NewPolyWin32?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Has anyone had any experience with this? I have McAfee on one remaining
computer -- I know, I know, shame on me -- and it picked up this thing this
morning, with no hint about how to remove or quarantine it. Thing is, it
popped up while I was running a BitDefender scan for the heck of it. Could
it be a false positive?

ld
<kicking self for neglecting to remove the McMonster from this machine>



Re: NewPolyWin32?

Nurktwn wrote:

Quoted text here. Click to load it

http://forums.mcafeehelp.com//viewtopic.php?t=66018&highlight=newpolywin32

--
Falcon:
fide, sed cui vide. (L)
http://www.falklands25.com /



Re: NewPolyWin32?


| Has anyone had any experience with this? I have McAfee on one remaining
| computer -- I know, I know, shame on me -- and it picked up this thing this
| morning, with no hint about how to remove or quarantine it. Thing is, it
| popped up while I was running a BitDefender scan for the heck of it. Could
| it be a false positive?
|
| ld
| <kicking self for neglecting to remove the McMonster from this machine>
|


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal
Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the
PC.

You can choose to go to each menu item and just download the needed files or you
can
download the files and perform a scan in Normal Mode. Once you have downloaded
the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode
[F8 key
during boot] and re-run the menu again and choose which scanner you want to run
in Safe
Mode.  It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive
PDF help
file.  http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * *   Please report back your results  * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: NewPolyWin32?

Thank you so much.

I'd been away and after I got back, the first thing I did was scan the
machine and the strange thing about this is that none of the online scanners
I tried -- Bit Defender, Kaspersky or Trend -- caught the bug. Only McAfee
saw it, and only after Bit Defender was used.  I scanned again and again, no
sign of anything from anyone but McAfee.

Odd. But I shall follow your instructions.

Thanks again,
ld



Quoted text here. Click to load it



Re: NewPolyWin32?


| Thank you so much.
|
| I'd been away and after I got back, the first thing I did was scan the
| machine and the strange thing about this is that none of the online scanners
| I tried -- Bit Defender, Kaspersky or Trend -- caught the bug. Only McAfee
| saw it, and only after Bit Defender was used.  I scanned again and again, no
| sign of anything from anyone but McAfee.
|
| Odd. But I shall follow your instructions.
|
| Thanks again,
| ld
|

Chances are you are using th retail version of McAfee VirusScan and that does
NOT include
the McAfee Command Line Scanner which is used in my Multi AV Scanning Tool.

New Poly Win32 -- http://vil.nai.com/vil/content/v_99969.htm

It is a Heuristic detection for a polymorphic Win32 virus.  It could be new and
thus not
widely detected.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: NewPolyWin32?

None of the scans reported anything amiss. In fact, my own McAfee program,
on re-scan, sees nothing and does not even report an incident.

Curiouser and curiouser.

ld

Quoted text here. Click to load it



Re: NewPolyWin32?


| None of the scans reported anything amiss. In fact, my own McAfee program,
| on re-scan, sees nothing and does not even report an incident.
|
| Curiouser and curiouser.
|
| ld
|

Either it was a False Positive that was retracted with a subsequent update or
the malware
was removed when you initially got the message.  Sometimes malware is removed by
McAfee upon
a re-boot.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: NewPolyWin32?

In any case, I am most appreciative.

ld

Quoted text here. Click to load it



Site Timeline