|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] New virus?
From: Carlos Ulver (carlos.ulver
gmail.com)
Date: Wed Mar 02 2005 - 10:48:32 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Can you send a copy for me?
Maybe i can make a reverse engineering and try to help you what´s happening...
On Wed, 2 Mar 2005 16:05:06 +0000, Matthew Burling
<matthewbaccelrys.com> wrote:
>
> Floods the network with DCOM packets
>
> Infected files include:
>
> C:\windows\system32\dxmsrv.exe
> C:\windows\system32\winmes.exe
>
> These aren't yet detected by Symantec 1/3/2005 rev. 21
>
> Doesn't infect a fully patched Windows PC
>
> Does anyone have any ideas?
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
--
Carlos A. Ulver.
Home: www.debarry2.com.br/carlos
PGP: www.debarry2.com.br/carlos/contato.htm
Brasil - MG
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]