a botnet PRIVATELY please email: [EMAIL PROTECTED]
--
I assume you guys keep logs of who calls, and when? Or at least when the
deactivations occur on which client ip's?
Would be a nice sample set to learn malware propagation patterns from.
Desai, Ashish wrote:
To report a botnet
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
--
If you machines go through a http proxy, you can check the proxy logs
for crud.
Ashish
-Original Message-
From: Sean Zadig [mailto:[EMAIL PROTECTED]
Sent: Monday, January 08, 2007 8:36 AM
To:
Hi All,
To detect if your customers/employees are infected,
check the HTTP useragent string in your web logs and proxy logs
for the following new tokens that this thing adds to a machines existing
useragent string
AntivirXP08
3P_UVRM
3P_UASE
3P_PCPC
