Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: Dig in: autorooter, maybe that IRC one but SAV doesnt pick it up.
.

  • To: Drew Weaver <[EMAIL PROTECTED]>
  • Subject: Re: Dig in: autorooter, maybe that IRC one but SAV doesnt pick it up.
  • From: Christine Kronberg <[EMAIL PROTECTED]>
  • Date: Wed, 6 Aug 2003 18:06:55 +0200 (CEST)
  • Cc: <[EMAIL PROTECTED]>
  • In-reply-to: <[EMAIL PROTECTED]>
.
 
On Tue, 5 Aug 2003, Drew Weaver wrote:

> Dig in.
>
> http://www.soul-fu.com/drew.zip
>
> I found this on a Windows 2k SP4 machine without (without) the two most
> recent and critically nessicary patches.

  Nav finds a worm called W32/Lolol.worm.gen in juh.exe and dcomx.exe.
  It fits to what I saw when let the files run within a vmware.
  I'm not sure about the files in the cba directory. According to what
  I found with google there seems to be a link to NAV CE (at least to
  some antivirus software). Are you sure that they have not been there
  earlier?
  (I'm not a windows expert: what are *.lrc files? )

  Cheers,


                                                               Chris.

-- 
GeNUA mbH



---------------------------------------------------------------------------
----------------------------------------------------------------------------
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.