Forgot your password?
nrhy, April 28, 2007 in General Questions
ahhh, thanks for the quick reply
forwardin addy... = email?
Fwiw you have one of the more severe infections,i suspect either your winlogon.exe is patched or you have rootkit main.sys loaded but don't panic were going to kick their malware butts shortly
thanks for the clear explanation
Tried with winzip and winrar, neither works:?
can I upload it the way it is? or will the server reject it?
yes, I received the update thanks
Tried with winzip and winrar, neither works.yes, I received the update thanks
I must admit i do not use 3rd part tools for compression/decompression of Zip formats.Inhouse on the OS is the *send to* option on right click when the file is highlighted and select *compressed(Zipped)folder* option.
Has that been disabled or is your ndis file 0 byte in size ?
Ok try this approach towards harvesting the file.
Use IceSword file copy and save the file as ndis.old when you copy it.
If not no biggie as it will turn up sooner or later elsewhere but i will definetly like a copy of the spambot since SAS is not detcting that variant so i'm guessing it is a new repack
alright, the zip file is up on the castlecops website...or so it said.
tell me if you can access it
alright, the zip file is up on the castlecops website...or so it said. tell me if you can access it
I have them now and will be be looking at them shortly.Thanks again for the upload
Those files not being present is not a problem,like i said earliar depending on which *variant* of the infection you had would govern which badboys were on your machine.So its a good thing if they are all not present in one way
Just to double check,did you upload your winlogon.exe from system32 folder to VT service ?
yeah, except its taking a while
it stops scanning after some time with the winlogon file...
AhnLab-V3 2007.4.28.0 04.27.2007 no virus found
AntiVir 18.104.22.168 04.28.2007 no virus found
Authentium 4.93.8 04.27.2007 no virus found
Avast 4.7.981.0 04.26.2007 no virus found
AVG 22.214.171.1244 04.26.2007 no virus found
BitDefender 7.2 04.29.2007 no virus found
CAT-QuickHeal 9.00 04.28.2007 no virus found
ClamAV devel-20070416 04.29.2007 no virus found
DrWeb 4.33 04.28.2007 no virus found
eSafe 126.96.36.199 04.27.2007 no virus found
eTrust-Vet 30.7.3601 04.27.2007 no virus found
Ewido 4.0 04.27.2007 no virus found
FileAdvisor 1 04.29.2007 No threat detected
Fortinet 188.8.131.52 04.28.2007 no virus found
F-Prot 184.108.40.206 04.27.2007 no virus found
for the most part, its clean...
Right when you say its stops scanning,do you mean a message appears at the top left of the page saying *Service has stopped* ?
If so click refresh to reload and keep repeating until it starts mal checking again.We need the full report before the all clear is sounded
done, its all good
no threat, no virus...totally clean
Thanks alot for everything you done fatdcuk!!! greatly appreciate it
You need to be a member in order to leave a comment
Sign up for a new account in our community. It's easy!
Already have an account? Sign in here.