Re: [Full-Disclosure] found suspicious desktop.ini in startup folders
Date: Tue Aug 24 2004 - 04:35:18 EDT
BillyBobKnob wrote:
> Does anyone know if this file is used in an exploit since it was found in
> startup folders ?
Does it "come back" following a restart, or a logout/login cycle, after
you delete it??
> The contents of the file are:
>
> [.ShellClassInfo]
> LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21787
This KnowledgeBase article mentions precisely these file contents:
http://support.microsoft.com/?id=330132
but gives no indication of what may cause its appearance on your
system. The suggested "fix" is simply deletion...
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Tue Aug 24 05:24:14 2004
This archive was generated by hypermail 2.1.8 : Tue Aug 24 2004 - 06:06:14 EDT
