Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
RE: [SPAM] RE: [Full-Disclosure] interesting trojan found
From: Todd Towles (toddtowlesbrookshires.com)
Date: Thu Oct 21 2004 - 08:51:25 CDT
But if it is a rootkit, does it not hide from normal AV scanning?
> -----Original Message-----
> From: full-disclosure-adminlists.netsys.com
> [mailto:full-disclosure-adminlists.netsys.com] On Behalf Of
> Hugo van der Kooij
> Sent: Wednesday, October 20, 2004 11:58 PM
> To: full-disclosurelists.netsys.com
> Subject: Re: [SPAM] RE: [Full-Disclosure] interesting trojan found
> On Wed, 20 Oct 2004, Richard Stevens wrote:
> > http://220.127.116.11/logon.zip
> F-PROT ANTIVIRUS
> Program version: 4.4.7
> Engine version: 3.14.13
> LOGON.EXE is a security risk named W32/Spybot.BCM
> ClamAV does not recognize it yet. (But it is is the queue as
> Submission number 6278.)
> I hate duplicates. Just reply to the relevant mailinglist.
> Don't meddle in the affairs of magicians,
> for they are subtle and quick to anger.
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
Full-Disclosure - We believe in it.