|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Axel Pettinger (api_at_epost.de)
Date: Sat Sep 07 2002 - 03:03:21 CDT
Iamhatingit
aol.com wrote:
>
> I have been doing research on one of the latest problems with all
> microsoft products but with little success. it appears that someone or
> some system is infecting and rooting all types of windows boxes. no
> one really knows how or by what method this is bieng done by. But
> virus and worm have been rulled out. here is more information on the
> matter if you dont allready have it.
> http://www.techtv.com/news/security/story/0,24195,3398556,00.html
Maybe you should also read Microsoft's Knowledge Base Article (Q328691)
<http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328691>, then
you'll see that the backdoor trojan is known and also the (worm-like)
intrusion technique used by this malware is certainly not new. See also
the following post and follow the link mentioned in it ...
<http://groups.google.com/groups?as_umsgid=3D7794D5.2BDA1B37%40epost.de>
> but my question is i have found one of the files in my system
> in zipeed files that have not been updated in 6 months
> the file name is WS_ftp and here is the source
> hope some of this helps..
>
> [Ipswitch]
> HOST=ftp.ipswitch.com
> UID=anonymous
[snip]
This file doesn't belong to the trojan package. Apart from that, forget
the file names as they can be easily changed ...
Regards,
Axel Pettinger
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]