[Discuss] virus?
Stephen Adler
adler at stephenadler.com
Tue Oct 28 10:47:36 EDT 2014
Thanks everyone for you comments on this. As it turns out, I can't
reinstall the OS since its a laboratory equipment and I need to do my
best otherwise.
So... I ran clamscan as suggested on the two files and here's what clam
scan reports....
[root at localhost ~]# clamscan virus/
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
virus/Autorun.inf: Worm.Autorun-3966 FOUND
virus/rundll.exe: Worm.VB-269 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 3418320
Engine version: 0.98.4
Scanned directories: 1
Scanned files: 2
Infected files: 2
Data scanned: 0.04 MB
Data read: 0.04 MB (ratio 1.00:1)
Time: 9.878 sec (0 m 9 s)
So I go off and do a google search for Worm.VB-269 and I don't really
find anything on it that tells me anything of what the worm does... I
was hoping to find like a wiki page details all known viruses, what they
do and how to eliminate them. Can anyone give me some pointers on how to
find out what Worm.VB-269 does? Thanks!
On Tue, 2014-10-28 at 12:07 +0000, Tim Lyons wrote:
> On October 28, 2014 7:18:06 AM EDT, "Edward Ned Harvey (blu)" wrote:
> "The only effective defense is to completely nuke the affected systems after infection (reinstall the OS)."
>
> FWIW - I could not agree more wholeheartedly with Ed's statement. There is just no way to know what else was delivered in the payload. Wiping and reinstalling with a CURRENT (supported) OS version is the only way to sleep soundly.
>
> Tim
>
>
> --
> Sent from my Android device with K-9 Mail. Please excuse my brevity.
More information about the Discuss
mailing list