Full Disclosure mailing list archives
Re: msblast.exe
From: Scott Fendley <scottf () uark edu>
Date: Mon, 11 Aug 2003 17:12:18 -0500 (CDT)
11/08/2003 Rev 17 and 18 of the Intelligent updator from Norton Antivirus identifies the worm as W32.Blaster.Worm. You can run the intelligent Updater out of ftp://ftp.symantec.com/public/english_us_canada/antivirus_definitions/norton_antivirus/beta The one we have been using on campus for our version 8 Corp Edition is symcbetadefsx86.exe Hope this helps some of us stay ahead of this. Scott Fendley --- Scott Fendley scottf () uark edu Systems/Security Analyst (479) 575-2022 University of Arkansas (479) 575-4753 fax On Mon, 11 Aug 2003, David Vincent wrote:
i've just got a copy of this exe. it matches the MD5 at http://isc.sans.org/diary.html?date=2003-08-11 of 5ae700c1dffb00cef492844a4db6cd69. that's the EXE's MD5, not the unpacked version or the MD5 of the ZIP i received it in. we've got NAV Corporate 8.00.0.9374 with scan engine 4.1.0.15 and definitions of 06/08/2003 rev. 4 (the most current at this time) and it is not detected. David Vincent CNA/MCSE Network Administrator www.mightyOaks.com david.vincent () mightyoaks com MIGHTY OAKS WIRELESS SOLUTIONS INC. 209-3347 Oak Street Victoria, B.C. Canada V8X 1R2 Phone: 250.386.9398 Fax: 250.386.9399 Pager: 250.380.4575 Cell: 250.884.3000 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- msblast.exe David Vincent (Aug 11)
- Re: msblast.exe Scott Fendley (Aug 11)
- RE: msblast.exe Robert Ersoni (Aug 11)
- Re: msblast.exe Cedric Raguenaud (Aug 11)
- <Possible follow-ups>
- msblast.exe Export (Aug 14)
- Re: msblast.exe _bsec_ (Aug 14)
- RE: msblast.exe Roman Dorr (Aug 14)
- RE: msblast.exe Golomb, Gary (Aug 14)