Re: wmon16.exe
From: Willem Tahon (tahon_at_un.org)
Date: 05/11/04
- Previous message: Nick FitzGerald: "Re: wmon16.exe"
- Maybe in reply to: Jason High: "wmon16.exe"
- Next in thread: Nick FitzGerald: "Re: wmon16.exe"
- Reply: Nick FitzGerald: "Re: wmon16.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: nick@virus-l.demon.co.uk Date: Mon, 10 May 2004 18:13:24 -0400
Also keep in mind that some of the AV developers require specific handling
of viruses (e.g. password-protected zipping) before sending them.
|---------+---------------------------->
| | Nick FitzGerald |
| | <nick@virus-l.dem|
| | on.co.uk> |
| | |
| | 10/05/2004 03:31 |
| | PM |
| | Please respond to|
| | nick |
| | |
|---------+---------------------------->
>------------------------------------------------------------------------------------------------------------------------------|
| |
| To: incidents@securityfocus.com |
| cc: |
| Subject: Re: wmon16.exe |
>------------------------------------------------------------------------------------------------------------------------------|
"Jason High" <strongcypher@hotmail.com> wrote:
> I believe that I have a HUGE problem, and I can't find anything anywhere.
> Here are our symptoms:
<<snip>>
> I am completely lost. No removal tools have worked, no A/V is picking it
> up. I've got about four hosts with these symptoms (so far) and I'm just
> unplugging network cables at this point. Anyone with any pointers?
Further to Harlan's excellent advice, you would do well to forward such
suspect files to your preferred AV developers' sample submission
addresses. To save you having to look them up, here is a list of such
addresses for the better-known developers:
Authentium (Command Antivirus) <virus@authentium.com>
Computer Associates (US) <virus@ca.com>
Computer Associates (Vet/EZ) <ipevirus@vet.com.au>
DialogueScience (Dr. Web) <Antivir@dials.ru>
Eset (NOD32) <sample@nod32.com>
F-Secure Corp. <samples@f-secure.com>
Frisk Software (F-PROT) <viruslab@f-prot.com>
Grisoft (AVG) <virus@grisoft.cz>
H+BEDV (AntiVir, Vexira engine) <virus@antivir.de>
Kaspersky Labs <newvirus@kaspersky.com>
Network Associates (McAfee) <virus_research@nai.com>
(use a ZIP file with the password 'infected' without the quotes)
Norman (NVC) <analysis@norman.no>
Panda Software <labs@pandasoftware.com>
Sophos Plc. <support@sophos.com>
Symantec (Norton) <avsubmit@symantec.com>
Trend Micro (PC-cillin) <virus_doctor@trendmicro.com>
(Trend may only accept files from users of its products)
-- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 --------------------------------------------------------------------------- ---------------------------------------------------------------------------- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
- Previous message: Nick FitzGerald: "Re: wmon16.exe"
- Maybe in reply to: Jason High: "wmon16.exe"
- Next in thread: Nick FitzGerald: "Re: wmon16.exe"
- Reply: Nick FitzGerald: "Re: wmon16.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
