[Discuss] virus?

[adler at stephenadler.com (Stephen Adler)]

Thanks everyone for you comments on this. As it turns out, I can't
reinstall the OS since its a laboratory equipment and I need to do my
best otherwise.

So... I ran clamscan as suggested on the two files and here's what clam
scan reports....

[root at localhost ~]# clamscan virus/
LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days!  ***
LibClamAV Warning: ***   Please update it as soon as possible.    ***
LibClamAV Warning: **************************************************
virus/Autorun.inf: Worm.Autorun-3966 FOUND
virus/rundll.exe: Worm.VB-269 FOUND

----------- SCAN SUMMARY -----------
Known viruses: 3418320
Engine version: 0.98.4
Scanned directories: 1
Scanned files: 2
Infected files: 2
Data scanned: 0.04 MB
Data read: 0.04 MB (ratio 1.00:1)
Time: 9.878 sec (0 m 9 s)


So I go off and do a google search for Worm.VB-269 and I don't really
find anything on it that tells me anything of what the worm does... I
was hoping to find like a wiki page details all known viruses, what they
do and how to eliminate them. Can anyone give me some pointers on how to
find out what Worm.VB-269 does? Thanks!


On Tue, 2014-10-28 at 12:07 +0000, Tim Lyons wrote:
> On October 28, 2014 7:18:06 AM EDT, "Edward Ned Harvey (blu)" wrote:
> "The only effective defense is to completely nuke the affected systems after infection (reinstall the OS)."
> 
> FWIW - I could not agree more wholeheartedly with Ed's statement. There is just no way to know what else was delivered in the payload. Wiping and reinstalling with a CURRENT (supported) OS version  is the only way to sleep soundly. 
> 
> Tim
> 
> 
> -- 
> Sent from my Android device with K-9 Mail. Please excuse my brevity.