Ginger.Rainbow.2337

Discussion in 'NOD32 version 2 Forum' started by sagittarius, Oct 9, 2004.

Thread Status:
Not open for further replies.
  1. sagittarius

    sagittarius Registered Member

    Joined:
    Apr 19, 2003
    Posts:
    136
    Location:
    Queensland, Australia
    One of my Nod users has just been infected with this (the site I can find mentioning it is not in English). I received the following virus warning a short while ago:
    9/10/04 6:45:06 AM - AMON - Antivirus monitor Program Virus Alert triggered on ROBERT: boot sector of disk A: infected with Ginger.Rainbow.2337 virus.
    which indicates that he has introduced it via an infected floppy disk.

    He has now contacted me by email, saying:
    "My pc tells me I have a virus "Ginger Rainbow 2337".
    When I go into NOD to fix the problem I end up with a frozen screen. I am unable to go any where in the NOD window. What is the solution?"

    does anyone know anything about this one?
     
  2. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    Hi sagittarius :)

    Some of the variations:

    # Ginger.2564-2848
    # Ginger.2691/2774
    # Ginger.Orsam.2616-2628
    # Ginger.Rainbow.2337-2501

    Here are the AV's that detect Ginger.Rainbow.2337 and variations.

    VB ~ GREP LISTINGS

    Someone else may shed light on it, but in meantime, go to any of the sites you see that list it above and see if any removal instructions, etc.

    Cheers, TAS
     
  3. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
  4. sagittarius

    sagittarius Registered Member

    Joined:
    Apr 19, 2003
    Posts:
    136
    Location:
    Queensland, Australia
    much appreciated ... never knew about this site ... will know where to head in future :)
    I haven't responded to the user yet, but will suggest running NOD32 in safe mode, which more than likely will do the trick
     
Thread Status:
Not open for further replies.