26 Oct
2002
26 Oct
'02
7:30 p.m.
On Sat, 26 Oct 2002, Joe wrote:
Anyone noticing an increase in the amount of port 137 scans? I've seen just just over 100 in the last 1 hour. When I probe the offender I see them as MS items with their Harddrives shared wide open. Only thing in common is they all appear to have some file called put.ini in their root directory with a line that looks to be from a win.ini and states brasil.pif or exe. Maybe some new virus?
It looks like the W32/Opaserv-C virus: http://www.sophos.com/virusinfo/analyses/w32opaservc.html -- Allan Liska allan@allan.org htt://www.allan.org