Full Disclosure mailing list archives
Virus, whether the scanners say so or not?
From: "Scott Phelps / Dreamwright Studios" <scottp () dreamwright com>
Date: Mon, 1 Sep 2003 09:09:01 -0400
I just got this from a co-workers computer. I've run it against 4 virus scanners I have around (after running each one's definition update) and nothing recognized it. It really looks like W32.HLLW.Moega http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.moega.html But Symantec says it should catch it, which it doesn't. It looks like the thing has been on his machine for about a month, and he's on an open cable connection (Symantec mentions a trojan in moega) so I would like to know what the payload is. It's a larger file than what Symantec has listed for moega also. Anybody seen it, or have a scanner that recognizes it? D R E A M W R I G H T S T U D I O S Dreamwright.com - Web Design, Graphic Design, & Custom Software Programming 704-548-8653 office/fax 1-866-47-MY-WEB PO Box 480188 Charlotte, NC 28269
Attachment:
wupdated.zip
Description:
Attachment:
smime.p7s
Description:
Current thread:
- Virus, whether the scanners say so or not? Scott Phelps / Dreamwright Studios (Sep 01)
- Re: Virus, whether the scanners say so or not? Bennett Todd (Sep 01)
- Re: Virus, whether the scanners say so or not? Paul Schmehl (Sep 01)
- Re: Virus, whether the scanners say so or not? misiu_ (Sep 01)
- Re: Virus, whether the scanners say so or not? gregh (Sep 01)
- Random SoBig.F Thoughts Jason Coombs (Sep 01)
- Tracking a virus by logging infected machines Richard M. Smith (Sep 01)
- Re: Tracking a virus by logging infected machines Ralf (Sep 01)
- Re: Tracking a virus by logging infected machines Marcus Graf (Sep 02)
- Re: Tracking a virus by logging infected machines morning_wood (Sep 02)
- Re: Tracking a virus by logging infected machines Joel R. Helgeson (Sep 02)
- Tracking a virus by logging infected machines Richard M. Smith (Sep 01)