Calgarypuck Forums - The Unofficial Calgary Flames Fan Community

Go Back   Calgarypuck Forums - The Unofficial Calgary Flames Fan Community > Main Forums > The Off Topic Forum > Tech Talk
Reload this Page IT - Virus Alert
Register Forum Rules FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Search this Thread
Old 02-19-2009, 09:40 AM   #1
mykalberta
Franchise Player
 
mykalberta's Avatar
 
Join Date: Aug 2005
Location: Calgary
Exp:
Default IT - Virus Alert
For anyone in IT, be cautious of a possible new virus.

Trend Name: IRC_MALINGSIA.B

Converts word files into read only EXE files 688KB in size.

Trend doesnt detect it as a virus until you actually double click on the Word Document.

We are still working on a patch fix/solution.
__________________
MYK - Supports Arizona to democtratically pass laws for the state of Arizona
Rudy was the only hope in 08
2011 Election: Cons 40% - Nanos 38% Ekos 34%
mykalberta is offline   Reply With Quote
The Following User Says Thank You to mykalberta For This Useful Post:
Old 02-19-2009, 12:40 PM   #2
Bobblehead
Franchise Player
 
Bobblehead's Avatar
 
Join Date: Jul 2005
Location: in your blind spot.
Exp:
Default
So is it a Word macro, or how does it broadcast?
__________________
"The problem with any ideology is that it gives the answer before you look at the evidence."
—Bill Clinton
"The greatest obstacle to discovery is not ignorance--it is the illusion of knowledge."
—Daniel J. Boorstin, historian, former Librarian of Congress
"But the Senator, while insisting he was not intoxicated, could not explain his nudity"
—WKRP in Cincinatti
Bobblehead is offline   Reply With Quote
Old 02-19-2009, 12:41 PM   #3
Superflyer
Close, but no banana.
 
Superflyer's Avatar
 
Join Date: May 2006
Exp:
Default
Do you any kind of link on more info?
Superflyer is offline   Reply With Quote
Old 02-19-2009, 01:37 PM   #4
mykalberta
Franchise Player
 
mykalberta's Avatar
 
Join Date: Aug 2005
Location: Calgary
Exp:
Default
no link, we just found it on one of our locations this morning.

It has jumped servers, it hasnt jumped ip subnet yet which is good because one hop away is where 5 file servers, 4 app servers, and 3 OCS servers lie .

Not sure what it does, except cause me who is in charge of the backup situation here alot of headache cause now I have to restore all the *.doc files on 3 servers. But I cannot restore them yet because the problem hasnt been resolved yet.

McAfee does detect the virgin file as a virus, but when you go to fix it deletes it, so it does a better job then Trend. SuperAntiSpyware Pro also doesnt find anything.

Also, I double clicked on one of the files in a XPSP3 VM. After 2 hours it has converted half of the .doc files to exe files, doesnt seem to do anything else though. Not noticing any strange processes running either.
__________________
MYK - Supports Arizona to democtratically pass laws for the state of Arizona
Rudy was the only hope in 08
2011 Election: Cons 40% - Nanos 38% Ekos 34%
Last edited by mykalberta; 02-19-2009 at 01:39 PM.
mykalberta is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -6. The time now is 05:52 AM.
Calgary Flames
2024-25



Contact Us - Calgarypuck Forums - Unofficial Calgary Flames Community - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
Copyright Calgarypuck 2021 | See Our Privacy Policy