Full Disclosure mailing list archives

Re: New virus?

From: stephane nasdrovisky <stephane.nasdrovisky () paradigmo com>
Date: Wed, 02 Mar 2005 17:38:10 +0100

Matthew Burling wrote:

C:\windows\system32\dxmsrv.exe
C:\windows\system32\winmes.exe

Submit your suspicious file to norman sandbox (http://sandbox.norman.no/live_4.html ), it will tell you if these arebots contacting their 0wner via some irc channel and other suspiciousactivity.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

New virus? Matthew Burling (Mar 02)
- Re: New virus? stephane nasdrovisky (Mar 02)
- Re: New virus? Thierry Zoller (Mar 02)
- Re: New virus? Carlos Ulver (Mar 02)