Re: [ossec-list] Re: windows malware detection

2016-03-14 Thread Santiago Bassett
your emails are very difficult to understand. Please explain better and give some more context. Thank you On Mon, Mar 14, 2016 at 8:59 PM, 林威任 wrote: > Excuse me, > (Windows Malware: Trojan Dropper. > File: C:\Users\IEUser\AppData\Local\Temp\AcroRD32.exe. Reference: >

[ossec-list] sharing memory between virtual machine

2016-03-14 Thread Zakirasafi
*Dear All* *I want to share between two virtual machine. I need C code for this. Could any one help me please?* *Thanks and Regards,* Zakira Inayat Ph.D Scholar in University of Malaya, Malaysia -- --- You received this message because you are subscribed to the Google Groups "ossec-list"

Re: [ossec-list] Re: windows malware detection

2016-03-14 Thread 林威任
Excuse me, (Windows Malware: Trojan Dropper. File: C:\Users\IEUser\AppData\Local\Temp\AcroRD32.exe. Reference: 0A37D49E798F50C8F1010D5CFDE0E851 ) After I edited win_malware_rcl.txt , this code didn't appear. However,which aspect haven't I done? thank you!!! -- --- You received this message

Re: [ossec-list] Re: windows malware detection

2016-03-14 Thread Santiago Bassett
It looks like the configuration for rootcheck doesn't have the right format. I think you are inserting some extra line breaks. It should look like this: [Trojan Dropper] [all] [0A37D49E798F50C8F1010D5CFDE0E851] f:C:\Users\IEUser\AppData\Local\Temp\AcroRD32.exe;

Re: [ossec-list] Can't find resolution for these error messages

2016-03-14 Thread Ben
I have included ossec.conf of server and agent. Also the script command for active response when key word is detected in the agent log file. Thanks. 2016/03/14 17:00:41 ossec-agentlessd: INFO: ssh_integrity_check_linux: ossec@10.2.219.142: Started. 2016/03/14 17:00:45 ossec-agentlessd: INFO:

Re: [ossec-list] Re: windows malware detection

2016-03-14 Thread 林威任
Excuse me, I want to ask something. Why it don't appear ideal result after I input the code ? code: [Trojan Dropper] [all] [0A37D49E798F50C8F1010D5CFDE0E851] f:C:\Users\agent05\AppData\Local\Temp\AcroRD32.exe; r:HKEY_USERS\S-1-5-21-3463664321-2923530833-3546627382-1000\Software\Microsoft

Re: [ossec-list] Re: windows malware detection

2016-03-14 Thread 林威任
Excuse me, I want to ask something. Why it don't appear ideal result after I input the code ? code: [Trojan Dropper] [all] [0A37D49E798F50C8F1010D5CFDE0E851] f:C:UsersIEUserAppDataLocalTempAcroRD32.exe; r:HKEY_USERSS-1-5-21-3463664321-2923530833-3546627382-1000 SoftwareMicrosoftWin$

Re: [ossec-list] Re: windows malware detection

2016-03-14 Thread 林威任
Thank you very much!!! -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit

Re: [ossec-list] Re: windows malware detection

2016-03-14 Thread Santiago Bassett
Here you go (just created the github repo) https://github.com/santiago-bassett/malware-samples/blob/master/0A37D49E798F50C8F1010D5CFDE0E851.zip Password: "malware" On Sun, Mar 13, 2016 at 10:20 PM, wrote: > I really need it. > How can I get it ? for email? > > -- > >