[Dshield] Hidden Process

Paul Marsh pmarsh at nmefdn.org
Mon Jan 22 15:56:38 GMT 2007



Morning All:

	I was able to spend some time with the system in question and
pulled a copy of the hidden file off the system.  I ran it through
Norman and VirusTotal but it came back clean.  The only tool that was
able to identify the nastie and remove (key word remove) it was
"FixWareout".

	I will be nuking the HDD.  I have a copy of the file if anyone
would like to take a look.

Thanx, Paul



The information in this transmittal (including attachments, if any) is privileged and confidential and is intended only for the recipient(s) listed above. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify me immediately by reply email and destroy all copies of the transmittal. Thank you.



More information about the list mailing list