Re: Trojan Horse virus
From: Chris Stoermer (stoermer@NOSPAM.unt.edu)
- Next message: Consultant®: "Re: Trojan Horse virus"
- Previous message: Jeff: "Can not take ownership on win2000"
- In reply to: Jeff Cochran: "Re: Trojan Horse virus"
- Next in thread: Consultant®: "Re: Trojan Horse virus"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Chris Stoermer <stoermer@NOSPAM.unt.edu> Date: Mon, 29 Jul 2002 13:02:04 -0700
It's probably loaded as a service and running. Check winnt\vm32, or vmn32,
or config for other possible exploit files.
jcochran at naplesgov dot com (Jeff Cochran) wrote in
>>My anti-virus software is alerting me that file
>>C:\winnt\system32\wnmngm1.exe has a Trojen Horse virus.
>>It them tells me that it cannot be quarntined or deleted.
>>What do you think??
> I think that ham sandwich I had for lunch was a little dry.
> As for your file, it's infected, and can't be cleaned, then a sensible
> admin would delete it and if needed, restore from backup. Then he'd
> seal the hole that the virus got in through.