July 26th, 2004, 01:38 PM
Yes Panda Software also do an online scanner (Active Scan) and I use this as well as Housecall.
I would like to know what Panda called the virus it found, as I am unable to find much about windows24.exe
I am not sure about your question:
As from what I have found it appears to be more adware/spyware related, and probably not a true "virus" You do not say what environment your network is in (business, college etc) so it might be being spread by people filesharing or suchlike.
Any way to findout which machine in the network is distributing this virus?
A severe slowing down of internet connections seem to be one of the symptoms.
You might try AdAware and SpyBot S&D (links are in one of my posts above) as they would probably be more likely to identify it correctly, and we need to know that to determine the method and source/vector of the contamination.
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
July 26th, 2004, 02:32 PM
Not sure of the date on this, but 122 a day, and i thought 50 cigarettes a day was a lot.
As most computer users have noticed, the number of attempted computer attacks from viruses, worms, and Trojans has increased to a record level. According to antivirus software publisher Panda Software, the average daily number of new viruses and variants appearing for the week ending April 16 was 122 a day, a rate that has been steadily increasing over the preceding few weeks. It might be of interesting historical note that on average, more new viruses and variants are now appearing on a daily basis than appeared during an average week just two years ago! For those who still follow the old, but now quite obsolete strategy of updating their antivirus software on a weekly basis, the likelihood of becoming infected by a virus is near certainty.
July 26th, 2004, 02:52 PM
One way I find the source of the infection is by monitoring network traffic. 3Com has a Network Supervisor which should help. It is a rather large download ~30MB, requires free registration and eula, but sometimes is indespensible.
Originally posted here by Summer_breeze
Any way to findout which machine in the network is distributing this virus? [/B]
You can use this software to map your network and then monitor the traffic. It will identify the segments on your network that have increased traffic. Once you identify this location, then you have your main suspects.
There's still alot of legwork to be done (especially if you are in a large network), but it can help narrow down your search to a targeted group of machines.
Good luck and Happy Hunting.
July 26th, 2004, 06:20 PM
Yah, but i took the lame way out. Since i know that that is the file that causing problem. I summited the file to Symantec and Trendmicro for anlysis. But what jtheriot suggested is good especially when the virus is not known to any antivirus yet. It get more difficult to pin point as now it no longer goes to file.
Machine infected: win2k server, Machine that were infected in memory but no windows24.exe created in WinXP