"Dick Hazeleger" <Dick@post_it_in_the_newsgroup.com> wrote in message
news:vib0fit6966341@corp.supernews.com...
> mto wrote:
>
> >
> > "Dick Hazeleger" <Dick@post_it_in_the_newsgroup.com> wrote in message
> > news:viatctsmsk36f5@corp.supernews.com...
> > > mto wrote:
> > >
> > > >
> > > > "forte agent" <pgmeyer@gte.net> wrote in message
> > > > news:rpcaivsb22dqsl076s5iman9ies8e5etgp@4ax.com...
> > > > > What is the set of files that were loaded from a web site I was
> > > > > looking at last night while researching re-inking kits.
> > > > > the files were xevsjgb.exe and xevsjb.dll.
> > > > > My computer now tries to dial out when I start up .Zonealarm
> > > > > reports windows explorer tring to access the internet.
> > > >
> > > > Google has no clue. Try Spybot Search and Destroy and AdAware -
> > > > make sure you update both after downloading before running them.
> > > > (They are both free) When you're done make sure you run the
> > > > Immunize function in Spybot advanced mode.
> > >
> > >
> > > Hi MTO and Forte Agent,
> > >
> > > I did a bit of searching on "virus", "trojan" and "worm" in
> > > combination with "random file name" and in all categories quite a
> > > number of these critters that would match showed up, also one came
> > > up with the description "dialer" attached to it.
> > >
> > > Having said that, it seems to me that executing a system wide scan
> > > with an up-to-date AV-product (I mentioned only a few in my first
> > > reply) would be the first thing to do, to make sure that something
> > > of a virus/trojan/backdoor is lurking on the system. After that I
> > > would advise FA to run BOTH AA and SS&D. For immunizing I would
> > > advise both SD&D's immunize option AND SpywareBlaster (Which is
> > > advised to be the better one of the two, even by Patrick).
> > >
> > > Regards
> > > Dick
> >
> > In general I have found Google to be pretty efficient at hunting up a
> > specific exe or dll name - which is what I meant when I said that
> > Google had no clue. I agree that this is either a random name
> > virus/trojan/etc. or something new that just hasn't been posted about
> > anywhere yet.
>
> Errrr... *if* the file name is really _random_, then there is little to
> report. I'd love to have those two files mailed to me for analysis (and
> I think so would the AA developer's team and Patrick Kolla).
>
> Dick

Yeah - that is my point. A random file name will likely never show up in
Google. Known file names for most spyware sooner or later do.