|
-
August 20th, 2003, 11:26 PM
#1
Junior Member
veijgbh.exe
my anti-virus picked up a file by the name of "veijgbh.exe" and is saying it is a virus. I looked at the file its self and searched google and mcafee for it but came up with nothing, My system is not having any problems so i am not sure if this is a virus and I don't want to delete it if it might be harmful so could someone check this out asap for me thanks.
SLACKERS OF THE WORLD UNITE....TOMMOROW!
-
August 20th, 2003, 11:31 PM
#2
Member
I can't find it anywhere, though that doesn't mean a lot. Anyone could've changed the name, without much difficulty. I'd recommend deleting the file. Make sure that it's an exe file, and not a dll that's been renamed, or something. Stick it in your trash, and just don't empty it until you're sure that it will have no adverse affect. Once you've determined that, go ahead and trash it.
Good luck
Corn
-
August 21st, 2003, 08:09 AM
#3
Wasn't that the 'BugBear' virus ? Is that the one that created weird file names at random ?
-
August 21st, 2003, 08:49 AM
#4
Just a point but gbh (Grevious Bodily Harm)
-
August 21st, 2003, 08:49 AM
#5
The bug bear virus i believe you are referring to was/is a hoax and not an actual virus so no.
PeacE
-BoB
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
-
August 21st, 2003, 08:59 AM
#6
Bug Bear was not a hoax. It was real.
The hoax was that jmdbgr.exe virus as seen on my hoax page
That file is a windows system file and has a teddy bear icon.
http://itdepartment.0catch.com
Warning : This page will hit you with popups as its on a free host.
-
August 21st, 2003, 09:18 AM
#7
mark_boyle2002 I know you said it, but it BEARS repeating:
fl34bit3;
The bug bear virus i believe you are referring to was/is a hoax and not an actual virus so no.
so I guess we can disregurard
PE_BUGBEAR.B
and
WORM_BUGBEAR.A
and
W32.Bugbear@mm
and
W32.Bugbear.B@mm
and
W32.Bugbear.B.Dam
and
Win32/Bugbear.B@mm
and
Win32/Bugbear.A@mm
and
W32/Bugbear.B
and
W32/Bugbear
and
W32/Bugbear.b@MM
and
W32/Bugbear@MM
etc., etc. etc.,
It was all just a hoax??????????
Are you smoking the same thing as those over at SCO ????
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
-
August 21st, 2003, 11:54 AM
#8
many viruses of the last year, Klez, Bugbear, Yaha families, create a random file name for the executable.. the AV Prog should have given you a name or suspected family name of the virus.. Or You may need to update your virii definitions so as to get the name.. Some of the better AV Progs will identify by heuristics, though they may not have a name..
To check on Hoaxes.. try Here and Here .. as well many Av Companies have a Hoax page..
Cheers
All these Puns.. to much for this Koala to bear
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
August 21st, 2003, 02:20 PM
#9
Shoot sorry your right. Im mixing up my viruses again. well sort of. It was 4 in the morning when i posted it so not exactly fully awake. I was referring to the 'delete the teddybear icon' hoax not the real bugbear virus. Thanks for everyone straightening that out.
PeacE
-BoB
#!/usr/local/bin/perl -s-- -export-a-crypto-system-sig -RSA-in-3-lines-PERL
($k,$n)=@ARGV;$m=unpack(H.$w,$m.\"\\0\"x$w),$_=`echo \"16do$w 2+4Oi0$d*-^1[d2%
Sa2/d0<X+d*La1=z\\U$n%0]SX$k\"[$m*]\\EszlXx++p|dc`,s/^.|\\W//g,print pack(\'H*\'
,$_)while read(STDIN,$m,($w=2*$d-1+length($n||die\"$0 [-d] k n\\n\")&~1)/2)
-
August 21st, 2003, 08:17 PM
#10
Hi,
Have you sent a sample to your AV people?....I have had a few "false positives" in my time!
Cheers
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
