[Dshield] door opener

Samuel Samuel at socal.rr.com
Fri Aug 24 21:21:12 GMT 2001


Please clarify what you mean by "a reg file". I think that what you mean is
critically different from "the reg file". I think the terms being used are
quite vague; for one thing, the phrase "the reg file" is probably not
accurate; I think the registry is actually multiple files.


----- Original Message -----
From: "Crane, George D" <George.D.Crane at bankofamerica.com>
To: <dshield at dshield.org>
Sent: Friday, August 24, 2001 11:42 AM
Subject: RE: [Dshield] door opener


> Susan
> If you are really worried I would load ZoneAlarm on your machine. That
> tracks both what comes in and what tries to go out from yr computer. You
can
> get a free version of this from www.zonelabs.com - the pro version also
has
> an email scanner (it costs about 25usd I think)
> It is ok to open a reg file in a text editor and save it back to disk -
> that's how I write most of mine.
>
> George
>
>
> -----Original Message-----
> From: dshield-admin at dshield.org [mailto:dshield-admin at dshield.org]On
> Behalf Of Susan Buczak
> Sent: Friday, August 24, 2001 07:41
> To: dshield at dshield.org
> Subject: [Dshield] door opener
>
>
> Hello.
>
> New here. I think code red is just a door opener for other stuff. I
> have never received as much suspicious possible virus email as I have
> during the past 2 months.
>
> I just reformatted this computer because there was way too much
> evidence of something... so it's 5 days old.
>
> I found my link to windows explorer looked like this last night:
> C:\WINDOWS\EXPLORER.EXE/n,/e,C:\
>
> I have an executable in here already that does a running process, but
> I cannot find it even with hidden files showing.
>
> Not like theres a lot of stuff in here so it should be easy one would
> think... my computer sends two passwords at logon to my isp. That I
> cannot figure out yet either. They are getting in here I think via
> email. Then they sync data out somehow. I have deleted 'mobsync'
> twice and it showed up again last night. I do wonder I am logging in
> twice to my isp or to someone elses??? I have been through all the
> settings numerous times, I am not a novice, and I cannot find the
> problem. figure I will determine what I need on this end to fully
> protect the mailbox/system then formatt again and reload clean AGAIN
> hopefully.
>
> Does anyone know if its possible for a hacker to affect the bios of a
> system? On last format this drive seemed to remember stuff it should
> related to internet connections. I could just be ultra paranoid about
> that one but it sure did seem that way.
>
> Does anyone know how to remove unneeded stuff from a systems
> registry? Whats safe, whats not? is it ok to open the reg file in a
> text editor then save back to disk?
>
> S.
>
>
>
>
>
>
>
>
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
> http://www1.dshield.org/mailman/listinfo/dshield
>
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see:
http://www1.dshield.org/mailman/listinfo/dshield
>




More information about the list mailing list