On Tue, 5 Aug 2003, Drew Weaver wrote: > Dig in. > > http://www.soul-fu.com/drew.zip > > I found this on a Windows 2k SP4 machine without (without) the two most > recent and critically nessicary patches. Nav finds a worm called W32/Lolol.worm.gen in juh.exe and dcomx.exe. It fits to what I saw when let the files run within a vmware. I'm not sure about the files in the cba directory. According to what I found with google there seems to be a link to NAV CE (at least to some antivirus software). Are you sure that they have not been there earlier? (I'm not a windows expert: what are *.lrc files? ) Cheers, Chris. -- GeNUA mbH --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Aug 06 2003 - 16:36:53 PDT