Re: Trojan, variant Generic.ca

From: Kayman (Kayman_at_discussions.microsoft.com)
Date: 08/12/05 

Date: Fri, 12 Aug 2005 04:54:05 -0700

VirusTotal have increased the file size limits from 5MB to 10MB. Their scan
results confirmed the presence of "Generic.ca" which was found by McAfee
version 4556 updated 08.11.2005. Another scanning engine called Fortinet
version 2.36.0.0 updated 08.12.2005 reported "suspicious". All other scan
engines reported "no virus found".
A password protected zip file of WWE32.EXE was submitted to virus_research
but no response as yet.
Thanks for continued assistance.

"David H. Lipman" wrote:

> From: "Kayman" <Kayman@discussions.microsoft.com>
>
> | Thank you for advising the updating issue with respect to the McAfee module.
> | I presume that this response is relating to my message "Correction to my last
> | paragraph".
> |
> | Prior to my message concerning "Correction to my last paragraph" I answered
> | your question with respect to the file size of WWEB.32EXE (VirusTotal
> | related) and reported the results with respect to Multi-AV.
> |
> | Please advise if my response with respect to the failed attempt scanning
> | with McAfee in F8 mode within Multi-AV set-up is not detailed enough.
> |
> | As I am unable to run McAfee within the Multi-Av set-up, would it be
> | possible downloading the new version of McAfee v4.40 .00 as a stand alone
> | application?
> |
> | Should I try to re-send the virus scan results (normal mode) to McAfee?
> |
> | "David H. Lipman" wrote:
> |
>
> Send the scan results to McAfee ? No. They want the file.
> Zip the file and password protect the file with the password = infected.
>
> Send the apssword protected ZIP file to; virus_research@nai.com
>
> Either thator submit is to McAfee/AVERT Web Immune - https://www.webimmune.net/default.asp
>
> However, I think the file is too big to submit and Web Immune.
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
>

Quantcast