IMON - Heuristics Caught these files (.tmp file)

Discussion in 'NOD32 version 2 Forum' started by Capp, Mar 25, 2005.

Thread Status:
Not open for further replies.
  1. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    IMON caught these files while not being on a bad sight. I don't recall the url that these hit on...But I'm glad they were caught :D


    C:\DOCUME~1\User\LOCALS~1\Temp\jar_cache32597.tmp
    probably unknown NewHeur_PE virus quarantined - deleted


    -and this one-


    <Removed>/adv411/jar2.php?
    probably unknown NewHeur_PE virus quarantined - connection terminated

    Anybody seen these before?

    Removed link to possible malware - Ron
     
    Last edited by a moderator: Mar 25, 2005
  2. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    This is w32.bube.k.

    Look out... :doubt:

    Removed link to possible malware - Ron
     
    Last edited by a moderator: Mar 25, 2005
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Hi Capp,
    please send all nqi and nqf files from quarantine (program files\eset\infected) to sample@eset.com for analysis.
     
  4. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    loader1.jar

     
  5. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    OOps!!

    I didn't mean to leave the full URL in there. I copied it from my Logs.

    It wasn't a hyperlink though, but thanks for removing it.

    I'll submit the quarantine today.

    Thanks Guys!
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Given that it seems NOD32 already detects it by name, sending it for analysis is not necessary.
     
Thread Status:
Not open for further replies.