Nod32

Secure Home | Search | About

Lost Password?

Anti-Virus Software

get this group's latest topics as an RSS feed

add this group's latest topics to your My MSN content

add this group's latest topics to your My Yahoo content

add this group's latest topics to your Google content

Subject

Author

Date

Nod32

<rt66

07-23-2006

Re: Nod32

Duane Arnold

07-23-2006

Re: Nod32

David H. Lipman

07-23-2006

Re: Nod32

<rt66

07-23-2006

Re: Nod32

David H. Lipman

07-23-2006

Re: Nod32

<rt66

07-23-2006

Re: Nod32

David H. Lipman

07-23-2006

Re: Nod32

<rt66

07-23-2006

Re: Nod32

David H. Lipman

07-23-2006

Re: Nod32

<rt66

07-23-2006

Re: Nod32

David H. Lipman

07-23-2006

Posted by on July 23, 2006, 1:28 pm

If you were Registered and logged in, you could reply and use other advanced thread options

I recently had a trojan horse virus in my system32 folder. F-Prot Antivirus
detected it but would not clean it, move it, or delete it. I installed the
trial version of Nod32 and updated to the latest signature files. Nod 32
didn't even detect the trojan horse. It only indicated that there was a
file it couldn't open.

I then installed AVG Antivirus Free Edition and ran a scan. AVG detected
the trojan horse and moved it to the Virus Vault.

Maybe I'm missing something here but it looks as though AVG runs circles
around both F-Prot and Nod32. I'm far from an expert on the subject so if
anyone has relevant information, I'd appreciate it greatly.

Oh, by the way, the trojan horse was identified as winjhe32.dll

-- Mike

Posted by Duane Arnold on July 23, 2006, 2:27 pm

If you were Registered and logged in, you could reply and use other advanced thread options

>I recently had a trojan horse virus in my system32 folder. F-Prot

>Antivirus detected it but would not clean it, move it, or delete it. I

>installed the trial version of Nod32 and updated to the latest signature

>files. Nod 32 didn't even detect the trojan horse. It only indicated that

>there was a file it couldn't open.

> I then installed AVG Antivirus Free Edition and ran a scan. AVG detected

> the trojan horse and moved it to the Virus Vault.

> Maybe I'm missing something here but it looks as though AVG runs circles

> around both F-Prot and Nod32. I'm far from an expert on the subject so if

> anyone has relevant information, I'd appreciate it greatly.

> Oh, by the way, the trojan horse was identified as winjhe32.dll

NOD32 does have several options that can be enabled in scanning detection.
When I first used NOD32, it had missed some things and I ran that way for
sometime, until I changed its scanning to make it do more deeper scans.

NOD32 also has the its Deep analysis feature and that takes at least an hour
to run on my laptop. I use that feature on occasions.

Duane :)

Posted by David H. Lipman on July 23, 2006, 5:30 pm

If you were Registered and logged in, you could reply and use other advanced thread options

| I recently had a trojan horse virus in my system32 folder. F-Prot Antivirus
| detected it but would not clean it, move it, or delete it. I installed the
| trial version of Nod32 and updated to the latest signature files. Nod 32
| didn't even detect the trojan horse. It only indicated that there was a
| file it couldn't open.
|
| I then installed AVG Antivirus Free Edition and ran a scan. AVG detected
| the trojan horse and moved it to the Virus Vault.
|
| Maybe I'm missing something here but it looks as though AVG runs circles
| around both F-Prot and Nod32. I'm far from an expert on the subject so if
| anyone has relevant information, I'd appreciate it greatly.
|
| Oh, by the way, the trojan horse was identified as winjhe32.dll
|
| -- Mike
|

Yep...

You missed somethinh alright.

For example what was the fully qualified name and path to the file that was
deemed to be
infected and the name both F-Prot and AVG declared to be infected with.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Posted by on July 23, 2006, 6:33 pm

If you were Registered and logged in, you could reply and use other advanced thread options

c:\windows\system32\winjhe32.dll (Trojan Horse Generic. YIG.)

> | I recently had a trojan horse virus in my system32 folder. F-Prot

> Antivirus

> | detected it but would not clean it, move it, or delete it. I installed

> the

> | trial version of Nod32 and updated to the latest signature files. Nod

> 32

> | didn't even detect the trojan horse. It only indicated that there was a

> | file it couldn't open.

> |

> | I then installed AVG Antivirus Free Edition and ran a scan. AVG

> detected

> | the trojan horse and moved it to the Virus Vault.

> |

> | Maybe I'm missing something here but it looks as though AVG runs circles

> | around both F-Prot and Nod32. I'm far from an expert on the subject so

> if

> | anyone has relevant information, I'd appreciate it greatly.

> |

> | Oh, by the way, the trojan horse was identified as winjhe32.dll

> |

> | -- Mike

> |

> Yep...

> You missed somethinh alright.

> For example what was the fully qualified name and path to the file that

> was deemed to be

> infected and the name both F-Prot and AVG declared to be infected with.

> --

> Dave

> http://www.claymania.com/removal-trojan-adware.html

> http://www.ik-cs.com/got-a-virus.htm

Posted by David H. Lipman on July 23, 2006, 6:51 pm

If you were Registered and logged in, you could reply and use other advanced thread options

| c:\windows\system32\winjhe32.dll (Trojan Horse Generic. YIG.)
|

You are saying that BOTH F-Prot and AVG called "winjhe32.dll" a generic Trojan ?

I am wondering if this is really a heuristic detection or a adware Trojan.

It is also possible that the reason it could not easily be removed becuase it is
being used
by the Winlogon Notify function.

Is the following in the Registry ? ( NOTE: it may have already been removed )
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
NT\CurrentVersion\Winlogon\Notify\winjhe32

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

Similar Threads	Posted
NOD32, how to disable NOD32 Signature in Email?	September 30, 2005, 3:37 am
nav vs nod32	July 2, 2005, 11:36 pm
NOD32 AV	December 31, 2005, 5:27 am
help for NOD32.	January 18, 2006, 10:32 am
NOD32	February 17, 2006, 8:03 am
why I'm going with nod32...	June 22, 2006, 8:10 pm
NOD32 Needs Help?	December 11, 2006, 6:40 pm
Re: NOD32 Needs Help?	December 11, 2006, 9:14 pm
nod32	January 11, 2007, 12:23 pm
NOD32	January 16, 2007, 9:45 am

The site map in XML format XML site map