[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Puzzled....

Aditya, thanks a lot!

As a matter of fact, the following procedure "try rebooting in safe mode and running the scan" provided to me by Stephen Blass <Stephen.Blass@xxxxxxx> did the trick.

I also got from Bernardo Quintero <bernardo@xxxxxxxxxxxx> this alternate solution (untested, as the file seems to be deleted right away, as you pointed out),
"Create a new message with scan@xxxxxxxxxxxxxx as destination of such e-mail Put only SCAN in the subject field
Attach the file to be scanned You will receive an e-mail with a report of the tile analysis." Merci to all!
jmm

This is a typical behavior where the resident sheild simply put the file in quarantine or deletes the file is this what is happening please see the options to see what AVG is doing ....
-aditya

    -----Original Message-----
    From: full-disclosure-admin@xxxxxxxxxxxxxxxx
    [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx]On Behalf Of
    Jean-Marie Monnier
    Sent: Wednesday, August 04, 2004 12:06 AM
    To: full-disclosure@xxxxxxxxxxxxxxxx
    Subject: [Full-Disclosure] Puzzled....

Since mid day today, I am flooded with interrupts from AVG
resident shield yelling at me; and saying, in a nice little box..:.
=================================
Virus ! Trojan horse Downloader Crypter C !
!
is found in file !
C\WINDOWS\TEMP\WKNxxxx.exe ! <= (xxxx taking all kind
of values, the most recent one being A0803 )
!
to remove this virus, run AVG for Windows !
____________________________________!

    Running AVG doesn't find  anything.....   Any clues?    Thanks in
    advance for any... jm    (retired IBM'er... yes, it shows.. :-[ )

Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) <http://www.mailtraq.com>


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html