Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

RE: http://209.50.251.182/new-exploit5/
From: Jelmer <jkuperus () planet nl>
Date: Fri, 09 Jul 2004 11:59:01 +0200

Looks familiar :)

http://62.131.86.111/security/newone/exploit.htm


-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Julio Canto
Sent: vrijdag 9 juli 2004 10:31
To: full-disclosure () lists netsys com
Subject: Re: [Full-disclosure] http://209.50.251.182/new-exploit5/

While on vacation I ran across this on a random PC that I was using. I
looks like your typical adware exploitation.

http://209.50.251.182/new-exploit5/

Looks like Psyme.y (results from www.virustotal.com):

Scan results
 File: EXPLOIT.CHM
 Date: 07/09/2004 10:21:51
----
BitDefender     7.0/20040709    found [VBS.Trojan.Psyme.W]
ClamWin devel-20040517/20040708 found nothing
eTrustAV-Inoc   4641/20040708   found nothing
F-Prot  3.15/20040707   found nothing
Kaspersky       3.0/20040709    found [TrojanDownloader.VBS.Psyme.y]
McAfee  4375/20040709   found [VBS/Psyme]
NOD32v2 1.806/20040707  found [VBS/TrojanDownloader.Psyme.V]
Norman  5.70.10/20040708        found nothing
Panda   7.02.00/20040708        found nothing
Sybari  7.5.1314/20040709       found [TrojanDownloader.VBS.Psyme.y]
Symantec        8.0/20040708    found nothing
TrendMicro      7.000/20040709  found [CHM_Psyme.Y]


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault