Full Disclosure mailing list archives

Re: Virus on web site

From: Johannes Schneider <ichhabekeineemail () gmx net>
Date: Tue, 02 Aug 2005 22:45:55 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peter B. Harvey (Information Security) wrote:


Hi all,

This virus at the time of my posting this is only detedted by
Kasperski and I cannot find any detail on the virus. Came in the
email as given below.

URL for the virus http://www.alias-search.com/images/msits.exe
Also found was the following url also the same virus
http://www.alias-search.com/images/msitsa.exe

Kasperski detects it as  msits.exe - infected by
Backdoor.Win32.Haxdoor.dw

Anyone with info on this virus?

Peter


infos about msits.exe
http://vic.zonelabs.com/tmpl/body/CA/virusDetails.jsp?VId=39520

greatz Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFC79uDsVM05bj27BsRAsD+AKCw8sjlId7/vms16ueb2pjnjr1sSQCdEa1m
knARnXvAL085/rKpZjwHxLQ=
=5RQl
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Virus on web site Peter B. Harvey (Information Security) (Aug 01)
- REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site) J.A. Terranson (Aug 01)
- Re: Virus on web site Johannes Schneider (Aug 02)
  - Re: Virus on web site Nick FitzGerald (Aug 02)
- <Possible follow-ups>
- Re: Virus on web site Peter B. Harvey (Information Security) (Aug 02)
  - Re: Virus on web site Nick FitzGerald (Aug 02)