IT-DISCUSS Archives

June 2006

IT-DISCUSS@LIST.UVM.EDU

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Mark Bowman <[log in to unmask]>
Reply To:
Technology Discussion at UVM <[log in to unmask]>
Date:
Mon, 12 Jun 2006 13:18:36 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (90 lines)
My machine says it found W32.MytobCU@mm in the C:\windows\temp directory -- 
time stamp shows this occurred during the installation of the new version 
10.1.0.401.

I managed to get 10.1.0.401 installed -- though SAV deleted it several 
other times prior (didn't realize there was an issue until caught this 
thread -- couldn't figure out where the files I'd just downloaded had gone 
to...)

SAV deleted the AV installer programs, but left MytobCU alone -- seems like 
a curious way to handle virus discovery...  More here than meets the eye?

Mark Bowman





At 09:26 AM 6/12/2006, you wrote:
>Everyone,
>
>We have two threads going, please continue using this one so we can keep
>track.  Continue to report what you are experiencing and the AV team will
>work with your information then report back to you as soon as we have
>answers.
>
>Thank you!
>
>----
>Stefanie Ploof
>CIT Client Services
>CALS Information Technology Office
>University of Vermont, Burlington
>
>On Mon, 12 Jun 2006, John Cooley wrote:
>
> > The problem is the new version of Symantec.
> >
> > I have been running the older version 10.0.2.2020. All was fine until I
> > started downloading the latest version - 10.1.0.401 Symantec immediately
> > nailed it as suspect.
> >
> > So I guess I will not have my folks download the new version until this
> > gets fixed.  Keep us posted....
> >
> > John cooley
> >
> >
> > At 08:34 AM 6/12/2006, you wrote:
> > >My home machine found a couple of files that contained Trojan.Dropper 
> -- older
> > >versions of Symantec!!
> > >
> > >I just opened my folder where I keep old versions of Symantec and yes, 
> it said
> > >they were contaminted with Trojan.Dropper again.  This was
> > >sav10_0_2_2001-unmanaged.exe and sav10_0_2_2001-managed.exe.
> > >
> > >So the question is, is there really a virus in those files or is it a 
> problem
> > >with the definition files (6/11/06 rev. 6)?
> > >
> > >On 6/12/2006 8:20 AM Larry Kost wrote the following:
> > > > In the process of updating Norton Anti-Virus a couple of folks over 
> here
> > > > have been notified that something called Trojan.Dropper was 
> detected and
> > > > cleaned by deletion.  I don't know that these are related but it did
> > > > happen twice.  One of these people said that a later scan found it
> > > > again.  I looked on line and Symantec recommends starting in Safe Mode
> > > > and doing a scan (also with System Restore turned off).  Is this the
> > > > best advice or is there something else to do?
> > > >
> > > > Larry Kost
> > >
> > >--
> > >Tim Raymond                             [log in to unmask]
> > >Manager                                 CEMS Computer Facility
> > >233 Votey                               Burlington Vt. 05405
> > >The University of Vermont               (802) 656-0508
> >

Mark Bowman
Information System Specialist
Vermont Mammography Registry
Health Promotion Research
University of Vermont
Burlington, VT
802-656-0868

ATOM RSS1 RSS2