Dan
Tue Aug 19 04:46:47 CDT 2008
Exactly, Maurice, it is important to let NOD32 put the tagged files in
quarantine and then the tagged files need to be fully analyzed for a threat
or to see if the issue was a false positive on NOD32's part. There are too
many false positives in the industry these days.
"Maurice N ~ MVP" wrote:
> P.S.
> ref
http://research.sunbelt-software.com/threatdisplay.aspx?name=Trojan.Win32.Agent.oh&threatid=44209
> "Trojan.Win32.Agent.oh is a trojan downloader that contacts remote servers to download and install additional malware."
> "Trojan.Win32.Agent.oh infects Windows files winlogon.exe and iexplore.exe. It modifies the registry and may lower system security."
> "File Traces
> 1303.exe
> arm32.dll
> c:\documents and settings\all users\documents\settings\2006.dll
> C:\Documents and Settings\All Users\Documents\Settings\ur32mega.dll
> ver2.exe
> veter15.exe
> veter16.exe
> "
> Let me suggest you have NOD32 put the tagged files in quarantine, at least.
>
> --
> Maurice Naggar
> MS-MVP
> -----
>
> "IgNiTE" <IgNiTE@discussions.microsoft.com> wrote in message news:129C0B08-1BEB-4736-B4DE-CD8769B3268B@microsoft.com...
> > Hey,
> > I was just running a AV scan thru my ESET's NOD32. I just got a new update
> > from online with more signatures and stuff. So I wanted to do the scan see if
> > something pops up. I do this scans about every 2 or 3 days. I did have Vundo
> > trojan before like a 3 to 4 weeks ago. Thanks to Microsoft MVPS, Fourms like
> > this & Aumha Fourms that problem was taken care of.
> > Here is the Error popped just few min. ago.
> >
> > Threat :- Win32/Agent.OBH Trojan.
> > Anyone know what that means or what type of trojan are we talking about here.
> >
> > Thanks for your input.
>