Feher Tamas wrote: > ... server.exe > file is > TrojanSpy.Win32.Small.AZ (AVP)
Perhaps at the the time or shortly before you posted this close to 12 hours after the OP wrote his message, but when he wrote AVP/KAV did not detect it at all. In fact, it was the only one of what I consider the "major" scanners to not detect the .EXE when, almost exactly two hours after the OP wrote his message, I had the file scanned by 20-odd scanners that (mostly) run up-to-the-minute (well, hour) research/beta/pre-release DEF/DAT/etc files... Oh, and as for the name -- the unique names reported in that multi- scanner test were: TR/Small.AZ.1 W32/[EMAIL PROTECTED] Uploader-S TrojanSpy.Win32.Small.AZ Backdoor.Trojan [this one is a heuristic detection] Troj/Bizex-E Win32.Reign.Z There was one more generic/heuristic detection but I'm not sure I can publicly discuss it, and as it has a rather distinctive reporting style for this type of thing, I've removed that entry from the list... -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
