Re: worm in memory

From: anonymousy (anonymous_at_discussions.microsoft.com)
Date: 10/29/04 

Date: Thu, 28 Oct 2004 16:56:39 -0700

Actually according to some of the newer trojans out there
the creators seem to be bragging that they are using
inject methods into popular browsers such as IE or
Netscape and when IE or Netscape is run the injected code
into the browser will always go back to a website silently
in the backround and download an infected file into memory
each time.

Some programs have gone out of there way to infect
multiple .exe files in this manner. It's very intimidating
and scary that people are doing this. Most of the newer
trojans kill firewalls, disabling .dat files, deleting
them or filling them with garbage and same with anti viri
dat files. Some even go out of their way to block them
from downloading updates or forcing programs to download
fake updates. Maybe this is the kind of thing the original
poster was worried about? An infected file in memory
loaded each time by a coded payload into something as
simple as IE which will automatically bypass standard
firewall settings and once in memory bypassing A/Vs.

>-----Original Message-----
>OK you got me -- call me a sophomoric poster ;-)
>
>We *all* make mistakes and I admit this one :-(
>
>Dave
>
>
>
>
>"Jo" <rty@invalid.jp> wrote in message
news:Xns958FE5B7E4907FlSxxx@207.46.248.16...
>| =?Utf-8?B?RGF2aWQgSC4gTGlwbWFu?=
<DLipman~nospam~@Verizon.Net> wrote
>| in news:76BD838B-F9DD-4EC5-BF97-
A1FCFDE1AC4F@microsoft.com:
>|
>| > unable to "perform its duties" and thus be impudent
>|
>| "Impudent" doesn't fit the context, dumbo. You probably
meant
>| "impotent". <sigh>
>
>
>.
>