Re: NetDevil - ADVAPI

From: Ian Kenefick (ian_kenefick_at_eircom.net)
Date: 01/22/05

• Next message: David H. Lipman: "Re: NetDevil - ADVAPI"
• Previous message: Ian Kenefick: "Re: XP Pro--"My Computer" Dialog Not Well"
• In reply to: bclay: "Re: NetDevil - ADVAPI"
• Next in thread: bclay: "Re: NetDevil - ADVAPI"
• Reply: bclay: "Re: NetDevil - ADVAPI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 22 Jan 2005 00:15:17 +0000

On Fri, 21 Jan 2005 15:53:03 -0800, "bclay"
<bclay@discussions.microsoft.com> wrote:

>Every reference with a Google search for ADVAPI came up with the Netdevil
>virus. A subsequent Technet search found one hit - apparently ADVAPI is a
>Kerberos component in AD.
>
>The massive logon attempts, still disconcerting.

The massive login attempts are explained by the fact that netdevil is
a RAT - Remote Access Trojan. Can you capture a sample and send for
analysis to your AV vendor? If you can, do this! - and for an instant
analysis send it to scan[at]virustotal.com with subjectline 'SCAN'
without the inverted commas (replace [at] with @).

Post back with results!

Regards,
Ian Kenefick
http://www.IK-CS.com

---

• Next message: David H. Lipman: "Re: NetDevil - ADVAPI"
• Previous message: Ian Kenefick: "Re: XP Pro--"My Computer" Dialog Not Well"
• In reply to: bclay: "Re: NetDevil - ADVAPI"
• Next in thread: bclay: "Re: NetDevil - ADVAPI"
• Reply: bclay: "Re: NetDevil - ADVAPI"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)