Re: VM/Windows backdoor?

On Mon, 29 May 2006 19:37:16 +0000, Guy Macon wrote:




General Schvantzkoph wrote:

Guy Macon <http://www.guymacon.com/> wrote:

General Schvantzkoph wrote:

Guy Macon <http://www.guymacon.com/> wrote:

Alas, #2 and #3 cannot both be true; those few trusted sites are on
an Internet filled with other Windows systems. The last time I
tried a fresh install of Windows 2000 it got infected faster than
windowsupdate.microsoft.com could install the patches. Putting it
behing a dedicated firewall (FreSCO running on an old 486) fixed that.

Just curious about the details of how you caught that infection. It never
fails to amaze me that there are so many avenues for infecting a Windows
machine. When I talked about direct connections I meant on the same LAN or
via a VPN,

That would imply that you have a site on your LAN that does what
windowsupdate.microsoft.com does, and I don't believe that you do.

I didn't think that doing an update from a trusted site could
do any damage. But if you say it happened to you I'll believe you.

I specified the trusted site: windowsupdate.microsoft.com. Go ahead
and do a Windows 2000 install on a newly formatted drive from the
official microsoft CD. Then try going to windowsupdate.microsoft.com
and try to install all of the security updates before your system is
infected.

Infected from where?

From the millions of infected windows boxes on the Internet.

Microsoft Update isn't going to infect you.

You appear to be either unable to understand or unwilling to
accept the fact that other computers on the Internet can infect
your fresh-install-from-the-CD Windows installation.

I've installed Win2K [...] natively a number of times and
I've never had a problem.

I don't believe you.

Either you are behind a hardware firewall, or you don't conect to
the Internet to get updates from Microsoft, or you don't know how
to recognize an infection, or you are incredibly lucky, or you are
not telling the truth.

Of course I'm behind a hardware firewall, that goes without saying.
Routers cost almost nothing, why would anyone connect to the Internet
without one.

.

Relevant Pages

  • Re: Does anybody know what virus ive got?
    ... > Internet Security after I install it. ... Microsoft has these suggestions for Protecting your computer from the ... I'll mainly work around Windows XP, as that is what the bulk of this ...
    (microsoft.public.windowsxp.customize)
  • Re: #### Second Request###
    ... >> this page cannot be displayed" Microsoft Internet explorer...This ... > Empty your Internet Explorer Temporary Internet Files and make sure the ... > have to be the built-in Windows Firewall of Windows XP. ... > install a third-party application and configure/maintain it. ...
    (microsoft.public.windowsxp.general)
  • Re: Why is Windows XP crashing, freezing, incompatible with IE?
    ... I have been using Windows XP Home Edition for years and until several ... There are regular security updates for Internet ... Steps to take before you install Windows XP Service Pack 3 ... Firewall enabled, and then install IE8, and reboot TWICE. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Got virus - now have to boot up twice (after off/on)
    ... There is a very good chance that you are seeing the effects of a hijackware infection! ... NB: If you had no anti-virus application installed or the subscription had expired *when the machine first got infected* and/or your subscription has since expired and/or the machine's not been kept fully-patched at Windows Update, don't waste your time with any of the below: Format & reinstall Windows. ... this bootup problem is left. ... Combofix had me install the windows recovery console. ...
    (microsoft.public.windowsxp.general)
  • XP Pro not working properly
    ... I have purchased a copy of windows xp professional full ... version and did the upgrade from me installion myself just ... that internet explorer or the whole of windows didnt seem ... and which should i download drivers for before i install ...
    (microsoft.public.windowsxp.general)