Incidents
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Re: Re: Increased activity on port 110 Feb 26 2007 08:20PM
phishtracker gmail com
Yes, I'm seeing it too only on our Windows dedicated server farm. It appears to be related to MailEnable (Ensim/Plesk Customers). How they are getting infected I'm not sure yet. Possibly via servers with unpatched MailEnable. "rdriv.sys" gets installed in the "Windows\system32" folder.

Systems that...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus