Full Disclosure mailing list archives

Re: http://209.50.251.182/new-exploit5/

From: Duncan Hill <dhill+fulldisc () cricalix net>
Date: Fri, 9 Jul 2004 08:18:25 +0100

On Friday 09 July 2004 00:10, KF might have typed:

While on vacation I ran across this on a random PC that I was using. I
looks like your typical adware exploitation.

http://209.50.251.182/new-exploit5/


Scan started at Fri Jul  9 08:17:18 2004

EXPLOIT.CHM: Infected: TrojanDownloader.VBS.Psyme.y 
EXPLOIT.CHM: Infected: TrojanDownloader.VBS.Psyme.y 
EXPLOIT.CHM-ORIG: Infected: TrojanDownloader.VBS.Psyme.p 
EXPLOIT.CHM-ORIG: Infected: TrojanDownloader.VBS.Psyme.p 
exploit.exe: Infected: TrojanDropper.Win32.Small.gj
exploit.htm: Infected: HTML/Redir@exp
exploit.htm: Infected: Exploit.HTML.Mht 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

http://209.50.251.182/new-exploit5/ KF (Jul 08)
- Re: http://209.50.251.182/new-exploit5/ Duncan Hill (Jul 09)
- <Possible follow-ups>
- Re: http://209.50.251.182/new-exploit5/ Julio Canto (Jul 09)
  - RE: http://209.50.251.182/new-exploit5/ Jelmer (Jul 09)