Security Incidents mailing list archives
RE: Strange servicepack.exe file (not service.exe) found.
From: "James C Slora Jr" <Jim.Slora () phra com>
Date: Wed, 17 Dec 2003 17:15:02 -0000
Eric Chien wrote Wednesday, December 17, 2003 10:31
--- Chip Mefford <cmefford () avwashington com> wrote:Running in the task manager on a windows 98 box on our lan. The machine was misbehaving badly yesterday[cut]I've posted the file "servicepack.exe" in zipped and tarred formats both at this url.This is a variant of RapidBlaster. See http://securityresponse.symantec.com/avcenter/venc/data/dialer .rapidblaster.html
How fun is this, though - Symantec's response today says the file contains no malicious code. So nothing ever happened on the machine that had to be rebuilt. Hmmmm. Of course the servicepack.exe file could have been a downloaded byproduct of another infection on the affected machine.
-----Original Message----- From: SecurityResponse () symantec com [mailto:SecurityResponse () symantec com] Sent: Wednesday, December 17, 2003 16:51 To: Jim.Slora () phra com Subject: [CLOSING]: Symantec Security Response Automation: Tracking #3555918 This message is an automatically generated reply. This system is designed to analyze and process virus submissions into the Symantec Security Response and cannot accept correspondence or inquiries. Please contact your Technical Support representative if more detailed information about your submission is required. Do not reply to this message. Below is a status update on your virus submission: Date: December 17, 2003 Jim Slora Dear Jim Slora, We have analyzed your submission. The following is a report of our findings for each file you have submitted: filename: README.TXT machine: AVCAutomation: result: See the developer notes filename: servicepack.exe machine: AVCAutomation: result: See the developer notes Developer notes: README.TXT does not appear to contain malicious code. servicepack.exe contains no malicious code. It is used to access a pornographic service. It is safe to delete this file. Our automated system has performed an extensive analysis on the file(s) that you have submitted and found no evidence of malicious code. If you have additional evidence to suggest that a malicious program still resides in the file that was submitted to us, please contact Symantec Technical Support for assistance. Should you have any questions about your submission, please contact your regional technical support from the Symantec website and give them the tracking number in the subject of this message. -------------------------------------------------------------- --------- This message was generated by Symantec Security Response automation. For USA: For electronic support options, Symantec provides On-Line Services at http://www.symantec.com/techsupp/ --------------------------------------------
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Strange servicepack.exe file (not service.exe) found. Chip Mefford (Dec 16)
- RE: Strange servicepack.exe file (not service.exe) found. Bojan Zdrnja (Dec 17)
- SV: Strange servicepack.exe file (not service.exe) found. Peter Kruse (Dec 17)
- Re: Strange servicepack.exe file (not service.exe) found. Eric Chien (Dec 17)
- RE: Strange servicepack.exe file (not service.exe) found. James C Slora Jr (Dec 17)
- RE: Strange servicepack.exe file (not service.exe) found. John Ives (Dec 17)
- RE: Strange servicepack.exe file (not service.exe) found. Rob Shein (Dec 18)
- RE: Strange servicepack.exe file (not service.exe) found. John Ives (Dec 18)
- RE: Strange servicepack.exe file (not service.exe) found. James C Slora Jr (Dec 17)
- RE: Strange servicepack.exe file (not service.exe) found. Harlan Carvey (Dec 17)
- RE: Strange servicepack.exe file (not service.exe) found. James C Slora Jr (Dec 17)
- RE: Strange servicepack.exe file (not service.exe) found. Harlan Carvey (Dec 18)
- RE: Strange servicepack.exe file (not service.exe) found. David Gillett (Dec 18)
- Re: Strange servicepack.exe file (not service.exe) found. Doug Foster (Dec 19)
- Re: Strange servicepack.exe file (not service.exe) found. dreamwvr () dreamwvr com (Dec 19)
- Administrivia: Dead Thread - Strange servicepack.exe file (not service.exe) found. Dan Hanson (Dec 19)