IMON - Heuristics Caught these files (.tmp file)

Discussion in 'NOD32 version 2 Forum' started by Capp, Mar 25, 2005.

Thread Status:
Not open for further replies.
  1. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    IMON caught these files while not being on a bad sight. I don't recall the url that these hit on...But I'm glad they were caught :D


    C:\DOCUME~1\User\LOCALS~1\Temp\jar_cache32597.tmp
    probably unknown NewHeur_PE virus quarantined - deleted


    -and this one-


    <Removed>/adv411/jar2.php?
    probably unknown NewHeur_PE virus quarantined - connection terminated

    Anybody seen these before?

    Removed link to possible malware - Ron
     
    Last edited by a moderator: Mar 25, 2005
  2. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    This is w32.bube.k.

    Look out... :doubt:

    Removed link to possible malware - Ron
     
    Last edited by a moderator: Mar 25, 2005
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    Hi Capp,
    please send all nqi and nqf files from quarantine (program files\eset\infected) to sample@eset.com for analysis.
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    loader1.jar

     
  5. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    OOps!!

    I didn't mean to leave the full URL in there. I copied it from my Logs.

    It wasn't a hyperlink though, but thanks for removing it.

    I'll submit the quarantine today.

    Thanks Guys!
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    Given that it seems NOD32 already detects it by name, sending it for analysis is not necessary.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.