« Previous Next »

Thread: Spyware

Last post 10-28-2009 8:01 PM by lextm. 1 replies.

Average Rating Rate It (5)

RSS

Page 1 of 1 (2 items)

Sort Posts:

Shortcuts

Search | Active Posts | Unanswered Posts | View all users

  • 10-28-2009, 12:12 PM

    • hg363
    • Top 100 Contributor
    • Joined on 09-04-2007, 7:44 PM
    • Posts 54

    Spyware

    Reply Contact

    Hi to all forum members. This question was inspired by Trojan.Spambot. Here is a description of the Trojan.

     

    Trojan.SpamBot is a Trojan that sends out mass spam e-mails, consuming and congesting network resources. 

     

    This Trojan was detected on a PC on our network and an anti spy ware application informed us that the Trojan was detected in a file called 70.tmp.

     

    My question to the forum is as follows.

     

    Is there any way or method where one could open such a file 70.tmp take a snap shot of  its contents and then pipe this into Log Parser, and then get Log Parser to search another suspected remote PC to find evidence of a similar infection?

     

     

  • 10-28-2009, 8:01 PM In reply to

    • lextm
    • Top 10 Contributor
    • Joined on 10-22-2008, 4:18 AM
    • Shanghai, PRC
    • Posts 1,406

    Re: Spyware

    Reply Contact

    I don't think that's a feasible approach. Anti-virus software uses virus signatures to scan them. Simply comparing snapshots does not work for smart viruses.

    The suggestion is to use a good enough anti-virus software and keep it up-to-date.

    Lex Li
    Support Engineer at Microsoft
    ---------------------------
    This posting is provided "AS IS" with no warranties, and confers no rights.
Page 1 of 1 (2 items)
Microsoft Communities