>>>> Heads up <<<<
I just got a warning from Norton that "PamelaSetup-Basic.exe" has a virus in it. The name is "VirusBurst" Luckily, I did not install this software and Norton's quarantined it so I could delte it, which I have done. Symantec has not completed analysis of this particular piece of garbage but it did catch the sig. If you have installed Pamela, you may be in trouble.
|
-2 |
|
Duffy
3/26/2007 7:52:01 PM
grc.spyware
3226 articles. 
0 followers.
4 Replies
1828 Views
Duffy wrote: > I just got a warning from Norton that "PamelaSetup-Basic.exe" has a virus > in it. The name is "VirusBurst" > > Luckily, I did not install this software and Norton's quarantined it so I > could delte it, which I have done. > > Symantec has not completed analysis of this particular piece of garbage but > it did catch the sig. > > If you have installed Pamela, you may be in trouble. And where pray tell did you get this file? It seems like something circulating around the P2P, warez crowd with a reference to a certain American TV star. http://www.viruslist.com/en/find?search_mode=full&words=pamela&x=0&y=0 Ron :)
|
|
-2 |
|
Ron
3/27/2007 2:05:46 AM
On Mon, 26 Mar 2007 in grc.spyware, Duffy wrote >I just got a warning from Norton that "PamelaSetup-Basic.exe" has a virus >in it. The name is "VirusBurst" Could be a false positive, assuming that it's the Skype program I found using Google. >Luckily, I did not install this software and Norton's quarantined it so I >could delte it, which I have done. Since you deleted it, you can't upload it here for more testing. http://www.virustotal.com/en/indexf.html >Symantec has not completed analysis of this particular piece of garbage but >it did catch the sig. > >If you have installed Pamela, you may be in trouble. Let us know what Symantec says. -- GRC Newsgroups/Guidelines/No Regrets: http://www.imilly.com/noregrets.htm From invalid, Reply To works. Kevin A.
|
|
0 |
|
Kevin
3/27/2007 2:06:20 AM
Kevin A. wrote: > On Mon, 26 Mar 2007 in grc.spyware, Duffy wrote > >>I just got a warning from Norton that "PamelaSetup-Basic.exe" has a virus >>in it. The name is "VirusBurst" > > Could be a false positive, assuming that it's the Skype program I found > using Google. This led me to believe that it might not be legitimate, Kevin. http://preview.tinyurl.com/27xsuy If you got the file from a source authorized by a legitimate software developer, Duffy, post the link. Ron :)
|
|
0 |
|
Ron
3/27/2007 3:07:24 AM
On article <Xns98FF973CA4883duffytag@4.79.142.203>, Duffy wrote: > I just got a warning from Norton that "PamelaSetup-Basic.exe" has a virus > in it. The name is "VirusBurst" > > Luckily, I did not install this software and Norton's quarantined it so I > could delte it, which I have done. > > Symantec has not completed analysis of this particular piece of garbage but > it did catch the sig. > > If you have installed Pamela, you may be in trouble. > This is what VirusTotal found in a file got from http://preview.tinyurl.com/27xsuy which obtained it from http://www.pamela-systems.biz/download/files/PamelaSetup_Basic.exe : -< begin >----------------------------------------------------------- Antivirus Version Update Result -------------- -------------- ---------- -------------- AhnLab-V3 2007.3.27.0 03.27.2007 no virus found AntiVir 7.3.1.44 03.27.2007 no virus found Authentium 4.93.8 03.26.2007 no virus found Avast 4.7.936.0 03.27.2007 no virus found AVG 7.5.0.447 03.27.2007 no virus found BitDefender 7.2 03.27.2007 no virus found CAT-QuickHeal 9.00 03.27.2007 no virus found ClamAV devel-20070312 03.27.2007 no virus found DrWeb 4.33 03.27.2007 no virus found eSafe 7.0.14.0 03.27.2007 no virus found eTrust-Vet 30.6.3515 03.27.2007 no virus found Ewido 4.0 03.27.2007 no virus found FileAdvisor 1 03.27.2007 no virus found Fortinet 2.85.0.0 03.27.2007 no virus found F-Prot 4.3.1.45 03.26.2007 no virus found F-Secure 6.70.13030.0 03.27.2007 no virus found Ikarus T3.1.1.3 03.27.2007 no virus found Kaspersky 4.0.2.24 03.27.2007 no virus found McAfee 4993 03.27.2007 no virus found Microsoft 1.2306 03.27.2007 no virus found NOD32v2 2148 03.27.2007 no virus found Aditional Information File size: 3767665 bytes MD5: 0bb0395becebf93c6beb6db1aaa7b846 SHA1: b78ea5ade1f62f2c022a41bd273b6cfc83b928be packers: BINARYRES -------------------------------------------------------------< end >- Can you please check if your scanner is up to date, and if we're talking on the same "infected" file? -- Kind regards, Euler German Please, reply preferably to the list. Reply-To: partially ROT13, invalid=com
|
|
0 |
|
Euler
3/27/2007 8:02:59 PM
Similar Artilces:
>>>> ROOT Exploit in SAMBA <<<<<<
"A flaw has been detected in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445." http://us3.samba.org/samba/samba.html Binaries are available from Samba for RedHat, and some other distributions. So far as I can tell, the RedHat update mirrors I norm...
>>>> BUY RAM <<<<
.. ~~~*@@@*~~~ ================================================== ================================================== ENTER HERE: >>> http://web-for-you.cn/about/buy-ram <<< ================================================== ================================================== .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ...
>>>> CAPITALS GAMES <<<<
.. ~~~!!!~~~ ================================================== ================================================== CLICK HERE TO ENTER: >>> http://web-paradise.cn/3/capitals-games <<< ================================================== ================================================== .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ....
C<< >> vs C<< >> vs C<< x >>
Ugh. So we all know that there's this syntax for formatting codes (n=E9s "interio= r sequences") like C<< x >>. And that tokenizes as three tokens: "C<< ", open-C code "x", content " >>" close-code matching the C open-code And this is explicated by what I wrote in perlpodspec where I say that such a code... * starts with a capital letter (just US-ASCII [A-Z]) followed by two or more "<"'s, one or more whitespace characters, * any number of characters * one or more whit...
>>>> BLU-RAY MOVIES <<<<
.. ~~~!!!~~~ ================================================== ================================================== CLICK HERE TO ENTER: >>> http://web-paradise.cn/2/blu-ray-movies <<< ================================================== ================================================== .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ....
[PATCH] correctly handle C<< >> and C<<< >>> in diagnostics
This is just a quick hack; ideally someone would make it use an actual pod parser. --- perl/lib/diagnostics.pm.orig 2003-12-30 15:48:47.000000000 -0800 +++ perl/lib/diagnostics.pm 2004-05-25 01:54:31.735904000 -0700 @@ -314,10 +314,10 @@ sub noop { return $_[0] } # spensive for a noop sub bold { my $str =$_[0]; $str =~ s/(.)/$1\b$1/g; return $str; } sub italic { my $str = $_[0]; $str =~ s/(.)/_\b$1/g; return $str; } - s/[BC]<(.*?)>/bold($1)/ges; + s/C<<< (.*?) >>>|C<< (.*?) >>|[BC]<(.*?)>/bold($+)/ges; ...
How to strip a string of <html>, ,</html>, <body>, </body>, <form ... >, </form> tags?
I have stream which is the HTML input of a page. Now I want to use only that part of this page, that is within <form .....> and </form> tags, and excluding these tags.How would I go about stripping <html>, ,</html>, <body>, </body>, <form ... >, </form>, <head> and </head> tags? I have to make sure that <head ...javascript..> and its corresponding </head> tags are not stripped in this process.sun21170 Wait... you said you wanted to strip the head tags, and you're also saying you need to NOT strip the ...
The Man Who Debunks Virus Myths <<<hero???>>>R.Rosenberger Vmyths.com!!!<<<SIGH>>>
http://www.securitynewsportal.com/article.php?sid=1368&mode=thread&order=0 -- Regard: Joh@nnes� 1216771 Ont.Inc. "Nothing is more damaging to a new truth than an old error" Take a look at the following from the article: (Begin quote) "Rosenberger is not just a random ornery writer with a website and a bone to pick. He's an experienced programmer, a systems administrator and a man of mystery with high-level CIA security clearance. Information about Rosenberger's status with the CIA was confirmed by an inquiry to a government office, and Ro...
Difference between <% %> <%# %> <%= %> ?
I have some server controls to which I want to assign the visible property using the server tags instead of code behind, but I can't manage to do it, so far I'm using: Public Shared Function accesible(ByVal user As USERRow) As Boolean Select Case user.rol Case "Administrator" Return True Cas...
<<<THUD>>>
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3882364&sliceId=1&docTypeID=DT_TID_1_1&dialogID=104807193&stateId=0%200%20104803654 Novell actually gave a projected release date for something? <ponders if this date is before or after the new maintenance policy kicks in> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 First, terrible subject line. Second, the offender has been shot. ;-) Not really.... this guy is awesome just because he is crazy like that. Third, before the patch date stuff (February I think). Goo...
>>>BOOKMARKS<<<
I dont understand the hep page for Lsot Bookmarks - can someone guide me please? I need to know what to look for (instructions in how to do it) As I dont know what im doing im new to using PC's RAJA SINGH wrote: > I dont understand the hep page for Lsot Bookmarks - can someone guide me > please? I need to know what to look for (instructions in how to do it) As I > dont know what im doing im new to using PC's please keep your posting together so we can follow whats going on. Thanks. Close FF. Now, using your file manager, locate the FF profile. To l...
How about <<< and >>> ops?
This has probably come up before, but I think it would be good if perl had two additional arithemetic operators: >>> would be a right shift _without_ sign extension under use integer (currently, under use integer, >> is at the mercy of the underlying C lib). <<< would be a left roll ($x <<< $y would be equivalent to ( ($x << $y) | (2**$y-1) & ($x >> (32-$y)) ) these two ops would come in handy when implementing cryptographic algorithms. I guess you could argue that >>> should be a right roll, but then I don'...
[PATCH] Fix POD: C<...->...> => C<< ...-> ... >>
--=-0nPiZliXhb80VRfJ/8qX Content-Type: text/plain Content-Transfer-Encoding: 7bit See the attached patch, it fixes some POD which gets rendered wrong by newer POD rendering tools. Thanks, Frank --=-0nPiZliXhb80VRfJ/8qX Content-Disposition: attachment; filename="0001-Fix-POD-C-.-.-C.patch" Content-Type: text/x-patch; name="0001-Fix-POD-C-.-.-C.patch"; charset="UTF-8" Content-Transfer-Encoding: 7bit From ed46d8dd56e57d51347cb0a7a6397687ee15a950 Mon Sep 17 00:00:00 2001 From: Frank Wiegand <frank.wiegand@gmail.com> Date: Thu, 19 Nov 2009 1...
"<table></table>" and "<frameset><frame></frame></frameset>" in perl/tk
Dear my friends... Anybody would be so kind telling me what is similar in perl/tk to arrange the location of a form written in perl/tk? I want a nice look for my perl/tk application. Somewhat like this below: 1. Name : <place to type-in> 2. Address : <place to type-in> 3. Telephone : <place to type-in> I have made the main menu of my application with "Menubutton". And I want if the user click on the menu that what the user see is only the aimed application displayed on the determined area (under the main menu) but the menu has no change in po...
"A flaw has been detected in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User (root) privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445." http://us3.samba.org/samba/samba.html Binaries are available from Samba for RedHat, and some other distributions. So far as I can tell, the RedHat update mirrors I norm...
>>>> BUY RAM <<<<
.. ~~~*@@@*~~~ ================================================== ================================================== ENTER HERE: >>> http://web-for-you.cn/about/buy-ram <<< ================================================== ================================================== .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ...
>>>> CAPITALS GAMES <<<<
.. ~~~!!!~~~ ================================================== ================================================== CLICK HERE TO ENTER: >>> http://web-paradise.cn/3/capitals-games <<< ================================================== ================================================== .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ....
C<< >> vs C<< >> vs C<< x >>
Ugh. So we all know that there's this syntax for formatting codes (n=E9s "interio= r sequences") like C<< x >>. And that tokenizes as three tokens: "C<< ", open-C code "x", content " >>" close-code matching the C open-code And this is explicated by what I wrote in perlpodspec where I say that such a code... * starts with a capital letter (just US-ASCII [A-Z]) followed by two or more "<"'s, one or more whitespace characters, * any number of characters * one or more whit...
>>>> BLU-RAY MOVIES <<<<
.. ~~~!!!~~~ ================================================== ================================================== CLICK HERE TO ENTER: >>> http://web-paradise.cn/2/blu-ray-movies <<< ================================================== ================================================== .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ....
[PATCH] correctly handle C<< >> and C<<< >>> in diagnostics
This is just a quick hack; ideally someone would make it use an actual pod parser. --- perl/lib/diagnostics.pm.orig 2003-12-30 15:48:47.000000000 -0800 +++ perl/lib/diagnostics.pm 2004-05-25 01:54:31.735904000 -0700 @@ -314,10 +314,10 @@ sub noop { return $_[0] } # spensive for a noop sub bold { my $str =$_[0]; $str =~ s/(.)/$1\b$1/g; return $str; } sub italic { my $str = $_[0]; $str =~ s/(.)/_\b$1/g; return $str; } - s/[BC]<(.*?)>/bold($1)/ges; + s/C<<< (.*?) >>>|C<< (.*?) >>|[BC]<(.*?)>/bold($+)/ges; ...
How to strip a string of <html>, ,</html>, <body>, </body>, <form ... >, </form> tags?
I have stream which is the HTML input of a page. Now I want to use only that part of this page, that is within <form .....> and </form> tags, and excluding these tags.How would I go about stripping <html>, ,</html>, <body>, </body>, <form ... >, </form>, <head> and </head> tags? I have to make sure that <head ...javascript..> and its corresponding </head> tags are not stripped in this process.sun21170 Wait... you said you wanted to strip the head tags, and you're also saying you need to NOT strip the ...
The Man Who Debunks Virus Myths <<<hero???>>>R.Rosenberger Vmyths.com!!!<<<SIGH>>>
http://www.securitynewsportal.com/article.php?sid=1368&mode=thread&order=0 -- Regard: Joh@nnes� 1216771 Ont.Inc. "Nothing is more damaging to a new truth than an old error" Take a look at the following from the article: (Begin quote) "Rosenberger is not just a random ornery writer with a website and a bone to pick. He's an experienced programmer, a systems administrator and a man of mystery with high-level CIA security clearance. Information about Rosenberger's status with the CIA was confirmed by an inquiry to a government office, and Ro...
Difference between <% %> <%# %> <%= %> ?
I have some server controls to which I want to assign the visible property using the server tags instead of code behind, but I can't manage to do it, so far I'm using: Public Shared Function accesible(ByVal user As USERRow) As Boolean Select Case user.rol Case "Administrator" Return True Cas...
<<<THUD>>>
http://www.novell.com/support/search.do?cmd=displayKC&docType=kc&externalId=3882364&sliceId=1&docTypeID=DT_TID_1_1&dialogID=104807193&stateId=0%200%20104803654 Novell actually gave a projected release date for something? <ponders if this date is before or after the new maintenance policy kicks in> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 First, terrible subject line. Second, the offender has been shot. ;-) Not really.... this guy is awesome just because he is crazy like that. Third, before the patch date stuff (February I think). Goo...
>>>BOOKMARKS<<<
I dont understand the hep page for Lsot Bookmarks - can someone guide me please? I need to know what to look for (instructions in how to do it) As I dont know what im doing im new to using PC's RAJA SINGH wrote: > I dont understand the hep page for Lsot Bookmarks - can someone guide me > please? I need to know what to look for (instructions in how to do it) As I > dont know what im doing im new to using PC's please keep your posting together so we can follow whats going on. Thanks. Close FF. Now, using your file manager, locate the FF profile. To l...
How about <<< and >>> ops?
This has probably come up before, but I think it would be good if perl had two additional arithemetic operators: >>> would be a right shift _without_ sign extension under use integer (currently, under use integer, >> is at the mercy of the underlying C lib). <<< would be a left roll ($x <<< $y would be equivalent to ( ($x << $y) | (2**$y-1) & ($x >> (32-$y)) ) these two ops would come in handy when implementing cryptographic algorithms. I guess you could argue that >>> should be a right roll, but then I don'...
[PATCH] Fix POD: C<...->...> => C<< ...-> ... >>
--=-0nPiZliXhb80VRfJ/8qX Content-Type: text/plain Content-Transfer-Encoding: 7bit See the attached patch, it fixes some POD which gets rendered wrong by newer POD rendering tools. Thanks, Frank --=-0nPiZliXhb80VRfJ/8qX Content-Disposition: attachment; filename="0001-Fix-POD-C-.-.-C.patch" Content-Type: text/x-patch; name="0001-Fix-POD-C-.-.-C.patch"; charset="UTF-8" Content-Transfer-Encoding: 7bit From ed46d8dd56e57d51347cb0a7a6397687ee15a950 Mon Sep 17 00:00:00 2001 From: Frank Wiegand <frank.wiegand@gmail.com> Date: Thu, 19 Nov 2009 1...
"<table></table>" and "<frameset><frame></frame></frameset>" in perl/tk
Dear my friends... Anybody would be so kind telling me what is similar in perl/tk to arrange the location of a form written in perl/tk? I want a nice look for my perl/tk application. Somewhat like this below: 1. Name : <place to type-in> 2. Address : <place to type-in> 3. Telephone : <place to type-in> I have made the main menu of my application with "Menubutton". And I want if the user click on the menu that what the user see is only the aimed application displayed on the determined area (under the main menu) but the menu has no change in po...
Web resources about - >>>> Heads up <<<< - grc.spywareResources last updated: 12/31/2015 2:33:52 PM