[Dshield] Possible virus/worm?
j.riden at massey.ac.nz
Tue Oct 26 19:12:37 GMT 2004
"Isaac Perez" <pobletman at hotmail.com> writes:
> I had more or less the same problem, but with the avg antivirus, it can't
> detect a virus that collapse the network attacking other windows in the port
> 445, in our case windows xp.
> In our case the virus was a .dll and runs explorer.exe to conect the
> We cleaned it with stinger:
> you can try it.
> I wish it will be useful to you.
Also try http://www.clamwin.com/ - a Windows port of ClamAV. I
wouldn't recommend it as your sole AV software, but it's a useful
backup if your primary one isn't catching a particular thing. (In my
case Symantec wasn't picking up an Rxbot variant, but ClamWin
identified it as a generic MS04-011 exploit.
James Riden / j.riden at massey.ac.nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/
More information about the list