Full Disclosure mailing list archives
(no subject)
From: "andy mueller" <muellera37 () msn com>
Date: Fri, 03 Jun 2005 14:16:44 +0100
HI people I have had "wintcpmod" as well so I submitted it to norton antivirus and they came back to me with this:
We have analyzed your submission. The following is a report of our findings for each file you have submitted: filename: C:\WINDOWS\system32\wintcpmod.exe machine: ALIEN result: This file is infected with Backdoor.Trojan Developer notes: C:\WINDOWS\system32\wintcpmod.exe is non-repairable threat. NAV with the latest rapidrelease definition detects this. Please delete this file and replace it if neccessary. Please follow the instruction at the end of this email message to install the latest rapidrelease definitions. Symantec Security Response has determined that the sample(s) that you provided are infected with a virus, worm, or Trojan. We have created RapidRelease definitions that will detect this threat. Please follow the instruction at the end of this email message to download and install the latest RapidRelease definitions. Downloading and Installing RapidRelease Definition Instructions: 1. Open your Web browser. If you are using a dial-up connection, connect to any Web site, such as: http://securityresponse.symantec.com/ 2. Click this link to the ftp site: ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus/rapidrelease/symrapidreleasedefsi32.exe. If it does not go to the site (this could take a minute or so if you have a slow connection), copy and paste the address into the address bar of your Web browser and then press Enter. 3. When a download dialog box appears, save the file to the Windows desktop. 4. Double-click the downloaded file and follow the prompts. ---------------------------------------------------------------------- This message was generated by Symantec Security Response automation Should you have any questions about your submission, please contact our regional technical support from the Symantec website (http://www.symantec.com/techsupp/) and give them the tracking number in the subject of this message. _________________________________________________________________Winks & nudges are here - download MSN Messenger 7.0 today! http://messenger.msn.co.uk
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- (no subject) andy mueller (Jun 03)
- <Possible follow-ups>
- RE: (no subject) Todd Towles (Jun 03)
- RE: (no subject) Andrew R. Reiter (Jun 03)