Bugtraq mailing list archives
Re: All versions of windows infected?
From: Axel Pettinger <api () epost de>
Date: Sat, 07 Sep 2002 10:03:21 +0200
Iamhatingit () aol com wrote:
I have been doing research on one of the latest problems with all microsoft products but with little success. it appears that someone or some system is infecting and rooting all types of windows boxes. no one really knows how or by what method this is bieng done by. But virus and worm have been rulled out. here is more information on the matter if you dont allready have it. http://www.techtv.com/news/security/story/0,24195,3398556,00.html
Maybe you should also read Microsoft's Knowledge Base Article (Q328691) <http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328691>, then you'll see that the backdoor trojan is known and also the (worm-like) intrusion technique used by this malware is certainly not new. See also the following post and follow the link mentioned in it ... <http://groups.google.com/groups?as_umsgid=3D7794D5.2BDA1B37%40epost.de>
but my question is i have found one of the files in my system in zipeed files that have not been updated in 6 months the file name is WS_ftp and here is the source hope some of this helps.. [Ipswitch] HOST=ftp.ipswitch.com UID=anonymous
[snip] This file doesn't belong to the trojan package. Apart from that, forget the file names as they can be easily changed ... Regards, Axel Pettinger
Current thread:
- All versions of windows infected? Iamhatingit (Sep 06)
- Re: All versions of windows infected? Walter Hop (Sep 07)
- Re: All versions of windows infected? Axel Pettinger (Sep 07)