trojan horse - sysmon.exe

[Michael]

Trend Micro Pc-cillin Internet Security 14 has detected a trojan horse
in c:/windows/system32/sysmon.exe , but it cannot quarantine or clean
it out of my system. Can anyone suggest how I might proceed to get
rid of it? Many thanks in advance.

 

[Art]

Trend Micro Pc-cillin Internet Security 14 has detected a trojan horse
in c:/windows/system32/sysmon.exe , but it cannot quarantine or clean
it out of my system. Can anyone suggest how I might proceed to get
rid of it? Many thanks in advance.

The file may be legit and Trend is false alarming. Upload the file to
Jotti or Virus Total to see what other av scanners say. If most
other scanners don't alert, then send the file to Trend for
analysis so they can fix their f.p.

If the file does appear to be malware, a little Googling on the
file name will lead you to descriptions and removal instructions.

Art

 

[Paul Brady]

Trend Micro Pc-cillin Internet Security 14 has detected a trojan horse
in c:/windows/system32/sysmon.exe , but it cannot quarantine or clean
it out of my system. Can anyone suggest how I might proceed to get
rid of it? Many thanks in advance.

SYSMON.EXE came with my WindowsME computer and is dated year 2000.
The file seems legitimate, but it might have been corrupted in your
machine. Check the date and see if it was modified recently.
Pete

 

[coding.hello]

Trend Micro Pc-cillin Internet Security 14 has detected a trojan horse
in c:/windows/system32/sysmon.exe , but it cannot quarantine or clean
it out of my system. Can anyone suggest how I might proceed to get
rid of it? Many thanks in advance.

Can you send your c:/windows/system32/sysmon.exe to me:
(e-mail address removed), thanks.

 

[Paul Brady]

Can you send your c:/windows/system32/sysmon.exe to me:
(e-mail address removed), thanks.

Michael: My email to you at (e-mail address removed) bounced. What
address should I use? Pete

 

[Ernie B.]

Michael: My email to you at (e-mail address removed) bounced. What
address should I use? Pete

Did the bounce say anything about an "illegal attachment"? That's gmail
playing nanny, I believe they reject any .exe or .zip attachment. Make a
copy, change the extension to .txt and it should go through.

 

[kurt wismer]

Can you send your c:/windows/system32/sysmon.exe to me:
(e-mail address removed), thanks.

is there any particular reason people should entrust malware samples to you?

please don't troll for potential malware here... it encourages the
uncontrolled distribution of malware and that enables people to spread
it maliciously...

 

[pcbutts1]

Uncontrolled distribution how? you pervert.

--

Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
The list grows. Leythos the stalker http://www.leythosthestalker.com, David
H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell

 

[Michael]

The file may be legit and Trend is false alarming. Upload the file to
Jotti or Virus Total to see what other av scanners say. If most
other scanners don't alert, then send the file to Trend for
analysis so they can fix their f.p.

If the file does appear to be malware, a little Googling on the
file name will lead you to descriptions and removal instructions.

Art

Thanks for the suggestions.
I am unable to upload the file, either through e-mail or through the
uploader on the sites you've suggested.
It may be a false alarm, since my system isn't exhibiting any bizarre
behavior that one might expect if infected, but the fact that my AV
software thinks otherwise is cause for concern.
Curious that I cannot attach this file to an e-mail. I get an error
message I've never seen before, and I've sent other files in the past
without error.
Has anyone experienced anything like this before?