Renegade Public Forums
C&C: Renegade --> Dying since 2003™, resurrected in 2024!
Home » Archived Forums » RenGuard Client » Renguard not connecting; Worm threat occurs simultaneously
Re: Renguard not connecting; Worm threat occurs simultaneously [message #221715 is a reply to message #221590] Sat, 23 September 2006 18:57 Go to previous messageGo to previous message
light is currently offline  light
Messages: 988
Registered: January 2005
Karma:
Colonel
Yes, I believe it's a false positive.

Quote:

W32/Surila-B is a network worm which may try to send a link to itself or W32/MyDoom-W to ICQ contacts.

W32/Surila-B places the main component of itself as dx32cxlp.exe to the Windows system folder and the All Users' startup folder, and as systemst.exe to the Windows system folder. The worm also drops other components of itself to iexpl1orer.exe and SVKP.sys in the Windows system folder.

W32/Surila-B creates the following registry entry:

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
iestart = <path to iexp1orer.exe>

Additionally W32/Surila-B creates a service named SVKP which causes the file SVKP.sys to be executed when the service starts, for example at system startup.

http://www.sophos.com/virusinfo/analyses/w32surilab.html

Renguard uses SVKP.sys for protection against is being decompiled by cheater (IIRC). SVKP.sys is not a danger to your system.

http://www.azupload.com/displayImage.php/setid2745.png

Report message to a moderator

[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Help Please....
Next Topic: RenGuard with LAN
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sun Nov 24 15:54:15 MST 2024

Total time taken to generate the page: 0.00845 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 420.69.
Copyright ©2001-2023 FUDforum Bulletin Board Software