herme3 Posted September 27, 2005 Posted September 27, 2005 A virus seems to have downloaded itself on my computer without displaying any security warnings or anything. I use a very powerful virus scanner, and this is the first time ever anything has gotten past it. A web site automatically downloaded two files on my computer. They are located at C:/_DelItH.bat and C:/winexec.exe and they tried to automatically run on my system. My firewall seems to have stopped the program, but the files are still there. They don't seem to be doing any harm, so I will leave them there so I can analyze them. Has anyone ever heard of these files before?
Cap'n Refsmmat Posted September 27, 2005 Posted September 27, 2005 Put them into quarantine on your virus program. Then look at symantec.com and go to the virus database and do a search.
herme3 Posted September 27, 2005 Author Posted September 27, 2005 I use the Symantec AntiVirus Corporate Edition, and it won't detect the files. I even tried a full system scan. I know I have the newest update for the virus scanner. I found the winexec.exe file name at http://securityresponse.symantec.com/avcenter/venc/data/w32.falsu.a.html but none of the other files listed are on my computer. Could this be a new version of the virus?
Cap'n Refsmmat Posted September 27, 2005 Posted September 27, 2005 Report it to Symantec. I believe they'll let you do that. A web site automatically downloaded two files on my computer. That'll teach you to use IE...
H2SO4 Posted September 27, 2005 Posted September 27, 2005 Report it to Symantec. I believe they'll let you do that. That'll teach you to use IE... LOL, i hope he was using IE Now that i think of it i havent gotten any virus's in months. Not even spyware. Kinda disapointing. I love the chase. I love hunting down and killing the files. The best part is figuering out how to delete the culprit. Quite fun, other than the fact that Its hard to sleep until youve owned the virus.
Dak Posted September 27, 2005 Posted September 27, 2005 winexec could be a couple of things; _DelItH.bat, i have no idea. If you want, you could download HijackThis (scroll down to the button with the flashing green light next to it). run it, and select 'do a system scan and save a logfile'. also, if you go to http://virusscan.jotti.org/ and upload the file C:/_DelItH.bat, and then post up the HijackThis log and the results of the jotti scan, that should be enough to work out what malware you have. [edit]actually, you may aswell scan the winexec.exe file at jotti aswell, and include those scan results in your post[/edit]
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now