Web Design Forums

zaknbou · 13-04-2007, 13:36

when i try to open my website anti virus captured this trojan (anicmoo.b)trying to install itself

it is in my webspace ....please guys i am newbie it took me mounth to do my website and now it ruined nobody will check a webiste with a trojan trying to install itself ... i need help...how could solve this problem .
thanks in advance

Trojan.Anicmoo.B is a downloader Trojan that exploits the Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability (as described in the Microsoft Security Bulletin MS05-002). The Trojan exists as a malformed animated cursor (.ani). The Trojan downloads a copy of SecurityRisk.Downldr

RoiPerez · 13-04-2007, 14:20

Maybe get your host to erase all of your webspace? OR to atleast remove the trojan?

zaknbou · 14-04-2007, 12:58

is there another way ?

b v · 14-04-2007, 13:32

delete all .ani files? why the fuck would you want an animated cursor anyway

zaknbou · 15-04-2007, 11:03

even that i am newbie i still have a common sense ...the first things i do is i searched for the .ani extension but i didn't find any on my webspace that is the big surprise ......could northon make a mistake ? maybe there is no virus !! cause no .ani file ...any comment

Dusteh · 15-04-2007, 12:27

you host should have some form of antivirus running so that this shouldn't happen in the first place. Tell them to wipe the server so you can reinstall the site, better yet, get a new host.

pgo · 15-04-2007, 13:12

Have you contacted your host about this? If not, that's the first thing you should do.

zaknbou · 16-04-2007, 11:23

thanks guys for your replies ,
i already contacted my host but he assured me that there no such viruses on his server , could anti virus symantec is being paranoid ? could he be mistaken by the code ?

13-04-2007, 13:36	#1 (permalink)
zaknbou Registered User Join Date: Feb 2007 Posts: 8	a trojan in my webspace when i try to open my website anti virus captured this trojan (anicmoo.b)trying to install itself it is in my webspace ....please guys i am newbie it took me mounth to do my website and now it ruined nobody will check a webiste with a trojan trying to install itself ... i need help...how could solve this problem . thanks in advance Trojan.Anicmoo.B is a downloader Trojan that exploits the Windows User32.DLL ANI File Header Handling Stack-Based Buffer Overflow Vulnerability (as described in the Microsoft Security Bulletin MS05-002). The Trojan exists as a malformed animated cursor (.ani). The Trojan downloads a copy of SecurityRisk.Downldr

15-04-2007, 12:27	#6 (permalink)
Dusteh Sir digby chicken caesar Join Date: Sep 2004 Posts: 5,413	you host should have some form of antivirus running so that this shouldn't happen in the first place. Tell them to wipe the server so you can reinstall the site, better yet, get a new host. __________________ unconsolidated isoparms

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

13-04-2007, 14:20	#2 (permalink)
RoiPerez Would you like a waffle? Join Date: Mar 2007 Location: London Posts: 49	Maybe get your host to erase all of your webspace? OR to atleast remove the trojan?

14-04-2007, 12:58	#3 (permalink)
zaknbou Registered User Join Date: Feb 2007 Posts: 8	is there another way ?

14-04-2007, 13:32	#4 (permalink)
b v Senior Member Join Date: May 2006 Posts: 462	delete all .ani files? why the fuck would you want an animated cursor anyway

15-04-2007, 11:03	#5 (permalink)
zaknbou Registered User Join Date: Feb 2007 Posts: 8	even that i am newbie i still have a common sense ...the first things i do is i searched for the .ani extension but i didn't find any on my webspace that is the big surprise ......could northon make a mistake ? maybe there is no virus !! cause no .ani file ...any comment

15-04-2007, 13:12	#7 (permalink)
pgo Senior Member Join Date: Jan 2005 Posts: 12,340	Have you contacted your host about this? If not, that's the first thing you should do.

16-04-2007, 11:23	#8 (permalink)
zaknbou Registered User Join Date: Feb 2007 Posts: 8	thanks guys for your replies , i already contacted my host but he assured me that there no such viruses on his server , could anti virus symantec is being paranoid ? could he be mistaken by the code ?

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)