Re: All versions of windows infected?

[Axel Pettinger <api () epost de>]

Iamhatingit () aol com wrote:
> I have been doing research on one of the latest problems with all 
> microsoft products but with little success. it appears that someone or 
> some system is infecting and rooting all types of windows boxes.  no 
> one really knows how or by what method this is bieng done by.  But 
> virus and worm have been rulled out.  here is more information on the 
> matter if you dont allready have it.
> http://www.techtv.com/news/security/story/0,24195,3398556,00.html

Maybe you should also read Microsoft's Knowledge Base Article (Q328691)
<http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328691>, then
you'll see that the backdoor trojan is known and also the (worm-like)
intrusion technique used by this malware is certainly not new. See also
the following post and follow the link mentioned in it ...
<http://groups.google.com/groups?as_umsgid=3D7794D5.2BDA1B37%40epost.de>

> but my question is i have found one of the files in my system
> in zipeed files that have not been updated in 6 months
> the file name is WS_ftp and here is the source
> hope some of this helps..
>
> [Ipswitch]
> HOST=ftp.ipswitch.com
> UID=anonymous
[snip]

This file doesn't belong to the trojan package. Apart from that, forget
the file names as they can be easily changed ...

Regards,
Axel Pettinger