|
|
#1
August 19th, 2008, 10:25 PM
|
|||
|
|||
nvsvc32.exe
Hi There,
A pc on my network has been sending traffic to an ip 89.39.110.250 from incrementing soure ports starting around 1212 and trying 3 times on each port to send to dest port 443. I ran an eset sysinspector log and it suggests that the file nvsvc32.exe is dangerous because it has no versioning information. To add to this the computer it was on did not have a nvidia video card in it, it was a intel based notebook. So i submitted the file to virustotal.com and 24/35 scanners suggest that it is a trojan. My problem is that nod32 was running on this system and it did not pick the virus up. I have submitted it to eset via the nod shell intergrated submission tool, when do you think that this will be added to the defs. Thanks Will |
|
#2
August 19th, 2008, 11:14 PM
|
||||
|
||||
|
Re: nvsvc32.exe
Quote:
|
|
#3
August 20th, 2008, 01:43 AM
|
|||
|
|||
|
Re: nvsvc32.exe
Quote:
Please compress the suspicious files with WinRAR or another common packer, protect the archive with the password "infected" and send it to samples[at]eset.com with as much information about the files as possible (e.g. the url you downloaded it from before you ran it, a link to your post dealing with that threat at Wilders's, etc.). Also enclose a log from ESET SysInspector. |
|
#4
August 20th, 2008, 04:11 AM
|
|||
|
|||
|
Re: nvsvc32.exe
Sorry Marcos,
I have done away with the little critter, not the kind of thing that i wanted hanging around. I hope that you can find it in amongst the submissions from the nod32 shell intergration Regards Will |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
