Yes, it went to McAfee. So far they got nothing. >>> "Mike French" <mike.fre...@theequitybank.com> 8/5/2009 4:41 PM >>> Virus total's numbers aren't very comforting if that IS actually a virus...
Did you submit to McAfee? I'm curious as what they have to say. If you have support I would get in touch with them, this might be a 0-day? -----Original Message----- From: RAY ZORZ [mailto:rz...@azcorrections.gov] Sent: Wednesday, August 05, 2009 5:43 PM To: NT System Admin Issues Subject: RE: Virus? http://www.virustotal.com/analisis/d7935fdf6102f1fd869f6337c45e7d690e40a e9c31ac5d7c7f3ee3d141a14a4a-1249508892 McAfee still isn't cleaning it, but if this site is legit, and Malwarebytes is also catching the "right thing", then a lot of vendors aren't catching it either. Oy. >>> "Mike French" <mike.fre...@theequitybank.com> 8/4/2009 2:54 PM >>> Upload it to sunbelts sandbox: http://www.sunbeltsecurity.com/Submit.aspx?type=cwsandbox&cs=A41CD150B37 359889A553671CBFD2360 It might give you better insight. Also upload to Virus Total: http://www.virustotal.com/ See who else is seeing it as a virus... -----Original Message----- From: RAY ZORZ [mailto:rz...@azcorrections.gov] Sent: Tuesday, August 04, 2009 4:40 PM To: NT System Admin Issues Subject: Virus? Our McAfee is picking up a buffer overflow error on IE. The actual .exe changes, but the path is the same each time: C:\Documents and Settings\username\Application Data\upnpsvc.exe (Trojan.Agent) McAfee doesn't seem to clean it, just report it. Does this look familiar to anyone? Ray ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~