but I forgot to attach it:
--
Christoph Gruber, Senior Security Architect
WAVE Solutions Information Technology GmbH
Nordbergstrasse 13, A - 1090 Wien, Austria
[EMAIL PROTECTED]
Office: +43 1 71730 53514, Mobile: +43 664 81 22 66 1
PGP-Fingerprint: CCFF 5D66 7073 952C 7AB3 C2DF 435A C85C 558E D42B
[EMAIL PROTECTED] schrieb am 07.06.2004 14:06:21:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Josh wrote 04.06.2004 21:11:26:
>
> > http://www.detroit-x.com/analysis.htm
> >
> > This is something we found this morning. I have packet captures
> > that I will post.
> > I have attached the infected files found with FPORT and also
> > registry entries.
> >
> > We found this rebooting machines with the LSASS.exe error similar
> > to Sasser. As of 6/4/2004 we found no virus defs to pick it up.
> >
> >
> > Joshua Perrymon
> > Sr. Network Security Consultant
>
> Hi there!
>
> There is another Registry-entry:
>
>
> Cheers!
>
> - --
> Christoph Gruber, Senior Security Architect
> WAVE Solutions Information Technology GmbH
> Nordbergstrasse 13, A - 1090 Wien, Austria
> [EMAIL PROTECTED]
> Office: +43 1 71730 53514, Mobile: +43 664 81 22 66 1
> PGP-Fingerprint: CCFF 5D66 7073 952C 7AB3 C2DF 435A C85C 558E D42B
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.0.3
>
> iQA/AwUBQMRaFkNayFxVjtQrEQKmYwCg4ufJbS1o/5/C73FUSzBQ+D77OXsAoMLD
> 82mFBEHVI5D0bGtwTIoLQx9G
> =SKaL
> -----END PGP SIGNATURE-----
reg1.reg
Description: Binary data
