[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] http://209.50.251.182/new-exploit5/

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] http://209.50.251.182/new-exploit5/
From: Julio Canto <jcanto@xxxxxxxxxxxx>
Date: Fri, 09 Jul 2004 10:31:22 +0200

While on vacation I ran across this on a random PC that I was using. I
looks like your typical adware exploitation.

http://209.50.251.182/new-exploit5/

Looks like Psyme.y (results from www.virustotal.com):

Scan results
File: EXPLOIT.CHM
Date: 07/09/2004 10:21:51
----
BitDefender     7.0/20040709    found [VBS.Trojan.Psyme.W]
ClamWin devel-20040517/20040708 found nothing
eTrustAV-Inoc   4641/20040708   found nothing
F-Prot  3.15/20040707   found nothing
Kaspersky       3.0/20040709    found [TrojanDownloader.VBS.Psyme.y]
McAfee  4375/20040709   found [VBS/Psyme]
NOD32v2 1.806/20040707  found [VBS/TrojanDownloader.Psyme.V]
Norman  5.70.10/20040708        found nothing
Panda   7.02.00/20040708        found nothing
Sybari  7.5.1314/20040709       found [TrojanDownloader.VBS.Psyme.y]
Symantec        8.0/20040708    found nothing
TrendMicro      7.000/20040709  found [CHM_Psyme.Y]


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- RE: [Full-Disclosure] http://209.50.251.182/new-exploit5/
  - From: Jelmer

Prev by Date: Re: [Full-Disclosure] Information Week: 2/3 of pros want immediate disclosure
Next by Date: [Full-Disclosure] [Fwd: A FINFlash from the Freedom to Innovate Network]
Previous by thread: Re: [Full-Disclosure] http://209.50.251.182/new-exploit5/
Next by thread: RE: [Full-Disclosure] http://209.50.251.182/new-exploit5/
Index(es):
- Date
- Thread