On 29/9/14 12:29, Cristian Rodríguez wrote:
El 29/09/14 a las #4, Otto Rodusek escribió:
Thanks for your feedback. Yes I do have VMware Workstation 10.0.3 running - BUT - it is a legit purchased version from VMware and properly licensed. Can you give me the link you found? I tried googling but couldn't find it.
It is in spanish:
http://bitacoraderedes.wordpress.com/2013/11/19/un-caso-real-un-linux-troyan...
describes exactly your problem, same ip address of the bot director, same executables poisoned.. The analysis is only partial so it might be slightly wrong.
Hi Cristian, Thanks for the link - checking now. Thanks for your help. (Going to do a complete uninstall of vmware, download a fresh install from vmware, check md5sum and sha1sum, and do a re-install and see the results). Again, thanks! Best regards. Otto. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org