View Full Version : Anyone else had this gem before?
Or can anyone tell me WTF?
Before you ask, I'm firewalled, no third party apps, my acct pass has NEVER been shared, and I registered for forums and everything else with an email from my ISP.
Now, WTF?
http://www.mvgc.net/ncvirus.gif
Norton sucks (I should know :(), but that looks bad.
W32.HLLW.Gemel is a worm that attempts to spread through the Grokster, Morpheus, and KaZaA file-sharing networks. This worm also spreads through ICQ and floppy disks.
Just a worm.
check here (http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.gemel.html)
Symantec report on it, just a worm.
http://www.symantec.com/avcenter/venc/data/w32.hllw.gemel.html
[edit] bloody marx :(
Yeah, it's no big deal, Nortons deleted it before it did anything -- no files created or erased or anything -- but the question is, how did I get this if not through Neocron somehow?
A similar thing happened recently.........
http://forum.neocron.com/showthread.php?s=&threadid=90689&highlight=virus
Probably has nothing to do with Neocron....
W32.HLLW.Gemel is a worm that attempts to spread through the Grokster, Morpheus, and KaZaA file-sharing networks. This worm also spreads through ICQ and floppy disks.
This threat has several versions, and all the versions are written in the Microsoft Visual Basic programming language. It may be compressed with UPX or tElock.
Also Known As: W32/Gemel.worm [McAfee]
Type: Worm
Infection Length: varies
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Macintosh, OS/2, UNIX, Linux
NOTE: The worm can spread only when Grokster, Morpheus, KaZaA, or ICQ have been installed in the system.
More info on how to detect and remove here (http://www.symantec.com/avcenter/venc/data/w32.hllw.gemel.html)
Funny though.... a virus in a .log (ascii) file...
I have no file sharing software nor ICQ installed...
How did I get this? I'm not a computer internet idiot. I have two domains registered to me, so I get piles and piles of spam and virii daily. Probably 2-4 virii per day when there's nothing big going around. And I've always caught them before they propagated -- I've NEVER actually been infected with something before. I run anti-spyware programs regularly, I don't use IE or Outlook (YAY Mozilla!)...
So where did this come from?
Well... since plain ascii files (.log and .txt) contain no executable code and thus can not contain a virus (in its executable form), it may be just bad luck. Since (most) virus check for signatures and not the actual virus itself it is, in theory, possible that an unfortunate set of characters in the .log look the same as the signature of that virus/worm.
And Norton is know to be not the most reliable scanner available.
I'd do a thorough check of your harddrive (scan ALL files). If Norton finds no other file infected, you should be safe because if you ARE infected, other infected files should turn up as well.
You can also try scanning with http://housecall.trendmicro.com/
It's a free online scanner that's very good... See what it tells ya and let us know.. ;)
/edit: ohw... and not all 3rd party programs are evil.. :D *wink* (I scan my PC and thoroughly test everything on security before releasing anything for example..)
Yeah I already did all that as I was posting, I'm clean. I suppose the logfile could have falsely triggered something, but... meh.
Powered by vBulletin® Version 4.2.3 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.