Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: test this

From: Peter Bruderer <brudy () bruderer-research com>
Date: Wed, 28 Dec 2005 18:17:59 +0100
Hi there

Using a previous unknown hole in windows, an exploit was discovered
which infects a PC with spyware and trojans. The PC is infected using a
manipulated picture in the WMF format.

Only Symantec found a trojan downloader. Another AV scanners found the
downloaded code, but did not recognize the actual downloader.

(http://www.heise.de/security/news/meldung/67794 for the german
speeking)

More info:
http://www.f-secure.com/weblog/archives/archive-122005.html#00000752
http://isc.sans.org/diary.php?storyid=972

My scanners (McAfee, Kaspersky, Clam) did not find anything. 




On Wed, 2005-12-28 at 08:39 -0800, D B wrote:

could the uber geeks who do spyware check the
attachment for me ??

do not click this URL if in windows ... possible
malware

it is obtained from
http://www.cabbage-soup-diet.com/negative-calorie.html


GF has countless popups after visiting this site and
scanning with several different scanners isnt finding
the source 


-- 
  Peter Bruderer
  Bruderer Research GmbH
  
  phone +41 52 620 26 53
  www.brg.ch

  peter.bruderer () brg ch
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: