any possibility of infection?

Discussion in 'Virus Information' started by M.Miura, Mar 21, 2005.

  1. M.Miura

    M.Miura Guest

    My Win2000 server got a log supposed be Cordred, or an alike,
    it's using 'default.ida' , its query string over flow;
    default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    I have thought this therefore deleted 'default.ida' from almost every
    possible places previously, nevertheless the log record says '-200'
    status.

    Is there any possibility of infection? and if so, how to check?

    Thanks, in advance.

    M.M.
     
    M.Miura, Mar 21, 2005
    #1
    1. Advertisements

  2. From: "M.Miura" <>

    | My Win2000 server got a log supposed be Cordred, or an alike,
    | it's using 'default.ida' , its query string over flow;
    | default.ida?XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
    |
    | I have thought this therefore deleted 'default.ida' from almost every
    | possible places previously, nevertheless the log record says '-200'
    | status.
    |
    | Is there any possibility of infection? and if so, how to check?
    |
    | Thanks, in advance.
    |
    | M.M.
    |
    | ----------------------
    | System YNT
    |
    | ----------------------

    Doubtful

    For verification, try one or several of the below online scanners...

    Trend Micro - Free online virus Scan
    http://housecall.trendmicro.com/
    http://housecall.antivirus.com

    McAfee Security - FreeScan
    http://www.mcafee.com/myapps/mfs/default.asp

    Panda ActiveScan - Free online scanner
    http://www.pandasoftware.com/activescan/com/activescan_principal.htm

    Computer Associates:
    http://www3.ca.com/securityadvisor/virusinfo/scan.aspx

    DialogueScience:
    http://www.antivir.ru/english/www_av/

    F-Secure:
    http://support.f-secure.com/enu/home/ols.shtml

    BitDefender
    http://www.bitdefender.com/scan/license.php

    Freedom Online scanner
    http://www.freedom.net/viruscenter/index.html
     
    David H. Lipman, Mar 22, 2005
    #2
    1. Advertisements

  3. M.Miura

    Matt Gibson Guest

    The bigger question: Are you fully patched?

    Matt Gibson - GSEC
     
    Matt Gibson, Mar 22, 2005
    #3
  4. M.Miura

    M.Miura Guest

    I think so.
    And I have check Trandmicro site /w Drv.C,
    then they said 'OK no problem!'.
    Yet still wondering why the log says '-200' status.

    M.M.


     
    M.Miura, Mar 22, 2005
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.