MSUNAG Archives

MSUNAG Archives


View:

Next Message | Previous Message
Next in Topic | Previous in Topic
Next by Same Author | Previous by Same Author
Chronologically | Most Recent First
Proportional Font | Monospaced Font

Options:

Join or Leave MSUNAG
Reply | Post New Message
Search Archives


Subject: Fake Gina Trojan
From: Chris Wolf <[log in to unmask]>
Reply-To:Chris Wolf <[log in to unmask]>
Date:Fri, 31 Oct 2003 09:54:16 -0500
Content-Type:text/plain
Parts/Attachments:
Parts/Attachments

text/plain (16 lines) 


In the past two days, Norton Anti-virus has found the Fake.Gina Trojan on
two computers in my department.  The odd thing is that it found it at boot
time, when the system loads it in response to a registry hack.  At this
point, the trojan .dll is already in the system32 folder.  It seems as
though NAV should have found it when it when it was written there and
quarantined it at that point, so we're puzzled as to how it's getting
there.  Has anyone else run into this recently?  (According to Symantec,
the trojan itself has been around for over a year.)  These computers have
Microsoft's RPC vulnerabilities patched, but did not have the more recent
patch for the Messenger Service.

--Chris
==============================================
Chris Wolf                    Computer Service Manager
Agricultural Economics        [log in to unmask]
Michigan State University     517 353-5017

Back to: Top of Message | Previous Page | Main MSUNAG Page

Permalink


LIST.MSU.EDU

CataList Email List Search Powered by the LISTSERV Email List Manager