Full Disclosure mailing list archives
REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site)
From: "J.A. Terranson" <measl () mfn org>
Date: Tue, 2 Aug 2005 01:45:32 -0500 (CDT)
On Tue, 2 Aug 2005, Peter B. Harvey (Information Security) wrote:
Hi all, This virus at the time of my posting this is only detedted by Kasperski and I cannot find any detail on the virus. Came in the email as given below. URL for the virus http://www.alias-search.com/images/msits.exe Also found was the following url also the same virus http://www.alias-search.com/images/msitsa.exe Kasperski detects it as msits.exe - infected by Backdoor.Win32.Haxdoor.dw Anyone with info on this virus?
No, but I have some interesting info on the *domain* upon which you found this virus: Registration Service Provided By: Registerfly.com Contact: support () registerflysupport com Visit: http://www.registerfly.com Domain name: alias-search.com Registrant Contact: Canada/U.S.AdvertisingCenter Claudia Ganzon (advertising () canadausmail com) +1.9052977264 Fax: 209graceave Hamilton, ON L8H3X4 CA Administrative Contact: Canada/U.S.AdvertisingCenter Claudia Ganzon (advertising () canadausmail com) +1.9052977264 Fax: 209graceave Hamilton, ON L8H3X4 CA Technical Contact: Canada/U.S.AdvertisingCenter Claudia Ganzon (advertising () canadausmail com) +1.9052977264 Fax: 209graceave Hamilton, ON L8H3X4 CA Billing Contact: Canada/U.S.AdvertisingCenter Claudia Ganzon (advertising () canadausmail com) +1.9052977264 Fax: 209graceave Hamilton, ON L8H3X4 CA Status: Active Name Servers: NS5.WEBSITEWELCOME.COM NS6.WEBSITEWELCOME.COM Creation date: 23 Mar 2005 18:08:26 Expiration date: 23 Mar 2006 18:08:26 -- Yours, J.A. Terranson sysadmin () mfn org 0xBD4A95BF I like the idea of belief in drug-prohibition as a religion in that it is a strongly held belief based on grossly insufficient evidence and bolstered by faith born of intuitions flowing from the very beliefs they are intended to support. don zweig, M.D. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Virus on web site Peter B. Harvey (Information Security) (Aug 01)
- REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site) J.A. Terranson (Aug 01)
- Re: Virus on web site Johannes Schneider (Aug 02)
- Re: Virus on web site Nick FitzGerald (Aug 02)
- <Possible follow-ups>
- Re: Virus on web site Peter B. Harvey (Information Security) (Aug 02)
- Re: Virus on web site Nick FitzGerald (Aug 02)