Full Disclosure mailing list archives
RE: Possible New Malware....
From: "Aditya , ALD [ Aditya Lalit Deshmukh ]" <aditya.deshmukh () online gateway technolabs net>
Date: Tue, 24 Aug 2004 13:48:40 +0530
Blankdo you know that www.slimeware.com is a paranody site with no real coproation behind it, the fellow who wrote this program has a real good sence of humor -----Original Message----- From: Swearingen, Bill W [CC] [mailto:bill.p.swearingen () mail sprint com] Sent: Tuesday, August 24, 2004 01:01 AM To: ald2003 () users sourceforge net; full-disclosure-admin () lists netsys com Subject: RE: [Full-disclosure] Possible New Malware.... Sensitivity: Confidential Taking a look at RunDLL32e.txt shows the name "slimeware corp" Doing a google search I found http:// www. slimeware. com/downloads.htm In their License Agreement they state this: * This is a legally binding agreement between yourself "you" and Slimeware Corporation "Slimeware". < OTHER DETAILS SNIPPED> ------------------------------------------------------------------------------ From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Aditya , ALD [ Aditya Lalit Deshmukh ] Sent: Monday, August 23, 2004 10:04 AM To: Full-Disclosure@Lists. Netsys. Com Subject: [Full-disclosure] Possible New Malware.... Importance: High Sensitivity: Confidential Hi List, Possible new malware makes startup entries and copies itself to the windows folder this is where it was found, creates a CurruntPowerProfile reg startup key with a value of Rundll32.exe,powrprof.dll,LoadCurrentPwrScheme2.exe cant find anything else that it is doing except that it is written in VB anyone willing to have a look at it ? the files are attached as they are just ~ 40 KB -aditya ( simply ren *.txt to *.exe )
Current thread:
- Possible New Malware.... Aditya , ALD [ Aditya Lalit Deshmukh ] (Aug 23)
- RE: Possible New Malware.... Kane Lightowler (Aug 24)
- RE: Possible New Malware.... Ron DuFresne (Aug 24)
- <Possible follow-ups>
- RE: Possible New Malware.... Aditya , ALD [ Aditya Lalit Deshmukh ] (Aug 24)
- RE: Possible New Malware.... Harlan Carvey (Aug 24)
- Re: Possible New Malware.... Valdis . Kletnieks (Aug 24)
- RE: Possible New Malware.... Harlan Carvey (Aug 24)
- RE: Possible New Malware.... Kane Lightowler (Aug 24)