Re: Firewall warnings about services.exe
From: Arthur T. (arthur_at_munged.invalid)
Date: 02/29/04
- Next message: Peter James: "Re: Spammer motives"
- Previous message: Michael-NC: "Re: Computer Security - Tracking Software?"
- In reply to: Arthur T.: "Re: Firewall warnings about services.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 29 Feb 2004 11:35:31 -0500
In Message-ID:<4n04405q8o735em18k2pakpbd8mmd39oso@4ax.com>,
Arthur T. <arthur@munged.invalid> wrote:
>In Message-ID:<MY-dnWhdOZIy-dzdRVn-sA@brightview.com>,
>"Mimic" <null@void.net> wrote:
>
>>Havnt got time to read, but services.exe is the name NetSky.B runs under..
>>check symantec.com
>
> I see that several trojans copy themselves as services.exe.
>I though I had been practicing safe computing and didn't need an
>anti-virus program. It looks like I was wrong. I'm getting one
>and will run it, soon.
I downloaded and ran AVG. No hits. I restored copy of my
services.exe file from 10 months ago, and it exactly matches my
current one. (Firewall started showing activity in this file
only a few weeks ago.) While I know that these don't *prove*
that I don't have a virus/worm/trojan/whatever, it seems like
strong evidence.
My guess is that my firewall is protecting me, but I'd like
to know what it's protecting me from. Any other guesses, hints,
or suggestions?
-- Arthur T. - If address is munged, reply to: ar23hur "at" pobox "dot" com
- Next message: Peter James: "Re: Spammer motives"
- Previous message: Michael-NC: "Re: Computer Security - Tracking Software?"
- In reply to: Arthur T.: "Re: Firewall warnings about services.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
