w32/Netsky.b@MM

[Gerard Verhoef]

My McAfee virusscanner popped a virusscan alert about w32/netsky.b@MM.

Said it was an on access scan message. Said it deleted the virus in my

C:\documents and setting\Gerard\Local Settings\Temp\WFV35.tmp file.

At that moment I was simply writing an e-mail with outlook 2003.

I am wondering when and how this virus got into this file and why mcafee
detected it now. It looks like it must have been sitting in my
computeralready, because at that moment i wasn't downloading anything afaik.
I scanned the complete HD only a week ago, and the dat files are always up
to date.

Gerard

 

[kurt wismer]

My McAfee virusscanner popped a virusscan alert about w32/netsky.b@MM.

Said it was an on access scan message. Said it deleted the virus in my

C:\documents and setting\Gerard\Local Settings\Temp\WFV35.tmp file.

At that moment I was simply writing an e-mail with outlook 2003.

I am wondering when and how this virus got into this file and why mcafee
detected it now. It looks like it must have been sitting in my
computeralready, because at that moment i wasn't downloading anything afaik.
I scanned the complete HD only a week ago, and the dat files are always up
to date.

my first guess is this - your email client needed to create a temp file
in the temp file directory and in the process of checking for a random
filename that didn't yet exist in that directory yet hit upon that
particular filename and the ensuing on access scan revealed the
presence of netsky...

how it got into that file could have been a similar story, your email
client may have put it their when you read an netsky bearing email...

why your scanner didn't pick it up previously? possibly it was disabled
or the detection is a result of a signature update *after* the file was
placed there...