AMDave
06-07-2007, 12:29 PM
Just a heads up to see if anyone else running the Marmot/The Turtle has see this virus message pop up lately?
<rec time="2007/06/06 15:14:53" user="SYSTEM" source="Virus">
<value>@HL_ReportFindRS</value>
<attr name="filename">J:\APPS\dc\TheTurtle\TheTurtle.exe</attr>
<attr name="finding">@EID_Id_trj</attr>
<attr name="virusname">Generic4.VTK</attr>
</rec>
AVG detected it and the cleaning succeeded by moving the exe into the virus vault where I deleted the file altogether.
That's the last time Marmot gets onto any of my machines. The previous version was buggy beyond belief and this version got infected.
What is puzzling me is that I couldn't locate it in the PANDA Virus Encyclopedia, the McAfee Threat Centre library, the SophosLabs Threat Analyses, the Symantec Threat Explorer. Even my Google search came back with nothing!
It looks like it could be a pervasive version of "Generic Trj" which is potentialy nasty, but since I killed the file in the vault I can't do any work on it or send it in.
I HIGHLY suspect it came out of the a zip file I downloaded from 321download and unpacked and installed. The exe that I suspect it was lodged inside didn't do what I wanted so I removed the download from my disk.
AVG did scan the zip file but failed to pick up a virus pattern and still didn't pick it up when the files were unpacked. It didn't even pick it up when the exe was run and installed. It wasn't until Marmot got infected that AVG decided to say "Halt! Who goes there" which is a little bit late once the foe has already had a guided tour, cased the joint and planted the incendiaries! Grrrr!!!!
Anyway. Watch out.
<rec time="2007/06/06 15:14:53" user="SYSTEM" source="Virus">
<value>@HL_ReportFindRS</value>
<attr name="filename">J:\APPS\dc\TheTurtle\TheTurtle.exe</attr>
<attr name="finding">@EID_Id_trj</attr>
<attr name="virusname">Generic4.VTK</attr>
</rec>
AVG detected it and the cleaning succeeded by moving the exe into the virus vault where I deleted the file altogether.
That's the last time Marmot gets onto any of my machines. The previous version was buggy beyond belief and this version got infected.
What is puzzling me is that I couldn't locate it in the PANDA Virus Encyclopedia, the McAfee Threat Centre library, the SophosLabs Threat Analyses, the Symantec Threat Explorer. Even my Google search came back with nothing!
It looks like it could be a pervasive version of "Generic Trj" which is potentialy nasty, but since I killed the file in the vault I can't do any work on it or send it in.
I HIGHLY suspect it came out of the a zip file I downloaded from 321download and unpacked and installed. The exe that I suspect it was lodged inside didn't do what I wanted so I removed the download from my disk.
AVG did scan the zip file but failed to pick up a virus pattern and still didn't pick it up when the files were unpacked. It didn't even pick it up when the exe was run and installed. It wasn't until Marmot got infected that AVG decided to say "Halt! Who goes there" which is a little bit late once the foe has already had a guided tour, cased the joint and planted the incendiaries! Grrrr!!!!
Anyway. Watch out.