|
Posted by Oco on January 3, 2009, 6:08 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> GJ wrote:
> >> these aren't the same as logical partitions on a single physical drive=
...
> >> the device reports 2 physical drives, one a removable drive and one a =
cd
> >> drive...
>
> > Yes, that's exactly what the mp3 player did.
>
> > Strangely I can't find this Win32/Agent.ONB virus listed anywhere in th=
e
> > usual virus description libraries so I'm not sure how dangerous it is.
>
> i'm afraid there are far too many pieces of malware out there for them
> to all have a description in an online database - and the family name
> "agent" specifically is used for so many things that it is of little
> help either... did you follow david's suggestion and submit it to
> virustotal.com? i've tried running "agent.onb" through vgrep to find
> what other scanners might call it but there were not results returned...
>
> what david said is almost certainly true, it's an autorun worm, but any
> additional capabilities it might have depends very much on getting a
> description for that specific variant...
>
> if the search for a description is fruitless you may have to assume the
> worst (ie. stealth, password stealing, etc)...
>
> another thing you *could* try, however, is to contact the company that
> makes your scanner and ask if it's a false alarm or not (you'll probably
> have to send them a copy of the file)... they should be able to clear up
> some of your other questions too...
>
> --
> "it's not the right time to be sober
> now the idiots have taken over
> spreading like a social cancer,
> is there an answer?"
Your mp3 player looks like this? http://www.unibit.com.cn/English/products_=
show.asp?id=3D323
If so, try to update firmware/iso with the tool provided in download
section. There are several models in that page. Good luck
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map