Re: Strange services.exe file

[Harlan Carvey <keydet89 () yahoo com>]

Nick,

As much as I hate to say it, my friend...welcome to
the world of public lists!

People are always going to respond based on the most
obvious piece of information.  One respondant to this
post gave a nice little explanation of the
services.exe file that usually ships w/ Windows
systems...he just never bothered to take into account
the path that the OP listed.

The really scary part about all this is that these
guys who are responding in this manner are, in many
cases, admins, or members of CSIRTs themselves.  ;-)

Hasta, dude,

Harlan


--- Nick FitzGerald <nick () virus-l demon co uk> wrote:
> Ansgar -59cobalt- Wiechers
> <bugtraq () planetcobalt net> wrote:
>
> > Probably the XTC worm (or a mutation of it).
>
> That is an unfounded and almost certainly worthless
> "assertion" based 
> on no more than the filename.
>
> How often does this have to be repeated??
>
>    Filenames are seldom useful _AND NEVER
> SUFFICIENT_ for diagnosing
>    what malware is present.
>
> The OP should, as already advised, send the
> suspicious file to 
> professional malware analysts if a current virus
> scanner does not 
> detect it as something already known to be bad.
>
>
> -- 
> Nick FitzGerald
> Computer Virus Consulting Ltd.
> Ph/FAX: +64 3 3529854
---------------------------------------------------------------------------
>
----------------------------------------------------------------------------
>


---------------------------------------------------------------------------
----------------------------------------------------------------------------