Computer Security - Re: Xenon 2

08-08-2004, 11:34 AM

On Sun, 08 Aug 2004 08:03:22 GMT, <email snipped> schrieb:

>Quite simpily the best shootemup ever!

<snip>

Creates a file called ''msconfigs.exe' in (typically) C:\Windows\System32\

Tries to connect to :

tc-operator2.telecom.cc.cmu.edu [128.2.120.114], port 9500

There's also a shed load of registry changes going on, according to
TCMonitor (The Cleaner).

Post reported to abuse dept. at ntlworld.com

NOD32 and The Cleaner Professional 4.1 didn't detect anything. What is this
thing ? Adaware didn't find anything.

I know I'll probably take some heat for netcopping and
uninformed-malware-analysis but I've just got to know if this is definitely
something to worry about, or it was, actually, a spammed game.

Cordially,

Kleeb.

Kleeb

08-09-2004, 01:23 AM

Kleeb <> wrote in message news:<>. ..
> On Sun, 08 Aug 2004 08:03:22 GMT, <email snipped> schrieb:
>

>
> I know I'll probably take some heat for netcopping and
> uninformed-malware-analysis but I've just got to know if this is definitely
> something to worry about, or it was, actually, a spammed game.
>
> Cordially,
>
> Kleeb.

Keep on Kopping! This thing seems to have been started very recently.
It is currently spammed over every concievable Usenet newsgroup. My
Avast! virus scanner failed to pick it up, even after I executed the
Setup.exe trojan generator (by mistake). I sent a copy of the
Xenon2.zip file to the Avast Forum Administator to check out and
determine what to do with it. This may become a very large threat if
not stopped.

Grizebar

08-09-2004, 09:46 AM

On Monday 09 August 2004 01:23, Grizebar schrieb :

> Kleeb <> wrote in message
> news:<>. ..
>> On Sun, 08 Aug 2004 08:03:22 GMT, <email snipped> schrieb:
>>
>
>>
>> I know I'll probably take some heat for netcopping and
>> uninformed-malware-analysis but I've just got to know if this is
>> definitely something to worry about, or it was, actually, a spammed game.
>>
>> Cordially,
>>
>> Kleeb.
>
> Keep on Kopping! This thing seems to have been started very recently.
> It is currently spammed over every concievable Usenet newsgroup. My
> Avast! virus scanner failed to pick it up, even after I executed the
> Setup.exe trojan generator (by mistake). I sent a copy of the
> Xenon2.zip file to the Avast Forum Administator to check out and
> determine what to do with it. This may become a very large threat if
> not stopped.

Thanks for the reply. I too have seen it in a number of groups. I have
since checked the file again (unzipped) with F-Prot on Linux, still no joy.

I have seen someone reply to the post too, stating something along the
lines of ; "yeah, it certainly is !", and that's it.

Probably just a bit of social engineering or somebody's idea of a joke.

Cordially,

Kleeb.

Kleeb

08-09-2004, 01:23 AM	#2
Grizebar Posts: n/a	Re: Xenon 2 Kleeb <> wrote in message news:<>. .. > On Sun, 08 Aug 2004 08:03:22 GMT, <email snipped> schrieb: > > > I know I'll probably take some heat for netcopping and > uninformed-malware-analysis but I've just got to know if this is definitely > something to worry about, or it was, actually, a spammed game. > > Cordially, > > Kleeb. Keep on Kopping! This thing seems to have been started very recently. It is currently spammed over every concievable Usenet newsgroup. My Avast! virus scanner failed to pick it up, even after I executed the Setup.exe trojan generator (by mistake). I sent a copy of the Xenon2.zip file to the Avast Forum Administator to check out and determine what to do with it. This may become a very large threat if not stopped. Grizebar

08-09-2004, 09:46 AM	#3
Kleeb Posts: n/a	Re: Xenon 2 On Monday 09 August 2004 01:23, Grizebar schrieb : > Kleeb <> wrote in message > news:<>. .. >> On Sun, 08 Aug 2004 08:03:22 GMT, <email snipped> schrieb: >> > >> >> I know I'll probably take some heat for netcopping and >> uninformed-malware-analysis but I've just got to know if this is >> definitely something to worry about, or it was, actually, a spammed game. >> >> Cordially, >> >> Kleeb. > > Keep on Kopping! This thing seems to have been started very recently. > It is currently spammed over every concievable Usenet newsgroup. My > Avast! virus scanner failed to pick it up, even after I executed the > Setup.exe trojan generator (by mistake). I sent a copy of the > Xenon2.zip file to the Avast Forum Administator to check out and > determine what to do with it. This may become a very large threat if > not stopped. Thanks for the reply. I too have seen it in a number of groups. I have since checked the file again (unzipped) with F-Prot on Linux, still no joy. I have seen someone reply to the post too, stating something along the lines of ; "yeah, it certainly is !", and that's it. Probably just a bit of social engineering or somebody's idea of a joke. Cordially, Kleeb. Kleeb

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search

08-08-2004, 11:34 AM	#1
	Re: Xenon 2 On Sun, 08 Aug 2004 08:03:22 GMT, <email snipped> schrieb: >Quite simpily the best shootemup ever! <snip> Creates a file called ''msconfigs.exe' in (typically) C:\Windows\System32\ Tries to connect to : tc-operator2.telecom.cc.cmu.edu [128.2.120.114], port 9500 There's also a shed load of registry changes going on, according to TCMonitor (The Cleaner). Post reported to abuse dept. at ntlworld.com NOD32 and The Cleaner Professional 4.1 didn't detect anything. What is this thing ? Adaware didn't find anything. I know I'll probably take some heat for netcopping and uninformed-malware-analysis but I've just got to know if this is definitely something to worry about, or it was, actually, a spammed game. Cordially, Kleeb. Kleeb