Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: gtaillandier on December 02, 2003, 09:27:49 PM

Title: Virus infos
Post by: gtaillandier on December 02, 2003, 09:27:49 PM

I've launched ashquick *MEMORY and I've got 3 alerts.

Virus name Win32:RPCexploit[Trj]
File name Process 676, memory block 0x00080000 block size 266240
VPS version 0311-2, 02.12.2003

Same virus name
Process 728, block 0x01960000    block size 1048576

and the last one

Same virus name
Process 728, block 0x01A60000   block size 1048576.


I've shut down down my computer, and at startup no more virus ( no action has been done at alert pop ups ).

Can I have precisions on this virus ( not too technical, because I'm French, and my english is not very good ).

Sincerely.

Title: Re:Virus infos
Post by: Vlk on December 02, 2003, 10:15:52 PM

It might have been a false positive but it would be better if you knew which processes in was found in, exactly (I mean their names) - e.g. using the Windows Task Manager (you can have Task Manager show the PIDs of the individual processes).

Vlk

Title: Re:Virus infos
Post by: gtaillandier on December 03, 2003, 06:49:05 PM

I've used a program call Pview3 to see the PID of the program that can contain viruses

1) c:\windows\system32\svchost.exe

2) c:\program files\sygate\SPF\smc.exe

The alerts don't appear at system startup.