RE: [Full-disclosure] Zotob Worm Remover

From: Todd Towles (toddtowles_at_brookshires.com)
Date: 08/22/05

  • Next message: Dave Aitel: "[Full-disclosure] An old/new security list" 
    Date: Mon, 22 Aug 2005 10:01:07 -0500
To: "n3td3v" <xploitable@gmail.com>, <full-disclosure@lists.grok.org.uk>

    Diabl0 will be happy to know that it just deletes the worm and not all
    the IRC bots that the worm drops on the computer. Oh and it doesn't
    delete the cutom keyloggers or backdoors or anything for that matter.

    Diabl0 isn't using the worm for botnet control anyways. He just created
    the worm from the HOD exploit. HOD is the exploit that doesn't make the
    machine reboot.

    > -----Original Message-----
    > From: full-disclosure-bounces@lists.grok.org.uk
    > [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of n3td3v
    > Sent: Sunday, August 21, 2005 7:15 PM
    > To: full-disclosure@lists.grok.org.uk
    > Subject: Re: [Full-disclosure] Zotob Worm Remover
    >
    > On 8/21/05, Ill will <xillwillx@gmail.com> wrote:
    > > Made a Zotob Worm Remover that removes the processes/files/registry
    > > entries from variants A through G. includes MASM source code.
    >
    >
    >
    > Diabl0 won't be happy that you're trying to supress his worm.
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    > Hosted and sponsored by Secunia - http://secunia.com/
    >
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/

  • Next message: Dave Aitel: "[Full-disclosure] An old/new security list"
    • Quantcast