Full Disclosure mailing list archives

Re: New virus?

From: Carlos Ulver <carlos.ulver () gmail com>
Date: Wed, 2 Mar 2005 13:48:32 -0300

Can you send a copy for me? 
Maybe i can make a reverse engineering and try to help you what´s happening...


On Wed, 2 Mar 2005 16:05:06 +0000, Matthew Burling
<matthewb () accelrys com> wrote:

 
Floods the network with DCOM packets 
 
Infected files include: 
 
C:\windows\system32\dxmsrv.exe 
C:\windows\system32\winmes.exe 
 
These aren't yet detected by Symantec 1/3/2005 rev. 21 
 
Doesn't infect a fully patched Windows PC 
 
Does anyone have any ideas? 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



-- 
Carlos A. Ulver.
Home: www.debarry2.com.br/carlos
PGP: www.debarry2.com.br/carlos/contato.htm

Brasil - MG

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

New virus? Matthew Burling (Mar 02)
- Re: New virus? stephane nasdrovisky (Mar 02)
- Re: New virus? Thierry Zoller (Mar 02)
- Re: New virus? Carlos Ulver (Mar 02)