[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: [Full-disclosure] Virus on web site)

To: "Peter B. Harvey (Information Security)" <peterharvey@xxxxxxxxxxxxxxxxxxxx>
Subject: REGUSTERFLY To The White Courtesy Phone Please? (Was: Re: [Full-disclosure] Virus on web site)
From: "J.A. Terranson" <measl@xxxxxxx>
Date: Tue, 2 Aug 2005 01:45:32 -0500 (CDT)

On Tue, 2 Aug 2005, Peter B. Harvey (Information Security) wrote:

> Hi all,
>
> This virus at the time of my posting this is only detedted by
> Kasperski and I cannot find any detail on the virus. Came in the
> email as given below.
>
> URL for the virus http://www.alias-search.com/images/msits.exe
> Also found was the following url also the same virus
> http://www.alias-search.com/images/msitsa.exe
>
> Kasperski detects it as  msits.exe - infected by
> Backdoor.Win32.Haxdoor.dw
>
> Anyone with info on this virus?

No, but I have some interesting info on the *domain* upon which you
found this virus:

Registration Service Provided By: Registerfly.com
Contact: support@xxxxxxxxxxxxxxxxxxxxxx
Visit: http://www.registerfly.com

Domain name: alias-search.com

Registrant Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising@xxxxxxxxxxxxxxxx)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Administrative Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising@xxxxxxxxxxxxxxxx)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Technical Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising@xxxxxxxxxxxxxxxx)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Billing Contact:
   Canada/U.S.AdvertisingCenter
   Claudia Ganzon (advertising@xxxxxxxxxxxxxxxx)
   +1.9052977264
   Fax:
   209graceave
   Hamilton, ON L8H3X4
   CA

Status: Active

Name Servers:
   NS5.WEBSITEWELCOME.COM
   NS6.WEBSITEWELCOME.COM

Creation date: 23 Mar 2005 18:08:26
Expiration date: 23 Mar 2006 18:08:26

-- 
Yours,

J.A. Terranson
sysadmin@xxxxxxx
0xBD4A95BF


I like the idea of belief in drug-prohibition as a religion in that it is
a strongly held belief based on grossly insufficient evidence and
bolstered by faith born of intuitions flowing from the very beliefs they
are intended to support.

don zweig, M.D.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Virus on web site
  - From: Peter B. Harvey (Information Security)

Prev by Date: Re: [Full-disclosure] Undisclosed Sudo Vulnerability ?
Next by Date: Re: [Full-disclosure] Weird URL
Previous by thread: [Full-disclosure] Virus on web site
Next by thread: Re: [Full-disclosure] Virus on web site
Index(es):
- Date
- Thread