Re: Trojan Horse virus

From: Chris Stoermer (stoermer@NOSPAM.unt.edu)
Date: 07/29/02


From: Chris Stoermer <stoermer@NOSPAM.unt.edu>
Date: Mon, 29 Jul 2002 13:02:04 -0700


It's probably loaded as a service and running. Check winnt\vm32, or vmn32,
or config for other possible exploit files.

--Chris

jcochran at naplesgov dot com (Jeff Cochran) wrote in
news:3d4c9a9d.27151822@news.supernews.com:

>>My anti-virus software is alerting me that file
>>C:\winnt\system32\wnmngm1.exe has a Trojen Horse virus.
>>It them tells me that it cannot be quarntined or deleted.
>>What do you think??
>
> I think that ham sandwich I had for lunch was a little dry.
>
> As for your file, it's infected, and can't be cleaned, then a sensible
> admin would delete it and if needed, restore from backup. Then he'd
> seal the hole that the virus got in through.
>
> Jeff
>