Re: Q: Tracking and detecting a possible virus
From: Frank Slootweg (this_at_ddress.is.invalid)
Date: 07/03/04
- Next message: nospam55: "secure /etc/fstab"
- Previous message: Frank Slootweg: "Re: IE Exploit, Online Banking Compromise Fixed using BHODemon"
- In reply to: Soul8o8: "Q: Tracking and detecting a possible virus"
- Next in thread: chris_at_nospam.com: "Re: Q: Tracking and detecting a possible virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 03 Jul 2004 09:38:42 GMT
I have not experienced this myself, but a simple Google search on
"iesp.mht" (without quotes) gives this as the first hit:
http://www.computing.net/security/wwwboard/forum/12613.html
Google is your friend.
Soul8o8 <soul8o8@hotmail.com> wrote:
> yo!
>
> i have a problem - i think i've got a new virus cause i can't find it
> with any scanner and I have clear symptoms (the start page of
> iexplorer is set to a certain file and i can't change it back.)
>
> Now i know that this virus creates a MHT-file in my windows folder and
> i know the name of the file it creates. my question is: is there any
> way of tracking what application or process created that file? if i
> knew the program that created the file i would also know the host of
> the virus yes? how do i do that?
>
> cause i can't submit any file to any antivirus co. if i don't have an
> infected file. any help in this matter would be very nice! :)
>
>
> (the file that is created is c:\windows\system32\iesp.mht maybe anyone
> has got it as well? and i think that this is clearly a new version of
> the StartPage-virus as listed by pandasoftware..)
- Next message: nospam55: "secure /etc/fstab"
- Previous message: Frank Slootweg: "Re: IE Exploit, Online Banking Compromise Fixed using BHODemon"
- In reply to: Soul8o8: "Q: Tracking and detecting a possible virus"
- Next in thread: chris_at_nospam.com: "Re: Q: Tracking and detecting a possible virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
