Re: Download.Trojan Virus
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 11/05/03
- Next message: Bill Sanderson: "Re: Virus W32.Sevena"
- Previous message: Brian [MSFT]: "Re: Messages sent from empty Outbox!"
- In reply to: Bill Sanderson: "Re: Download.Trojan Virus"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Download.Trojan Virus"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Download.Trojan Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 4 Nov 2003 20:24:03 -0500
Gratzi Bill.
Dave
"Bill Sanderson" <Bill_Sanderson@msn.com.plugh.org> wrote in message
news:upcpglzoDHA.964@TK2MSFTNGP10.phx.gbl...
| FWIW, NAV does detect at least one critter as "download.trojan"
|
| And it also claims it can neither quarantine nor remove it, even in safe
| mode.
|
| I suspect this is a generic label for a bit of trojan code which is then
| used to download other bits--so the eventual situation may be different in
| different cases. I've seen at least three instances where the identified
| file was 235003.exe in temporary Internet files, which lead to this
| reference:
|
| http://www.safersite.com/PestInfo/f/f__ksite.asp
|
| The single infected machine I saw was before this reference was published,
| and I was unable to find 235003.exe on the disk. I was able to find 3
| "suspicious" files in the TIF, which I eventually deleted, whereupon Norton
| ran normally and declared the machine clean, and has continued to do so.
|
| I haven't gone back and looked for the other items mentioned in this
| reference, and suspect that the problem is broader than this one example.
|
| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
| news:ea8reRxoDHA.2000@TK2MSFTNGP12.phx.gbl...
| > Jane:
| > The directory tree; C:\...\Temporary Internet Files\Content\IE5 is the
| IE cache.
| > Anything there is unimportant and SHOULD be deleted and there no reason,
| or course of
| > action, to replace it.
| >
| > Note that it is important to state the FULL name of the; virus, Trojan or
| worm that an AV
| > package finds and state the name and version of the AV package you use to
| get the best
| > answers to your queries.
| >
| > Dave
| >
| >
| > "Jane" <anonymous@discussions.microsoft.com> wrote in message
| > news:048401c3a313$abd672d0$a101280a@phx.gbl...
| > | Two weeks ago my antivirus software suddenly opened and
| > | informed me that C:\...\Temporary Internet Files\Content
| > | IE5\GZ0J23MN\expl[2].hta was successfully deleted. And
| > | that I should replace this file with an uninfected copy of
| > | the original.
| > | Immediately following.."Unable to delete file. It is still
| > | infected with the Download. Trojan Virus
| > | So I clicked quarantine-it said unable to...
| > | Then I ran A scan and it found no infection.
| > | Two days ago it found a virus in an email. When I ran a
| > | scan it said no infections were found.
| > | I don't know what to do.
| >
| >
|
|
- Next message: Bill Sanderson: "Re: Virus W32.Sevena"
- Previous message: Brian [MSFT]: "Re: Messages sent from empty Outbox!"
- In reply to: Bill Sanderson: "Re: Download.Trojan Virus"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Download.Trojan Virus"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Download.Trojan Virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
