[Full-Disclosure] found suspicious desktop.ini in startup folders

From: BillyBobKnob (billybobknob_at_hotmail.com)
Date: 08/24/04

Next message: VeNoMouS: "[Full-Disclosure] Netfilter Conntrack"

Previous message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] Re-write with security in mind all ops."
Next in thread: Nick FitzGerald: "Re: [Full-Disclosure] found suspicious desktop.ini in startup folders"
Reply: Nick FitzGerald: "Re: [Full-Disclosure] found suspicious desktop.ini in startup folders"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Full Disclosure" <full-disclosure@lists.netsys.com>
Date: Tue, 24 Aug 2004 10:55:45 -0300

Does anyone know if this file is used in an exploit since it was found in
startup folders ?

The contents of the file are:

[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787

BillyBob

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

application/octet-stream attachment: desktop.ini

Next message: VeNoMouS: "[Full-Disclosure] Netfilter Conntrack"

Previous message: Valdis.Kletnieks_at_vt.edu: "Re: [Full-Disclosure] Re-write with security in mind all ops."
Next in thread: Nick FitzGerald: "Re: [Full-Disclosure] found suspicious desktop.ini in startup folders"
Reply: Nick FitzGerald: "Re: [Full-Disclosure] found suspicious desktop.ini in startup folders"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

www.derkeiler.com > Mailing-Lists > Full-Disclosure > 2004-08