PDA

View Full Version : MALWARE .U HELP Please



lampworked
2005-10-24, 06:27
Hi Guys I have been plagued with the Malware Trojan for a few days I scan with McAfee and my system is clean and then up pops the McAfee informing me I have it again , it seems to be working its way file by file inti the System \volume\information restore I just keep Quarantineing the files , McAfee recommended this program and on Downloading it I noticed it got to a file which was the Malware defination and it stopped loading and came up with an error I was able to pess go and it continued to install seemingly Ok , but I ran Search and Destroy it found 15 probs in Red I deleted them and rebooted 2 mins later up came the Malware trojan again , it seemed to me that it was able to stop Spybot from loading its defination ??? Help Im using XP Regards Geoff

djpailo
2005-10-24, 16:57
what is the whole name of the trojan?

md usa spybot fan
2005-10-24, 19:20
lampworked:

If the McAfee is detecting this:
New Malware.u
I suggest that you read the following:
Virus Profile: New Malware.u
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=136317

According to that article McAfee is detecting New Malware.u using their optional heuristic scan.


Scanning for new unknown viruses
Use this option to find the newest viruses that might not have existing “cures.”

This option uses advanced heuristic techniques that try to match files to the signatures of known viruses, while also looking for telltale signs of unidentified viruses in the files.

This scanning method also looks for file traits that can generally rule out that the file contains a virus. This minimizes the chances that VirusScan will give a false indication. Nevertheless, if a heuristic scan detects a virus, you should treat it with the same caution that you would treat a file that you know contains a virus.

This option provides the most thorough scan, but is generally slower than a normal scan.
If that is in fact the case, I find it strange that McAfee recommended using Spybot since it appears in the Virus Profile: New Malware.u (http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=136317) article that they are looking for sample files to analyze so that they can create actual signature based detections for the Malware.u Trojan. Included that article are instructions on how to summit files for analysis:


Virus Characteristics
This detection contains generic detection for new Swizzor variants. Please send files with this detection to Virus_Research@AVERTlabs.com (mailto:Virus_Research@AVERTlabs.com), and review the Swizzor (http://vil.nai.com/vil/content/v_136491.htm) description for more information on the behavior of this family of trojans.

Removal Instructions
This detection is an indication that the file is identified heuristically and it is requested that a sample of the file is sent to McAfee AVERT for analysis.
Refer to the online instructions (http://vil.nai.com/vil/submit-sample.asp) for sending samples.