnier)
Subject: Puzzled....
Aditya, thanks a lot!
As a matter of fact, the following procedure "try rebooting in safe mode
and running the scan" provided to me by Stephen Blass
<Stephen.Blass@....edu> did the trick.
I also got from Bernardo Quintero <bernardo@...pasec.com> this
alternate solution (untested, as the file seems to be deleted right
away, as you pointed out),
"Create a new message with scan@...ustotal.com as destination of such
e-mail Put only SCAN in the subject field
Attach the file to be scanned You will receive an e-mail with a report
of the tile analysis." Merci to all!
jmm
> This is a typical behavior where the resident sheild simply put the
> file in quarantine or deletes the file is this what is happening
> please see the options to see what AVG is doing ....
>
>
> -aditya
>
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of
> Jean-Marie Monnier
> Sent: Wednesday, August 04, 2004 12:06 AM
> To: full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] Puzzled....
>
> Since mid day today, I am flooded with interrupts from AVG
> resident shield yelling at me; and saying, in a nice little box..:.
> =================================
> Virus
> !
> Trojan horse Downloader Crypter C !
>
> !
> is found in file !
> C\WINDOWS\TEMP\WKNxxxx.exe ! <= (xxxx taking all kind
> of values, the most recent one being A0803 )
>
> !
> to remove this virus, run AVG for Windows !
> ____________________________________!
>
> Running AVG doesn't find anything..... Any clues? Thanks in
> advance for any... jm (retired IBM'er... yes, it shows.. :-[ )
>
> Delivered using the Free Personal Edition of Mailtraq
> (www.mailtraq.com) <http://www.mailtraq.com>
>
Powered by blists - more mailing lists