Re: Do you recognise this malware?
From: "Newell White" <NewellWhite@discussions.microsoft.com>
Replies are inline...
| I have a workstation on our LAN running Windows XP SP3.
| Symptoms:
| 1) When I attempt to run a virus scan using McAfee Enterprise AV I get a
| popup telling me the virus recognition .DAT file is corrupt.
OK, these are the signature files. Just replace them with the DAT files from the lastest
ZIP file or SuperDAT file.
Is this Enterprise v8.5i ?
| 2) When I attempt to re-install from CD I get a popup during the install
| process
| telling me the file cabsd.w1.cab is missing or corrupt. There is no
| such file on the
| CD, which installs successfully on an identical workstation.
Why are you reinstalling ?
The original message was about signatures files (*,DAT files) not the application
| 3) When (in Explorer) I
| try to copy autoruns.exe from a floppy to the C:\
| drive, I get a popup telling me the
| copy fails because of a checksum error. I
| can run autoruns from the floppy using
| Start.. Run..., and can see nothing
| suspicious.
| 4) When I run RootKitRevealer in a
| similar manner, it shows nothing.
| 5) Running the September MS Malicious Software
| Removal tool from their
| website shows nothing.
| I am reluctant to flatten and rebuild
| as this workstation has been
| configured to run an expensive piece of production
| machinery.
Is this PC connected to the LAN and WAN ?
If yes, then you should consider flattening the PC and NOT connecting it to the LAN if
this is "...configured to run an expensive piece of production machinery. "
Something this important should also have an image made in case of emergencies. This way
if the PC gets corrupted you would only have to restore the image and the system would be
back to normal.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp