Author Topic: Virus infos  (Read 2828 times)

0 Members and 1 Guest are viewing this topic.

Offline gtaillandier

  • Full Member
  • ***
  • Posts: 167
  • I'm a llama!
Virus infos
« on: December 02, 2003, 09:27:49 PM »
I've launched ashquick *MEMORY and I've got 3 alerts.

Virus name Win32:RPCexploit[Trj]
File name Process 676, memory block 0x00080000 block size 266240
VPS version 0311-2, 02.12.2003

Same virus name
Process 728, block 0x01960000    block size 1048576

and the last one

Same virus name
Process 728, block 0x01A60000   block size 1048576.


I've shut down down my computer, and at startup no more virus ( no action has been done at alert pop ups ).

Can I have precisions on this virus ( not too technical, because I'm French, and my english is not very good ).

Sincerely.

Offline Vlk

  • Avast CEO
  • Serious Graphoman
  • *
  • Posts: 11664
  • Please don't send me IM's. Email only. Thx.
    • ALWIL Software
Re:Virus infos
« Reply #1 on: December 02, 2003, 10:15:52 PM »
It might have been a false positive but it would be better if you knew which processes in was found in, exactly (I mean their names) - e.g. using the Windows Task Manager (you can have Task Manager show the PIDs of the individual processes).

Vlk
If at first you don't succeed, then skydiving's not for you.

Offline gtaillandier

  • Full Member
  • ***
  • Posts: 167
  • I'm a llama!
Re:Virus infos
« Reply #2 on: December 03, 2003, 06:49:05 PM »
I've used a program call Pview3 to see the PID of the program that can contain viruses

1) c:\windows\system32\svchost.exe

2) c:\program files\sygate\SPF\smc.exe

The alerts don't appear at system startup.