|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Dig in: autorooter, maybe that IRC one but SAV doesnt pick it up.
From: Christine Kronberg (Christine_Kronberg
genua.de)
Date: Wed Aug 06 2003 - 11:06:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 5 Aug 2003, Drew Weaver wrote:
> Dig in.
>
> http://www.soul-fu.com/drew.zip
>
> I found this on a Windows 2k SP4 machine without (without) the two most
> recent and critically nessicary patches.
Nav finds a worm called W32/Lolol.worm.gen in juh.exe and dcomx.exe.
It fits to what I saw when let the files run within a vmware.
I'm not sure about the files in the cba directory. According to what
I found with google there seems to be a link to NAV CE (at least to
some antivirus software). Are you sure that they have not been there
earlier?
(I'm not a windows expert: what are *.lrc files? )
Cheers,
Chris.
--
GeNUA mbH
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]