There is this thing called CME Common Malware Enumeration and it tries to overcome the fact that everyone uses different names for viruses, trojans, worms and malware.

Which is a great idea. Does anyone know of sites other than the main CME that list different names for malware/

Currently at work we have a worm that Panda calls Trj/DownLoader.MDW and I have found it is hard to find what other security systems might label it.

But hey, evolution at work, new ones come up very fast all the time.

For geeks this is the Panda encyclopedia entry; low level threat but it is wrecking havoc!
http://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/overview.aspx?idvirus=143883&sitepanda=particulares

:eek: You're using PANDA!!!!

OMG, you poor bloke.

I don't know Panda at all, so its effectiveness isn't something I can comment on.

However we got a machine supplied with Norton AV Professional on it and it started picking up and defining viruses that a number of AV solutions didn't find, never mind fix.

I thought when i saw Norton on the machine I didn't think much of it, mistaking it for the commonly available public user version, which, I now understand is a completely diffrerent animal, my mistake.

I found the norton non professional version really slow and horrid to use, this norton wasn't that.

Yes it costs, but yes it found stuff that AVG, etc didn't.

I found norton's web site to be useful for small apps that fix particular viruses too. If you have some id on the virus , you might try there......

:eek: You're using PANDA!!!!

OMG, you poor bloke.


Well, it is a school district and decisions are made based 'upon a large number of factors'. The biggest problem from what the techs say is that it does not treat all users the same. So the protection for one does not apply to all.

"In the first place God made idiots. This was for practice. Then he made School Boards."
Mark Twain - Following the Equator; Pudd'nhead Wilson's New Calendar


the real issues are multiple, there is not enough staff to make sure all the machines are updated and that the AV is updated and run. then we have staff who bring in their personal machines all the time (laptops) and that is a mess, then we have staff using flash drives (which is how I carried the sucker for an hour and infected a machine), then we have some very bright and not so bright students and staff doing all the things that you are not supposed to do that get machines infected in the first place.

But considering the number of machines, lack of IT staff and abuse of the rules, it is amazing it works at all.

1. You can't really mean that I can't do that. (Staff)
2. This is stupid, why can't i do that? (Students)

I don't know Panda at all, so its effectiveness isn't something I can comment on.

However we got a machine supplied with Norton AV Professional on it and it started picking up and defining viruses that a number of AV solutions didn't find, never mind fix.

I thought when i saw Norton on the machine I didn't think much of it, mistaking it for the commonly available public user version, which, I now understand is a completely diffrerent animal, my mistake.

I found the norton non professional version really slow and horrid to use, this norton wasn't that.

Yes it costs, but yes it found stuff that AVG, etc didn't.

I found norton's web site to be useful for small apps that fix particular viruses too. If you have some id on the virus , you might try there......


Thanks, it is just a curiosity thing, it is a trojan from 2007 but it is raelly hard to track its prevalence because everybody calls it different things and the CME is the only place I have found that trieds to link them. Microsoft call it something like Win32IRCbot, McAfee another, Norton another, etc....

I can't install other software on the machines except as a temporary, this week we are running two bits of MS code and then hand cleaning five files.

There are a few sites where you can upload a file, and they will scan it with dozens of different anti-viruses. Uploading an infected sample should do the trick.

I know two of the names
Panda: Downloader.MDW
or Microsoft :Win32IRCbotgen!

I am just always curious.

I would rather delet eteh stuff than try to upload a smaple, that is a great idea however.

Out IT director actually infected his home network with it.

A relatively little-known, but very handy tool is ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

I am aware of that ( :) ) (MajorGeeks rocks!), they have decided again to just nuke the infected machines, I have a feeling Combofix would work. It just has some unintended potential for some users. It also gets positive hits from many scanners due to the remote procedure call.