[Dshield] Odd things occuring on TCP 135.
micheal at tsgincorporated.com
Wed Oct 1 01:00:00 GMT 2003
----- Original Message -----
From: "Doug White" <doug at clickdoug.com>
To: "General DShield Discussion List" <list at dshield.org>
Sent: Tuesday, September 30, 2003 10:16 AM
Subject: Re: [Dshield] Odd things occuring on TCP 135.
> Have you tried submitting the program to one of the anti-virus vendors?
I've also recieved a couple of different replies:
Symantec id's this as a variant of HackTool. I was informed that they've
added detection to their beta sigs for it.
F-Secure id's it as a variant of Agobot and they're showing that it is
detected as Backdoor.Agobot.3.h with their current updates.
Sophos has yet to respond to my report.
I can verify that Norton does indeed detect it with the beta dif's. I can't
confirm via F-Secure as I can't install it because the install stalls when
connecting to their server from within the installer. I can't even install
their demo from home for the same reason.
Cancer Care Network
More information about the list