Re: *** VIRUS WARNING!!! ***
- From: Terry Mester <TerryMester@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 31 Mar 2008 19:40:02 -0700
Pegasus (MVP) 3/31/2008 2:47 AM PST
"You need to become a little more computer-savvy: Don't open attachments
sent by strangers, and be very careful when opening attachments sent by
friends. ... Renaming ftp.exe or nslookup.exe is pointless. Change your
habits and install/maintain a good virus scanner. "
I was not referring to opening "executable" E-Mail Attachments (.exe, .com,
..bat, .cmd). I'm talking about the abilities of an HTML (as opposed to Plain
Text) E-Mail. Within about 3 Seconds of "viewing" an HTML E-Mail, it has the
ability to create a Text File on the Hard Drive -- as with the two Files
above. You don't need to open any type of Attachment. It is unsafe to even
LOOK at these Junk E-Mails! I now know better, and I'm simply warning
others. As for a Virus Scanner / Firewall, I have a Pentium III Computer,
and it slows my Computer down too much and so I had to disable it. This
problem is the exclusive fault of Microsoft who has produced defective
security protocols in its Operating Systems -- unlike Apple and Linux!
________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
" The infector creates a script and uses the FTP command to download its
peer software. "
I know this. The point of this Thread is to warn people that an HTML E-Mail
(Body) can create this Script Text File -- you don't have to open any
Attachment, and I didn't open any!
________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
" If file protection is properly working, you can not rename FTP.EXE as it
will just reinstate itself. "
You are 100% correct. I only realized this after posting this Thread.
________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
" NSLOOKUP has nothing to do with it."
In my personal case, nslookup probably wasn't used. However, nslookup would
definitely enable you to spam a specific person's Computer as long as you
know their Internet Server. If you're out to breach a specific Computer,
nslookup is what you need to do it.
________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
"What this shows is that you did not have anti virus installed and/or
prioperly updated.
BTW: Microsoft is fully aware of the situation and I guarantee you that
there will be no patch because you have to be infected first before the
FTP.EXE command will be used maliciously."
As I mentioned above, I cannot install a Firewall because I only have a
Pentium III with 128M of RAM. I haven't been infected since February 21st
when I last viewed such an E-Mail. I have since been undertaking the
following measures in a Batch Command to protect my Computer before logging
onto the Internet:
net stop "remote access auto connection manager"
net stop "remote access connection manager"
net stop "routing and remote access"
net stop "remote registry service"
net stop "RPClocator"
net stop "RPCss"
net stop "messenger"
net stop "net logon"
I'm not certain how much protection this provides me. I also now generally
use the Internet only while logged into my Computer as a regular "user" and
not an "administrator".
________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
"You shoud also know there are Trojans that hijack the BITS Service to
download peers."
I'm not familiar with this "BITS Service" you refer to. Can you elaborate
further?
.
- Follow-Ups:
- Re: *** VIRUS WARNING!!! ***
- From: John John
- Re: *** VIRUS WARNING!!! ***
- From: David H. Lipman
- Re: *** VIRUS WARNING!!! ***
- From: What's in a Name?
- Re: *** VIRUS WARNING!!! ***
- References:
- Re: *** VIRUS WARNING!!! ***
- From: David H. Lipman
- Re: *** VIRUS WARNING!!! ***
- Prev by Date: Re: *** VIRUS WARNING!!! ***
- Next by Date: Re: *** VIRUS WARNING!!! ***
- Previous by thread: Re: *** VIRUS WARNING!!! ***
- Next by thread: Re: *** VIRUS WARNING!!! ***
- Index(es):
Relevant Pages
|
