Full Disclosure: REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site)

From: "J.A. Terranson" <measl () mfn org>
Date: Tue, 2 Aug 2005 01:45:32 -0500 (CDT)


On Tue, 2 Aug 2005, Peter B. Harvey (Information Security) wrote:

Hi all,

This virus at the time of my posting this is only detedted by
Kasperski and I cannot find any detail on the virus. Came in the
email as given below.

URL for the virus http://www.alias-search.com/images/msits.exe
Also found was the following url also the same virus
http://www.alias-search.com/images/msitsa.exe

Kasperski detects it as  msits.exe - infected by
Backdoor.Win32.Haxdoor.dw

Anyone with info on this virus?


No, but I have some interesting info on the *domain* upon which you
found this virus:

Registration Service Provided By: Registerfly.com
Contact: support () registerflysupport com
Visit: http://www.registerfly.com

Domain name: alias-search.com

Registrant Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising () canadausmail com)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Administrative Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising () canadausmail com)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Technical Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising () canadausmail com)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Billing Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising () canadausmail com)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Status: Active

Name Servers:
   NS5.WEBSITEWELCOME.COM
   NS6.WEBSITEWELCOME.COM

Creation date: 23 Mar 2005 18:08:26
Expiration date: 23 Mar 2006 18:08:26

-- 
Yours,

J.A. Terranson
sysadmin () mfn org
0xBD4A95BF


I like the idea of belief in drug-prohibition as a religion in that it is
a strongly held belief based on grossly insufficient evidence and
bolstered by faith born of intuitions flowing from the very beliefs they
are intended to support.

don zweig, M.D.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Virus on web site Peter B. Harvey (Information Security) (Aug 01)
- REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: Virus on web site) J.A. Terranson (Aug 01)
- Re: Virus on web site Johannes Schneider (Aug 02)
  - Re: Virus on web site Nick FitzGerald (Aug 02)
- <Possible follow-ups>
- Re: Virus on web site Peter B. Harvey (Information Security) (Aug 02)
  - Re: Virus on web site Nick FitzGerald (Aug 02)