Author: Stephen Ham
Date: 20:34:12 06/11/03
Go up one level in this thread
Dear Terry, Thanks guys for your interest in my misfortune. I've since tried several other virus scans. So far, only the McAfee program spots the bug. One other called it "Suspicious" on the first pass, but subsequently said the bug was OK. The bug is located at: C:\Program Files\Internet Explorer\mmx.exe It comes with its own icon, a blue & green globe of Earth with a Windows banner over it! Again, I'm certain it's the bug for several reasons: 1) Mcafee says it's a virus 2) The Properties box tells me it was "created" on April 20, 2003, but my system is 2-years old 3) Friends tell me that mmx.exe isn't part of Windows 98 anyway 4) After one of several reboots, I saw a new icon appear in my lower right tool bar. It was a red globe. When I right clicked it, it said Windows Proxy. Again, "Proxy" is a key word I suspect One friend told me to check its properties and then Uncheck "Read Only" and then I should be able to delete it. However, Read Only is already unchecked, but I can't delete it. Here's what McAfee says about this virus: Virus Profile Virus Information Name: AnalogX-Proxy.ldr Risk Assessment - Home Users: Low - Corporate Users: Low Date Discovered: 3/10/2003 Date Added: 4/29/2003 Origin: Unknown Length: 36,864 bytes Type: Trojan SubType: Win32 DAT Required: 4253 Virus Characteristics This detection is for an executable designed to launch a proxy application on the victim machine. This launcher is detected as a trojan by McAfee products using the specified engine/DATs. The launcher runs the proxy server application, and immediately suppresses a warning message box designed to alert the user to the proxy running in an open state. The proxy application is detected as application AnalogX-Proxy with detection of "potentially unwanted applications" enabled. Please Note: The proxy application it is designed to launch is not a virus or trojan, but an application. Its detection is of type application, for "potentially unwanted applications". As such, detection with VirusScan requires the detection of "potentially unwanted applications" to be enabled. With the command-line scanner this is achieved via the /PROGRAM switch. VirusScan 7.0 users can enable application detection via the GUI options. Indications of Infection AnalogX-Proxy application running on machine. Method of Infection This executable is designed to run the application AnalogX-Proxy - and it assumes a filename of PROXY.EXE for that executable. Removal Instructions All Users: Use specified engine and DAT files for detection and removal. Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher). Aliases Trj/AxProxy (Panda), Trojan.AOL.AnalogX (AVP), Win32.Galaxon (CA Vet) OK guys. Any ideas? Given that McAfee not ony finds it but claims to be able to remove it, McAfee seems to be the program to buy - so I'll buy it. All the best, Stephen
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.