Re: Trojan Horse virus

From: Chris Stoermer (stoermer@NOSPAM.unt.edu)
Date: 07/29/02


From: Chris Stoermer <stoermer@NOSPAM.unt.edu>
Date: Mon, 29 Jul 2002 13:02:04 -0700


It's probably loaded as a service and running. Check winnt\vm32, or vmn32,
or config for other possible exploit files.

--Chris

jcochran at naplesgov dot com (Jeff Cochran) wrote in
news:3d4c9a9d.27151822@news.supernews.com:

>>My anti-virus software is alerting me that file
>>C:\winnt\system32\wnmngm1.exe has a Trojen Horse virus.
>>It them tells me that it cannot be quarntined or deleted.
>>What do you think??
>
> I think that ham sandwich I had for lunch was a little dry.
>
> As for your file, it's infected, and can't be cleaned, then a sensible
> admin would delete it and if needed, restore from backup. Then he'd
> seal the hole that the virus got in through.
>
> Jeff
>



Relevant Pages

  • Re: uuuhhh
    ... oooppps... ... > <jcochran at naplesgov dot com (Jeff Cochran)> wrote in message ...
    (microsoft.public.win2000.security)
  • Re: IP - All Assigned or localhost?
    ... <jcochran at naplesgov dot com (Jeff Cochran)> ... >>I have a web site entry that I would like to access only locally, ...
    (microsoft.public.inetserver.iis.security)
  • Re: The Stunning Failure of OpenBSD
    ... The world rejoiced as jcochran at naplesgov dot com (Jeff Cochran) wrote: ... Jeff not reading carefully enough so as to grasp that the ...
    (comp.os.linux.security)
  • Re: Trojan Horse virus
    ... <jcochran at naplesgov dot com (Jeff Cochran)> ... >>My anti-virus software is alerting me that file ...
    (microsoft.public.win2000.security)
  • Re: Odd Log Entries
    ... <jcochran at naplesgov dot com (Jeff Cochran)> ... >>I found odd requests in my log file. ...
    (microsoft.public.inetserver.iis.security)