Virus in 1386 files in WindowsXP

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Just used Norton to scan for virii and it found a malicious virus in the 1386
..cab files in windowsXP - how do I go about telling Microsoft of this virus -
all I got through their helpline was a request to pay £35 (+ VAT) before I
could go further to contact them.

Any help on this matter would really be appreciated - Thank You
 
From: "RoadRunnerUK" <[email protected]>

| Just used Norton to scan for virii and it found a malicious virus in the 1386
| .cab files in windowsXP - how do I go about telling Microsoft of this virus -
| all I got through their helpline was a request to pay £35 (+ VAT) before I
| could go further to contact them.
|
| Any help on this matter would really be appreciated - Thank You

There are anti virus News Groups specifically for this type of discussion.

microsoft.public.security.virus
alt.comp.virus
alt.comp.anti-virus


You di did NOT use Norton to scan for 'viri' or 'virii' becuase there is NO such
terminology.
The plural of virus is viruses. Therefore you used Norton to scan for viruses.
The wrong terminology is a common Internet mistake.
http://spl.haxial.net/viruses.html
http://homepages.tesco.net/~J.deBoynePollard/FGA/plural-of-virus.html
http://linuxmafia.com/~rick/faq/plural-of-virus.html

You stated "...it found a malicious virus in the 1386....cab files"

Do you REALLY mean a CAB (or multiple CAB) file in the folder; i386 (i.e; c:\i886 or
c:\windows\i386) ?

If so what CAB file and what file inside the CAB file ?

This sounds like a False Positive because malware will NOT insert a file inside a Windows XP
distributuion CAB file.
Malware *may* place a malicious CAB file in the ..\i386 WinXP distribution folder.

You also failed to indentify what the file was identified with.

We need to know what the CAB file name and date is, what the Norton indentification of the
malware WAS and the TRUE location of the suspect CAB file to take the next step.

All this needs to be supplied in your reply.
 
Hi here Dave - thank you for the reply - sorry about wrong terminology, but
after running around for the best part of an hour on the Microdoft website
was getting rather frustrated.

All I can tell you is that the infected file was in the i386 folder and was
a "hidden" file - norton gave the option to delete it only - did not offer to
quarantine it nor did it give any other information on the file in question.
After much deliberation I took teh chance and got norton to delete it - but
thought it best to notify Microsoft - but could not find a way to do that -
hence asking for help on here.
 
From: "RoadRunnerUK" <[email protected]>

| Hi here Dave - thank you for the reply - sorry about wrong terminology, but
| after running around for the best part of an hour on the Microdoft website
| was getting rather frustrated.
|
| All I can tell you is that the infected file was in the i386 folder and was
| a "hidden" file - norton gave the option to delete it only - did not offer to
| quarantine it nor did it give any other information on the file in question.
| After much deliberation I took teh chance and got norton to delete it - but
| thought it best to notify Microsoft - but could not find a way to do that -
| hence asking for help on here.


Well, now we have NOTHING to check and there is nothing that can be done. You don't have
sufficint nformation to take any action on.
We don't know what CAB file it was (fully qualified name and path), what the date of the
file was and what was it declared to be infected by.

It is my assumption that this was a False Positive declaration and you removed a file that
was used for the installation of WinXP. Chances are it will NOT be needed but if it should
be needed, an orginal copy is on the i386 folder of the WinXP Distribution and Installation
CDROM that came with your computer.

You stated you wanted to "Notfy Microsoft"
With what ? You have NO facts to notify them of anything with.
 
On Mon, 11 Sep 2006 14:51:02 -0700, RoadRunnerUK
Just used Norton to scan for virii and it found a malicious virus in the 1386
.cab files in windowsXP - how do I go about telling Microsoft of this virus
Click to expand...

Why would you want to?

First of all; Do you mean i386, or 1386?

Next: Is this i386 on the HD or CD?

If the i386 is on CD, is it a CDR, CDRW, or "aluminium" CD-ROM?

If it's an aluminium CD-ROM, is it from Microsoft, an OEM (computer
manufacturer) or counterfeit?

What type of malware was detected?


MS would love to hear about manufactured counterfeit CDs, whether they
were laced with malware or not :-)

OTOH, if it's a CDR(W) or on HD or USB, then the chances are the
malware dropped into that location, or infected existing files within
it. That's why one needs the name of the malware concerned.

True code file viruses work by finding existing code files and
infecting them, which is a very likely cause of finding infected files
within a i386 on the hard drive. MS won't want to know about that,
because it has as little to do with them as any other files being
infected, or the occurance of malware in general.


------------ ----- --- -- - - - -
Click to expand...
Drugs are usually safe. Inject? (Y/n)
 
Back
Top