Re: "we have been hacked"
From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 12/13/03
- Next message: DuH: "RE: sign in"
- Previous message: Pete Hornby: "Re: Microsoft FTP Server problem on W2K?"
- In reply to: Jeff Cochran: "Re: "we have been hacked""
- Next in thread: Jeff Cochran: "Re: "we have been hacked""
- Reply: Jeff Cochran: "Re: "we have been hacked""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 12 Dec 2003 20:01:22 -0500
Correct instructions for which virus?
I would think the instructions really should:
* not advise everyone to delete their hosts files... some people might need
some of those entries
* use antivirus to identify and detect the virus
* update antivirus and/or figure out why they were not protected against
being infected, or else they could very well be re-infected in a very short
time
Also, I'm not familiar with this trojan / virus that both uses a file named
SVCHOST.EXE and also modifies the hosts file. Which one is it? Or have
they possibly confused the welchia and qhosts removal instructions?
"Jeff Cochran" <jcochran.nospam@naplesgov.com> wrote in message
news:3fe1276d.195270804@msnews.microsoft.com...
> It's actually legit. I was suspicious that any hacked page would
> redirect like that, but those are the correct instructions.
- Next message: DuH: "RE: sign in"
- Previous message: Pete Hornby: "Re: Microsoft FTP Server problem on W2K?"
- In reply to: Jeff Cochran: "Re: "we have been hacked""
- Next in thread: Jeff Cochran: "Re: "we have been hacked""
- Reply: Jeff Cochran: "Re: "we have been hacked""
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
