[Dshield] door opener

Samuel Samuel at socal.rr.com
Fri Aug 24 16:36:50 GMT 2001


What protection are you using? It sounds like you are running unprotected,
which should make a person paranoid. Most people solve their paranoia by
installing things like anti-virus and firewall software. That solution is a
very healthy solution.

You say that you suspect that your system was intruded through email, and it
is my understanding that ZoneAlarm will protect us from that. ZoneAlarm's
purpose is as a firewall but it also has a feature that is effective on
email too. There are many other software that will shield us from intruders
attempting to get in through email.

Also, are you applying the patches and other maintenance available for your
operating system?


----- Original Message -----
From: "Susan Buczak" <pobox2 at pinn.net>
To: <dshield at dshield.org>
Sent: Friday, August 24, 2001 4:41 AM
Subject: [Dshield] door opener


> Hello.
>
> New here. I think code red is just a door opener for other stuff. I
> have never received as much suspicious possible virus email as I have
> during the past 2 months.
>
> I just reformatted this computer because there was way too much
> evidence of something... so it's 5 days old.
>
> I found my link to windows explorer looked like this last night:
> C:\WINDOWS\EXPLORER.EXE/n,/e,C:\
>
> I have an executable in here already that does a running process, but
> I cannot find it even with hidden files showing.
>
> Not like theres a lot of stuff in here so it should be easy one would
> think... my computer sends two passwords at logon to my isp. That I
> cannot figure out yet either. They are getting in here I think via
> email. Then they sync data out somehow. I have deleted 'mobsync'
> twice and it showed up again last night. I do wonder I am logging in
> twice to my isp or to someone elses??? I have been through all the
> settings numerous times, I am not a novice, and I cannot find the
> problem. figure I will determine what I need on this end to fully
> protect the mailbox/system then formatt again and reload clean AGAIN
> hopefully.
>
> Does anyone know if its possible for a hacker to affect the bios of a
> system? On last format this drive seemed to remember stuff it should
> related to internet connections. I could just be ultra paranoid about
> that one but it sure did seem that way.
>
> Does anyone know how to remove unneeded stuff from a systems
> registry? Whats safe, whats not? is it ok to open the reg file in a
> text editor then save back to disk?
>
> S.
>
>
>
>
>
>
>
>
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield
>




More information about the list mailing list