trojan horse - sysmon.exe

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Trend Micro Pc-cillin Internet Security 14 has detected a trojan horse
in c:/windows/system32/sysmon.exe , but it cannot quarantine or clean
it out of my system.  Can anyone suggest how I might proceed to get
rid of it?  Many thanks in advance.

Re: trojan horse - sysmon.exe

wrote:

Quoted text here. Click to load it

The file may be legit and Trend is false alarming. Upload the file to
Jotti or Virus Total to see what other av scanners say. If most
other scanners don't alert, then send the file to Trend for
analysis so they can fix their f.p.

If the file does appear to be malware, a little Googling on the
file name will lead you to descriptions and removal instructions.

Art

Re: trojan horse - sysmon.exe


Quoted text here. Click to load it
Thanks for the suggestions.
I am unable to upload the file, either through e-mail or through the
uploader on the sites you've suggested.  
It may be a false alarm, since my system isn't exhibiting any bizarre
behavior that one might expect if infected, but the fact that my AV
software thinks otherwise is cause for concern.
Curious that I cannot attach this file to an e-mail.  I get an error
message I've never seen before, and I've sent other files in the past
without error.
Has anyone experienced anything like this before?

Re: trojan horse - sysmon.exe

wrote:

Quoted text here. Click to load it
SYSMON.EXE came with my WindowsME computer and is dated year 2000.
The file seems legitimate, but it might have been corrupted in your
machine.  Check the date and see if it was modified recently.
Pete

Re: trojan horse - sysmon.exe

Quoted text here. Click to load it

Can you send your c:/windows/system32/sysmon.exe to me:
codingforvirus@gmail.com, thanks.


Re: trojan horse - sysmon.exe

On Tue, 30 Oct 2007 06:51:53 -0700, coding.hello@gmail.com wrote:

Quoted text here. Click to load it

Michael: My email to you at codingforvirus@gmail.com bounced.  What
address should I use?  Pete

Re: trojan horse - sysmon.exe

On Tue, 30 Oct 2007 12:48:55 -0400 Paul Brady wrote:

Quoted text here. Click to load it
Did the bounce say anything about an "illegal attachment"?  That's gmail
playing nanny, I believe they reject any .exe or .zip attachment.  Make a
copy, change the extension to .txt and it should go through.
--
Ernie B.

Communication:  The art of moving an idea from one mind to another, hopefully
without distortion.

Re: trojan horse - sysmon.exe

coding.hello@gmail.com wrote:
Quoted text here. Click to load it

is there any particular reason people should entrust malware samples to you?

please don't troll for potential malware here... it encourages the
uncontrolled distribution of malware and that enables people to spread
it maliciously...

--
"it's not the right time to be sober
now the idiots have taken over
spreading like a social cancer,
is there an answer?"

Re: trojan horse - sysmon.exe

Uncontrolled distribution how? you pervert.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com , David
H. Lipman, Max M Wachtell III  aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



Quoted text here. Click to load it



Site Timeline