Re: *** VIRUS WARNING!!! ***

Terry Mester after much thought,came up with this jewel:

Pegasus (MVP) 3/31/2008 2:47 AM PST
"You need to become a little more computer-savvy: Don't open
attachments sent by strangers, and be very careful when opening
attachments sent by friends. ... Renaming ftp.exe or nslookup.exe is
pointless. Change your habits and install/maintain a good virus
scanner. "

I was not referring to opening "executable" E-Mail Attachments (.exe,
.com, .bat, .cmd). I'm talking about the abilities of an HTML (as
opposed to Plain Text) E-Mail. Within about 3 Seconds of "viewing"
an HTML E-Mail, it has the ability to create a Text File on the Hard
Drive -- as with the two Files above. You don't need to open any
type of Attachment. It is unsafe to even LOOK at these Junk E-Mails!
I now know better, and I'm simply warning others. As for a Virus
Scanner / Firewall, I have a Pentium III Computer, and it slows my
Computer down too much and so I had to disable it. This problem is
the exclusive fault of Microsoft who has produced defective security
protocols in its Operating Systems -- unlike Apple and Linux!


You have no idea what your talking about.
There are security defects in all OSes.


________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
" The infector creates a script and uses the FTP command to download
its peer software. "

I know this. The point of this Thread is to warn people that an HTML
E-Mail (Body) can create this Script Text File -- you don't have to
open any Attachment, and I didn't open any!

set your e-mail client to "text only"


________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
" If file protection is properly working, you can not rename FTP.EXE
as it will just reinstate itself. "

You are 100% correct. I only realized this after posting this Thread.

________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
" NSLOOKUP has nothing to do with it."

In my personal case, nslookup probably wasn't used. However,
nslookup would definitely enable you to spam a specific person's
Computer as long as you know their Internet Server. If you're out to
breach a specific Computer, nslookup is what you need to do it.

________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
"What this shows is that you did not have anti virus installed and/or
prioperly updated.
BTW: Microsoft is fully aware of the situation and I guarantee you
that there will be no patch because you have to be infected first
before the FTP.EXE command will be used maliciously."

As I mentioned above, I cannot install a Firewall because I only have
a Pentium III with 128M of RAM.

Buy more RAM(the cost has dropped) and a NAT router(under $50 US) with
a built-in firewall.

AntiVir uses very little RAM. So does ThreatFire. GhostWall firewall is
very small also.

I haven't been infected since
February 21st when I last viewed such an E-Mail.

You need a more secure e-mail client-try Thunderbird.

I have since been
undertaking the following measures in a Batch Command to protect my
Computer before logging onto the Internet:
net stop "remote access auto connection manager"
net stop "remote access connection manager"
net stop "routing and remote access"
net stop "remote registry service"
net stop "RPClocator"
net stop "RPCss"
net stop "messenger"
net stop "net logon"
I'm not certain how much protection this provides me. I also now
generally use the Internet only while logged into my Computer as a
regular "user" and not an "administrator".


You should open services and disable from there.

________________________________________
David H. Lipman 3/31/2008 5:52 PM PST
"You shoud also know there are Trojans that hijack the BITS Service
to download peers."

I'm not familiar with this "BITS Service" you refer to. Can you
elaborate further?

Google is your friend

max
--
Virus Removal http://max.shplink.com/removal.html
Keep Clean http://max.shplink.com/keepingclean.html
Tools http://max.shplink.com/tools.html
Change nomail.afraid.org to gmail.com to reply by email.
I was lost,but now I'm blind.
.

Relevant Pages

  • Re: *** VIRUS WARNING!!! ***
    ... | "You need to become a little more computer-savvy: Don't open attachments ... Use anti virus, [practice Safe Hex or you will be infected again! ... nslookup probably wasn't used. ... | net stop "remote access auto connection manager" ...
    (microsoft.public.win2000.general)
  • Re: *** VIRUS WARNING!!! ***
    ... "You need to become a little more computer-savvy: Don't open attachments ... In my personal case, nslookup probably wasn't used. ... know their Internet Server. ... net stop "remote access auto connection manager" ...
    (microsoft.public.win2000.general)
  • [Full-Disclosure] Potential denial of service bug in Cisco Pix Firewall IOS resolve d in 6.3(3)105
    ... Users of Cisco Pix Firewalls may discover that their pool of NAT'ted IP ... The problem is caused by the Firewall being swamped by incoming ICMP packets ... The information contained in this email and any attachments is ...
    (Full-Disclosure)
  • [Full-Disclosure] Potential denial of service bug in Cisco Pix Firewall IOS resolve d in 6.3.(3)105
    ... Users of Cisco Pix Firewalls may discover that their pool of NAT'ted IP ... The problem is caused by the Firewall being swamped by incoming ICMP packets ... The information contained in this email and any attachments is ...
    (Full-Disclosure)
  • Re: Workstations Cannot Download Large Emails
    ... When we try to download emails with large attachments, ... minutes (much more than enough for a 4MB download). ... Turning off the firewall software's email/cookie/etc. ... Microsoft Windows Critical Updates and Microsoft Office ...
    (microsoft.public.win2000.networking)