Iamhatingitat_private wrote: > > I have been doing research on one of the latest problems with all > microsoft products but with little success. it appears that someone or > some system is infecting and rooting all types of windows boxes. no > one really knows how or by what method this is bieng done by. But > virus and worm have been rulled out. here is more information on the > matter if you dont allready have it. > http://www.techtv.com/news/security/story/0,24195,3398556,00.html Maybe you should also read Microsoft's Knowledge Base Article (Q328691) <http://support.microsoft.com/default.aspx?scid=kb;en-us;Q328691>, then you'll see that the backdoor trojan is known and also the (worm-like) intrusion technique used by this malware is certainly not new. See also the following post and follow the link mentioned in it ... <http://groups.google.com/groups?as_umsgid=3D7794D5.2BDA1B37%40epost.de> > but my question is i have found one of the files in my system > in zipeed files that have not been updated in 6 months > the file name is WS_ftp and here is the source > hope some of this helps.. > > [Ipswitch] > HOST=ftp.ipswitch.com > UID=anonymous [snip] This file doesn't belong to the trojan package. Apart from that, forget the file names as they can be easily changed ... Regards, Axel Pettinger
This archive was generated by hypermail 2b30 : Sat Sep 07 2002 - 09:33:02 PDT