Full Disclosure mailing list archives
Re: http://209.50.251.182/new-exploit5/
From: Julio Canto <jcanto () hispasec com>
Date: Fri, 09 Jul 2004 10:31:22 +0200
While on vacation I ran across this on a random PC that I was using. I looks like your typical adware exploitation. http://209.50.251.182/new-exploit5/
Looks like Psyme.y (results from www.virustotal.com): Scan results File: EXPLOIT.CHM Date: 07/09/2004 10:21:51 ---- BitDefender 7.0/20040709 found [VBS.Trojan.Psyme.W] ClamWin devel-20040517/20040708 found nothing eTrustAV-Inoc 4641/20040708 found nothing F-Prot 3.15/20040707 found nothing Kaspersky 3.0/20040709 found [TrojanDownloader.VBS.Psyme.y] McAfee 4375/20040709 found [VBS/Psyme] NOD32v2 1.806/20040707 found [VBS/TrojanDownloader.Psyme.V] Norman 5.70.10/20040708 found nothing Panda 7.02.00/20040708 found nothing Sybari 7.5.1314/20040709 found [TrojanDownloader.VBS.Psyme.y] Symantec 8.0/20040708 found nothing TrendMicro 7.000/20040709 found [CHM_Psyme.Y] _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- http://209.50.251.182/new-exploit5/ KF (Jul 08)
- Re: http://209.50.251.182/new-exploit5/ Duncan Hill (Jul 09)
- <Possible follow-ups>
- Re: http://209.50.251.182/new-exploit5/ Julio Canto (Jul 09)
- RE: http://209.50.251.182/new-exploit5/ Jelmer (Jul 09)