Yesterday evening (late), my firewall: [ Trend Micro Internet Security ] released a warning, that it found a virus or a spyware action. It made a protocoll:
Protokoll-Liste:
“Zeit”,“Art der Virensuche”,“Quelltyp”,“Virenname”,“Infizierte Datei”,“Erste Aktion”,“Zweite Aktion”
“02:07”,“Echtzeitsuche”,“Datei”,“SPYW_NETVZRVW.B”,“C:\WINDOWS\unvise32.exe”,“Zugriff verweigern”,""
“02:07”,“Echtzeitsuche”,“Datei”,“SPYW_NETVZRVW.B”,“C:\WINDOWS\unvise32.exe”,“Zugriff verweigern”,""
“02:20”,“Manuelle Suche”,“Datei”,“SPYW_NETVZRVW.B”,“C:\WINDOWS\unvise32.exe”,“Übergehen”,""
“03:20”,“Echtzeitsuche”,“Datei”,“SPYW_NETVZRVW.B”,“C:\System Volume Information_restore{EBAF0395-8946-41D0-955C-54ABA2911AAB}\RP275\A0079708.exe”,“Zugriff verweigern”,""“03:23”,“Echtzeitsuche”,“Datei”,“SPYW_NETVZRVW.B”,“C:\System Volume Information_restore{EBAF0395-8946-41D0-955C-54ABA2911AAB}\RP275\A0079708.exe”,“Zugriff verweigern”,""
(übergehen=pass over, overlook, ignore
Datei=file
Manuelle Suche=manual search
Echtzeitsuche= Real Time Search
Zugriff verweigern= deny access)
Actually it didn’t know what kind of attack it was and called it: SPYW_NETVZRVW.B.
I put the unvise32.exe under quarantine first and looked it up. It is actually called unvise32qt.exe and I looked up its properties: Installer VISE uninstall application file; Copyright © MindVision Software 1995-99;
The file is in the windows main directory. C:\windows\unvise32qt.exe.
Since it is under quarantine now it can’t harm says my Firewall…
What is that?
Do you have that file as well in your windows directory?
Spybot found nothing btw nor Ad-Aware…
And what is this A0079708.exe ? :rolleyes:
PS: “Zeit”,“Art der Virensuche”,“Quelltyp”,“Virenname”,“Infizierte Datei”,“Erste Aktion”,“Zweite Aktion”= Time, way of virus search, source typ, virus name, infected file, first action, second action.
SPYW_NETVZRVW.B could be= Spyware_Networkvirus.B