[<prev] [next>] [day] [month] [year] [list]
Message-ID: <OF7FAEA935.B7355245-ON85256DA1.00737F8F-85256DA1.00731876@unicef.org>
From: smuhammed at unicef.org (Suhail Muhammed)
Subject: [TROJAN Win32] Can't identify trojan found on Win98SE
box
OPTIX Trojan
http://www.annoyances.org/exec/forum/win2000/t1054107806
Petr Stetiar
<ynezz@...teria.sk> To: full-disclosure@...ts.netsys.com
Sent by: cc:
full-disclosure-admin@...ts. Subject: [Full-Disclosure] [TROJAN Win32] Can't identify trojan found
netsys.com on Win98SE box
09/14/2003 03:57 PM
Please respond to Petr
Stetiar
Hi ALL,
I've found one trojan horse or whatever it is on one Win98SE box today.
I tried to find some info about it on google but didn't found anything.
This file was found in C:\Windows\System directory.
There were 2 unknown files to me actualy: msi2xec16.exe and mpldfg.exe
(both same size and content, verified by MD5)
You can download this file here:
http://takjo.net/mpldfg.exe-
win.ini
----------cut--------------
run=C:\WINDOWS\SYSTEM\MSI2XEC16.EXE
----------cut--------------
The same path was found also in registry under RUN key, if someone wants
full
key I can post it later.
I'm just curious what kind of trojan it is, because I dont have motivation
to do anything on m$ powered "OS", but maybe someone...
Cheers,
Petr
--
(__)
--------------------------+------------------------------------------`
(@@) ynezz[at]hysteria[dot]sk | Customer: "I'm running WindowsXP
SP39g" |
/----\/ - * - * - * - * - * - * - | Tech: "Yes"
|
| | || irc://ynezz@...net | Customer: "My computer isn't working
now"|
* ||-|| icq: 923432434 | Tech: "Yes, you said that"
|
^^ ^^
----------------------------+------------------------------------------'
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists