hello,

i don't know if i am in the right place or not...

i'm just trying to find out if beagle worms are sent on purpose by
the sender (in order to benefit from the ports they open) or if they
are sent without the sender's knowledge.

i was sent the beagle worm three times by the same person (whom i
don't know), and i'm wondering if i'm "under attack" by this guy or
if it's a random thing.

i want to report him if it's on purpose, and someone told me this
website might be the place.

thanks, sorry if this is a dumb question.

lynn

As far as I'm aware, this "booting" method that is
used in yahoo is just text that is sent via instant
message to the person the want to "boot". This person
then gets the text that is sent to them but yahoo
doesnt like some text that is sent to it and then
crashes. Yahoo doesnt actually have a way to boot
anyone. It is just bad programming on yahoo's part.
I'm sorry to say that tere isnt much that you can do
except ignore this person and file a complaint. I know
that there is a lot of nice bells and wistles in yahoo
but until yahoo fixes all the problems with thee
messanger service, people will always get "booted".
This is like saying microsoft will release a operating
system and there wouldnt be any bugs in it. The
chances of it happening are slim. The best you can do
is make sure yahoo messanger is consistantly updated
and you ignore jerks that bug you so you dont get the
text the can crash yahoo. Hope this answers your
question.

--- joyce <jakuper20032000@...> wrote:

>
> I am having problems with this man coming in the
> Lesbian chatroom
> booting women out..for 2 weeks now..I have filed
> reports..and noone
> has done any thing about it....I create I destroy,
> bouttosmackdatass,y tunnel is
> moving,holdthisaight,creatingharddrivemeltdown,is a
> few of his
> names....
>
>
>
>




__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail

I guess you may not. You can try, but in general most of people
does not handle fixed IP, only people who keep online servers.
The best you can do is to try to reference IP to the country and/or
network provider.
Start command by typing cmd in command line, than start nslookup.
Inside nslookup write your IP and if you lucky, you will get server
name (like www.yahoo.akadns.net), this will help you to get to the
company and country. Of course, you can ask from the provider for
the log of their client who use specific IP in specific date/time
but I'm not sure they will share with you such information.

Good luck


--- In DoShelp@yahoogroups.com, "rksbmw" <rksbmw@y...> wrote:
>
> how do i find the owner of a specific ip address please?
> or location of originating computer to a certain terminal as
opposed
> to a town/area

I am having problems with this man coming in the Lesbian chatroom
booting women out..for 2 weeks now..I have filed reports..and noone
has done any thing about it....I create I destroy,
bouttosmackdatass,y tunnel is
moving,holdthisaight,creatingharddrivemeltdown,is a few of his
names....

how do i find the owner of a specific ip address please?
or location of originating computer to a certain terminal as opposed
to a town/area

You do relize of course how easy it is to modify your (the senders)
email address.  With the use of profiles and online (IMAP) email
services, like yahoo, hotmail, etc.  Many apps, including outlook
express, allow the user to easily modify their email address.

You can read the email header, it will list the source of the REAL
(email) server and COMPUTER IP which generated the email (Sender).

Good luck.

dw


--- In DoShelp@yahoogroups.com, "juanpablito40" <juanpablito40@y...>
wrote:
>
>
> Can sombody explain me how come I get replies from unknown spamers
> which have my domain as the original send address. I have updated
> norton antivirus in my computers, and I don't think is some kind of
> trojan using my computer to send e-mails. Besides the user name is
> they use is an old one that I don't use any more (old@m...)
> and it is not configured in outlook.
>
> Can they use my domain for spam without doing it directly from my
> computer, ie from the server where my domain is hosted, or from
some
> other server?
>
> Thanks

Can sombody explain me how come I get replies from unknown spamers
which have my domain as the original send address. I have updated
norton antivirus in my computers, and I don't think is some kind of
trojan using my computer to send e-mails. Besides the user name is
they use is an old one that I don't use any more (old@...)
and it is not configured in outlook.

Can they use my domain for spam without doing it directly from my
computer, ie from the server where my domain is hosted, or from some
other server?

Thanks

-----Original Message-----
From: Sushim G [mailto:sushimg@...]
Sent: Thursday, November 11, 2004 10:29 AM
To: Troy Billington
Subject: [DoShelp] Mail transfer

Dear Mr. Troy

 

Can u pls tell me what can i do if i want my webmail's sent items all

mail to be transfered to outlook express ?

 

I thought it could be syncronizing but it didnt helped.

 

Pls guide me if there is possibility.

 

Thanking you in anticipaion.

 

Regards

 

Sushim

Yahoo! India Matrimony: Find your life partner online.

Yahoo! India Matrimony: Find your life partner online.

I would suggest that you look into a hardware firewall (commonly
known as a 'gateway appliance') which would dictate policy for your
entire network and not allow users to simply 'shut-down' the firewall
so they can do what they want to.


--- In DoShelp@yahoogroups.com, "beans832001" <mhageness@s...> wrote:
>
> Thanks for the info DoShelp,
>
> Currently I don't have all computers updated to sp2, so I'll have
to
> put that on my get done list.  The network users are mostly
computer
> illiterate, so they have no clue of irc, and no peer-to-peer
> software.  I like the idea of signing a policy form, so I can maybe
> bring structure to some issues.  Any recommendations on a better
> firewall with application layer filtering?  I've been thinking
about
> going with software firewall for the desktops.  What would be the
> better choice hardware or software, or both?  Also, what AV
software
> would be a better choice for detecting trojan's then our Symantec
> Corp. Edition?
> Thanks a lot for the feedback!
>
>
> --- In DoShelp@yahoogroups.com, "Troy Billington" <doshelp@d...>
> wrote:
> > Hi Beans,
> >
> > Securing and patching your computers will help you the most.
also,
> > restricting what types of extensions can be received in mail
works
> well.  As
> > for restricting ports, that's not going to work
(easily/completely)
> many of
> > the trojans/worms I know of use well-known ports for this very
> reason ( see
> > http://www.doshelp.com/trojanports.htm)
> >
> > Besides patching and restricting what your users can do, a formal
> user
> > policy signed by all your users which details what and what may
not
> be done
> > on your network helps ALOT!  I did forget to ask, have you
scanned
> for
> > anyone using Peer-to-peer software such as napster,kazaa and  the
> like? also
> > IRC (chat rooms) should be a no-no, many worms/trojans I know of
> use the
> > default IRC ports and services (such as bots, scripts) which is a
> whole
> > other can of worms.
> >
> > Finally, if budget permits, I would suggest upgrading to a
firewall
> which
> > provides application-layer filtering as well as the
> standard 'stateful
> > packet inspection' type which prevents or reduces likelyhood of
DoS
> attacks.
> >
> > If you need more specific information, you can write me off the
list
> > DoShelp@D...
> >
> >
> > -----Original Message-----
> > From: beans832001 [mailto:mhageness@s...]
> > Sent: Wednesday, October 27, 2004 11:55 AM
> > To: DoShelp@yahoogroups.com
> > Subject: [DoShelp] Need help with Trojans/SPAM
> >
> >
> >
> >
> >
> > Hello,
> >  Just joined the group and wanted to ask a few questions on
> > spam/trojans.  I'm currently working part time as a network admin,
> > and I feel helpless in the fight against spam and trojans.  This
> > company has several computers infected with trojan viruses, many
of
> > the trojans seem to be spyware related.  Not a severe security
> issue,
> > but a huge nuisance (nothing like spending hours watching trojan
> > scanners).  I've had very good luck in removing viruses with the
> > online scanner HouseCall by Trendmicro, since our Symantec
Antivirus
> > Corporate Edition is about worthless.  My goal is to block trojans
> > before infecting computers.  1st option I could block ports on the
> > firewall, but I think that would cause a huge performance
reduction.
> > What are people's opinions on the performance issue?  The way I
see
> > it is if I block hundreds of ports each packet needs to be
checked
> on
> > the blocked port list.(Or am I wrong?).  2nd option getting a
> > realtime trojan scanner for every workstation.  Is this possible
> with
> > Norton running, and does anybody have any suggestions on a
realtime
> > trojan scanner?  Next, the spam issue! Fortunately the company I
> work
> > for pays a provider off site for email service.  The reason I'm
> happy
> > is about 20 people average about 70 spam emails a day and the
other
> > 70 people vary from 20 to 40 a day.  The email provider does have
a
> > spam solution, but it mostly labels the subject in emails SPAM,
and
> > regularly tags legit email making it an ineffective solution.  The
> > email provider uses Declude Junkmail ( I think it is junk!)
> > (http://www.declude.com).  I've been researching this device
> > Barracuda Firewall (http://www.barracudanetworks.com/) and it
looks
> > as though I can implement into our current email service.  Has
> > anybody used this equipment before and have any reviews on it?
I'm
> > also thinking about constructing an email server for the company
and
> > using the device.  Does anybody have any suggestions on software
for
> > an email server.  I have a Win2003 server and a Win2000 server.
Is
> > Linux the way to go for email servers?  I would greatly appreciate
> > some advice.
> >
> > Thanks!
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > Yahoo! Groups Links

Thanks for the info DoShelp,

Currently I don't have all computers updated to sp2, so I'll have to
put that on my get done list.  The network users are mostly computer
illiterate, so they have no clue of irc, and no peer-to-peer
software.  I like the idea of signing a policy form, so I can maybe
bring structure to some issues.  Any recommendations on a better
firewall with application layer filtering?  I've been thinking about
going with software firewall for the desktops.  What would be the
better choice hardware or software, or both?  Also, what AV software
would be a better choice for detecting trojan's then our Symantec
Corp. Edition?
Thanks a lot for the feedback!


--- In DoShelp@yahoogroups.com, "Troy Billington" <doshelp@d...>
wrote:
> Hi Beans,
>
> Securing and patching your computers will help you the most.  also,
> restricting what types of extensions can be received in mail works
well.  As
> for restricting ports, that's not going to work (easily/completely)
many of
> the trojans/worms I know of use well-known ports for this very
reason ( see
> http://www.doshelp.com/trojanports.htm)
>
> Besides patching and restricting what your users can do, a formal
user
> policy signed by all your users which details what and what may not
be done
> on your network helps ALOT!  I did forget to ask, have you scanned
for
> anyone using Peer-to-peer software such as napster,kazaa and  the
like? also
> IRC (chat rooms) should be a no-no, many worms/trojans I know of
use the
> default IRC ports and services (such as bots, scripts) which is a
whole
> other can of worms.
>
> Finally, if budget permits, I would suggest upgrading to a firewall
which
> provides application-layer filtering as well as the
standard 'stateful
> packet inspection' type which prevents or reduces likelyhood of DoS
attacks.
>
> If you need more specific information, you can write me off the list
> DoShelp@D...
>
>
> -----Original Message-----
> From: beans832001 [mailto:mhageness@s...]
> Sent: Wednesday, October 27, 2004 11:55 AM
> To: DoShelp@yahoogroups.com
> Subject: [DoShelp] Need help with Trojans/SPAM
>
>
>
>
>
> Hello,
>  Just joined the group and wanted to ask a few questions on
> spam/trojans.  I'm currently working part time as a network admin,
> and I feel helpless in the fight against spam and trojans.  This
> company has several computers infected with trojan viruses, many of
> the trojans seem to be spyware related.  Not a severe security
issue,
> but a huge nuisance (nothing like spending hours watching trojan
> scanners).  I've had very good luck in removing viruses with the
> online scanner HouseCall by Trendmicro, since our Symantec Antivirus
> Corporate Edition is about worthless.  My goal is to block trojans
> before infecting computers.  1st option I could block ports on the
> firewall, but I think that would cause a huge performance reduction.
> What are people's opinions on the performance issue?  The way I see
> it is if I block hundreds of ports each packet needs to be checked
on
> the blocked port list.(Or am I wrong?).  2nd option getting a
> realtime trojan scanner for every workstation.  Is this possible
with
> Norton running, and does anybody have any suggestions on a realtime
> trojan scanner?  Next, the spam issue! Fortunately the company I
work
> for pays a provider off site for email service.  The reason I'm
happy
> is about 20 people average about 70 spam emails a day and the other
> 70 people vary from 20 to 40 a day.  The email provider does have a
> spam solution, but it mostly labels the subject in emails SPAM, and
> regularly tags legit email making it an ineffective solution.  The
> email provider uses Declude Junkmail ( I think it is junk!)
> (http://www.declude.com).  I've been researching this device
> Barracuda Firewall (http://www.barracudanetworks.com/) and it looks
> as though I can implement into our current email service.  Has
> anybody used this equipment before and have any reviews on it?  I'm
> also thinking about constructing an email server for the company and
> using the device.  Does anybody have any suggestions on software for
> an email server.  I have a Win2003 server and a Win2000 server.  Is
> Linux the way to go for email servers?  I would greatly appreciate
> some advice.
>
> Thanks!
>
>
>
>
>
>
>
>
>
>
>
> Yahoo! Groups Links

-----Original Message-----
From: Digital Support [mailto:Digital.support@...]
Sent: Thursday, October 28, 2004 11:26 PM
To: DoShelp@yahoogroups.com
Subject: Re: [DoShelp] Need help with Trojans/SPAM

 Ya may want to try SpyBot Search and Destroy wit teatimer..  works for me.  Have over 1100 now on my blacklist..

----- Original Message -----

From: beans832001

To: DoShelp@yahoogroups.com

Sent: Wednesday, October 27, 2004 10:54 AM

Subject: [DoShelp] Need help with Trojans/SPAM

Hello,
      Just joined the group and wanted to ask a few questions on
spam/trojans.  I'm currently working part time as a network admin,
and I feel helpless in the fight against spam and trojans.  This
company has several computers infected with trojan viruses, many of
the trojans seem to be spyware related.  Not a severe security issue,
but a huge nuisance (nothing like spending hours watching trojan
scanners).  I've had very good luck in removing viruses with the
online scanner HouseCall by Trendmicro, since our Symantec Antivirus
Corporate Edition is about worthless.  My goal is to block trojans
before infecting computers.  1st option I could block ports on the
firewall, but I think that would cause a huge performance reduction. 
What are people's opinions on the performance issue?  The way I see
it is if I block hundreds of ports each packet needs to be checked on
the blocked port list.(Or am I wrong?).  2nd option getting a
realtime trojan scanner for every workstation.  Is this possible with
Norton running, and does anybody have any suggestions on a realtime
trojan scanner?  Next, the spam issue! Fortunately the company I work
for pays a provider off site for email service.  The reason I'm happy
is about 20 people average about 70 spam emails a day and the other
70 people vary from 20 to 40 a day.  The email provider does have a
spam solution, but it mostly labels the subject in emails SPAM, and
regularly tags legit email making it an ineffective solution.  The
email provider uses Declude Junkmail ( I think it is junk!)
(http://www.declude.com).  I've been researching this device
Barracuda Firewall (http://www.barracudanetworks.com/) and it looks
as though I can implement into our current email service.  Has
anybody used this equipment before and have any reviews on it?  I'm
also thinking about constructing an email server for the company and
using the device.  Does anybody have any suggestions on software for
an email server.  I have a Win2003 server and a Win2000 server.  Is
Linux the way to go for email servers?  I would greatly appreciate
some advice.

Thanks!










__________ NOD32 1.910 (20041028) Information __________

This message was checked by NOD32 antivirus system.
http://www.nod32.com

It's most likely a forgery using your e-mail address...you get junk mail
right?...well the same people and their methods can also result in your
address being forged in the delivery of such mail.  Don't respond to them.


-----Original Message-----
From: berryorr [mailto:berryorr@...]
Sent: Saturday, October 30, 2004 10:44 AM
To: DoShelp@yahoogroups.com
Subject: [DoShelp] Have I become a Relay?





I got a message in Yahoo that said "Original message returned because
there was problem with delivery...etc". I know I did not send this E-
mail.  I have scanned with AVG, House Call, SpyBot, AdAware,
BitDefender,Bazooka, The Cleaner...none have found anything.
Am I being used as a Spam Relay? How can I tell/find  it?
Thanks










Yahoo! Groups Links

I got a message in Yahoo that said "Original message returned because
there was problem with delivery...etc". I know I did not send this E-
mail.  I have scanned with AVG, House Call, SpyBot, AdAware,
BitDefender,Bazooka, The Cleaner...none have found anything.
Am I being used as a Spam Relay? How can I tell/find  it?
Thanks

----- Original Message -----

From: beans832001

To: DoShelp@yahoogroups.com

Sent: Wednesday, October 27, 2004 10:54 AM

Subject: [DoShelp] Need help with Trojans/SPAM

Hello,
      Just joined the group and wanted to ask a few questions on
spam/trojans.  I'm currently working part time as a network admin,
and I feel helpless in the fight against spam and trojans.  This
company has several computers infected with trojan viruses, many of
the trojans seem to be spyware related.  Not a severe security issue,
but a huge nuisance (nothing like spending hours watching trojan
scanners).  I've had very good luck in removing viruses with the
online scanner HouseCall by Trendmicro, since our Symantec Antivirus
Corporate Edition is about worthless.  My goal is to block trojans
before infecting computers.  1st option I could block ports on the
firewall, but I think that would cause a huge performance reduction. 
What are people's opinions on the performance issue?  The way I see
it is if I block hundreds of ports each packet needs to be checked on
the blocked port list.(Or am I wrong?).  2nd option getting a
realtime trojan scanner for every workstation.  Is this possible with
Norton running, and does anybody have any suggestions on a realtime
trojan scanner?  Next, the spam issue! Fortunately the company I work
for pays a provider off site for email service.  The reason I'm happy
is about 20 people average about 70 spam emails a day and the other
70 people vary from 20 to 40 a day.  The email provider does have a
spam solution, but it mostly labels the subject in emails SPAM, and
regularly tags legit email making it an ineffective solution.  The
email provider uses Declude Junkmail ( I think it is junk!)
(http://www.declude.com).  I've been researching this device
Barracuda Firewall (http://www.barracudanetworks.com/) and it looks
as though I can implement into our current email service.  Has
anybody used this equipment before and have any reviews on it?  I'm
also thinking about constructing an email server for the company and
using the device.  Does anybody have any suggestions on software for
an email server.  I have a Win2003 server and a Win2000 server.  Is
Linux the way to go for email servers?  I would greatly appreciate
some advice.

Thanks!










__________ NOD32 1.910 (20041028) Information __________

This message was checked by NOD32 antivirus system.
http://www.nod32.com

Hi Beans,

Securing and patching your computers will help you the most.  also,
restricting what types of extensions can be received in mail works well.  As
for restricting ports, that's not going to work (easily/completely) many of
the trojans/worms I know of use well-known ports for this very reason ( see
http://www.doshelp.com/trojanports.htm)

Besides patching and restricting what your users can do, a formal user
policy signed by all your users which details what and what may not be done
on your network helps ALOT!  I did forget to ask, have you scanned for
anyone using Peer-to-peer software such as napster,kazaa and  the like? also
IRC (chat rooms) should be a no-no, many worms/trojans I know of use the
default IRC ports and services (such as bots, scripts) which is a whole
other can of worms.

Finally, if budget permits, I would suggest upgrading to a firewall which
provides application-layer filtering as well as the standard 'stateful
packet inspection' type which prevents or reduces likelyhood of DoS attacks.

If you need more specific information, you can write me off the list
DoShelp@....


-----Original Message-----
From: beans832001 [mailto:mhageness@...]
Sent: Wednesday, October 27, 2004 11:55 AM
To: DoShelp@yahoogroups.com
Subject: [DoShelp] Need help with Trojans/SPAM





Hello,
	 Just joined the group and wanted to ask a few questions on
spam/trojans.  I'm currently working part time as a network admin,
and I feel helpless in the fight against spam and trojans.  This
company has several computers infected with trojan viruses, many of
the trojans seem to be spyware related.  Not a severe security issue,
but a huge nuisance (nothing like spending hours watching trojan
scanners).  I've had very good luck in removing viruses with the
online scanner HouseCall by Trendmicro, since our Symantec Antivirus
Corporate Edition is about worthless.  My goal is to block trojans
before infecting computers.  1st option I could block ports on the
firewall, but I think that would cause a huge performance reduction.
What are people's opinions on the performance issue?  The way I see
it is if I block hundreds of ports each packet needs to be checked on
the blocked port list.(Or am I wrong?).  2nd option getting a
realtime trojan scanner for every workstation.  Is this possible with
Norton running, and does anybody have any suggestions on a realtime
trojan scanner?  Next, the spam issue! Fortunately the company I work
for pays a provider off site for email service.  The reason I'm happy
is about 20 people average about 70 spam emails a day and the other
70 people vary from 20 to 40 a day.  The email provider does have a
spam solution, but it mostly labels the subject in emails SPAM, and
regularly tags legit email making it an ineffective solution.  The
email provider uses Declude Junkmail ( I think it is junk!)
(http://www.declude.com).  I've been researching this device
Barracuda Firewall (http://www.barracudanetworks.com/) and it looks
as though I can implement into our current email service.  Has
anybody used this equipment before and have any reviews on it?  I'm
also thinking about constructing an email server for the company and
using the device.  Does anybody have any suggestions on software for
an email server.  I have a Win2003 server and a Win2000 server.  Is
Linux the way to go for email servers?  I would greatly appreciate
some advice.

Thanks!











Yahoo! Groups Links

Hello,
	 Just joined the group and wanted to ask a few questions on
spam/trojans.  I'm currently working part time as a network admin,
and I feel helpless in the fight against spam and trojans.  This
company has several computers infected with trojan viruses, many of
the trojans seem to be spyware related.  Not a severe security issue,
but a huge nuisance (nothing like spending hours watching trojan
scanners).  I've had very good luck in removing viruses with the
online scanner HouseCall by Trendmicro, since our Symantec Antivirus
Corporate Edition is about worthless.  My goal is to block trojans
before infecting computers.  1st option I could block ports on the
firewall, but I think that would cause a huge performance reduction.
What are people's opinions on the performance issue?  The way I see
it is if I block hundreds of ports each packet needs to be checked on
the blocked port list.(Or am I wrong?).  2nd option getting a
realtime trojan scanner for every workstation.  Is this possible with
Norton running, and does anybody have any suggestions on a realtime
trojan scanner?  Next, the spam issue! Fortunately the company I work
for pays a provider off site for email service.  The reason I'm happy
is about 20 people average about 70 spam emails a day and the other
70 people vary from 20 to 40 a day.  The email provider does have a
spam solution, but it mostly labels the subject in emails SPAM, and
regularly tags legit email making it an ineffective solution.  The
email provider uses Declude Junkmail ( I think it is junk!)
(http://www.declude.com).  I've been researching this device
Barracuda Firewall (http://www.barracudanetworks.com/) and it looks
as though I can implement into our current email service.  Has
anybody used this equipment before and have any reviews on it?  I'm
also thinking about constructing an email server for the company and
using the device.  Does anybody have any suggestions on software for
an email server.  I have a Win2003 server and a Win2000 server.  Is
Linux the way to go for email servers?  I would greatly appreciate
some advice.

Thanks!

Hello group:

 I have a 133MHZ Intel processor based comp.It had MS98 earlier but after changing the new HD it has Windows Me on it.

It was working fine but lately it shows a funny desktop.It doesnt let me restore my earlier settings. It says it has some Kernell error.

How to solve this problem?

regards

 

Yahoo! India Matrimony: Find your life partner online.

--- Sushim G <sushimg@...> wrote:
> Dear troy,
>
> Till date u've done a great job for n number of
> people.
> Last time u sent that link of moosoft, it is really
> worh.
> It worked fine.
> One thing i want to make sure with u, on windows
> 2000 proff. Machine when i do right click and click
> on property i m getting error as Rundll32.exe file
> missing ,where it is there in its windows directory
> and size is also proper. So is it because of virus
> or its windows prob.
>
>
> Thanking u in anticipation.
>
>
> Sushim
>
> Yahoo! India Matrimony: Find your life
partneronline.

Dear mr Sushim


My names is Marian Vacarus ,i am from Romanian and i
hapiness for you.

The problem for your computer is windows no virus.

______________________________________________________________________
Post your free ad now! http://personals.yahoo.ca

Dear troy,

 

Till date u've done a great job for n number of people.

Last time u sent that link of moosoft, it is really worh.

It worked fine.

One thing i want to make sure with u, on windows 2000 proff. Machine when i do right click and click on property i m getting error as Rundll32.exe file missing ,where it is there in its windows directory and size is also proper. So is it because of virus or its windows prob.

 

 

Thanking u in anticipation.

 

 

Sushim

Yahoo! India Matrimony: Find your life partner online.

Yahoo! India Matrimony: Find your life partner online.

Hi Tim,


Sorry for the late reply, I've been extremely busy here..yes if the file is
quarantined then there is no risk of further infection/harm from it.  You
can just empty your quarantined files and delete it permanently if you like.


-----Original Message-----
From: skeptic118 [mailto:tim.grant@...]
Sent: Friday, October 01, 2004 8:37 PM
To: DoShelp@yahoogroups.com
Subject: [DoShelp] Re: re trojan virus





Thanks Troy,

downloaded The Cleaner as you advised.  I still have the items
showing in my Symantic virus history log, and it states that they are
quarantined, but still infected, is that ok??

P.S. i wish I had found this group a long time ago, lots of great
info and good advice!!




--- In DoShelp@yahoogroups.com, "Troy Billington" <doshelp@d...>
wrote:
> Greetings,
>
> Try using 'The Cleaner' from http://www.moosoft.com It gets nasty
> trojans out where others fail.
>
>









Yahoo! Groups Links

Thanks Troy,

downloaded The Cleaner as you advised.  I still have the items
showing in my Symantic virus history log, and it states that they are
quarantined, but still infected, is that ok??

P.S. i wish I had found this group a long time ago, lots of great
info and good advice!!




--- In DoShelp@yahoogroups.com, "Troy Billington" <doshelp@d...>
wrote:
> Greetings,
>
> Try using 'The Cleaner' from http://www.moosoft.com It gets nasty
> trojans out where others fail.
>
>

Greetings,

The answer is simple, either they are in another country which does
not have laws which govern this crime...or 'Big Brother' is too busy
with other more important things!

This is why I setup http://www.DoShelp.com/Scams-Fraud where people
can report such sites/e-mails. I then contact administration and shut
down the sites.

This proves highly effective since a majority of the scams operate
from the same sites, so when I kill one site it safeguards people
against litterally DOZENS of e-mail scam variants.



--- In DoShelp@yahoogroups.com, Mark Panitz <mpanitz@j...> wrote:
> of course we have all seem these phising scams but those people are
> violating at least
> some laws -both state and federal laws yet we never hear about Law
> enforcement going pursing
> a phising case.  is because the FBI and Secret Service cant agree
whose
> jurisdiction its it?
> the phising poster is certainly violating lots of criminal laws..
> like id theft (a federal crime)
> yet it seems that the government leaves up to the bank/company who
page
> was
> phisined..
>
> ________________________________________________________________
> Get your name as your email address.
> Includes spam protection, 1GB storage, no ads and more
> Only $1.99/ month - visit http://www.mysite.com/name today!

Greetings,

Try using 'The Cleaner' from http://www.moosoft.com It gets nasty
trojans out where others fail.


--- In DoShelp@yahoogroups.com, "skeptic118" <tim.grant@t...> wrote:
> i have had a trojan.Ascetic.A and a W32.Sober.G@mm virus get into
my
> system.  It would appear that my anti virus software (Symantec)is
> detecting it but will not remove it.  I have tried  to manually
> remove them by following the instructions on my softwares homepage
> but to no avail!
>
> I need some help, pleeeeaaassseee!!!

of course we have all seem these phising scams but those people are
violating at least
some laws -both state and federal laws yet we never hear about Law
enforcement going pursing
a phising case.  is because the FBI and Secret Service cant agree whose
jurisdiction its it?
the phising poster is certainly violating lots of criminal laws..
like id theft (a federal crime)
yet it seems that the government leaves up to the bank/company who page
was
phisined..

________________________________________________________________
Get your name as your email address.
Includes spam protection, 1GB storage, no ads and more
Only $1.99/ month - visit http://www.mysite.com/name today!

i have had a trojan.Ascetic.A and a W32.Sober.G@mm virus get into my
system.  It would appear that my anti virus software (Symantec)is
detecting it but will not remove it.  I have tried  to manually
remove them by following the instructions on my softwares homepage
but to no avail!

I need some help, pleeeeaaassseee!!!

--- In DoShelp@yahoogroups.com, "Troy Billington" <doshelp@d...>
wrote:
> Dear valued eBay member,Hi Mark,
>
> It is a phishing scam, do not respond to it, forward it to
> report@d...
I do respond but phony data or the words you are idiot
  as my name and address and city etc. and sometimes for
for birthdate  use 2/30/3000 (a date that doesnt really exisit)
and of course no credit cards used either
for that I just used  odd numbers
like 13557659659 etc

Release Date:
August 23, 2004

Severity:
Critical (Potential web-based e-mail worm)

Systems Affected:
Other web-based e-mail systems may be vulnerable.
Internet Explorer and any software application used for reading Yahoo
e-mail messages.
(The ActiveX payload is relevant only for Internet Explorer)

Finjan Software notification sent to Yahoo! on May 24, 2004.

Status:
Yahoo! has already patched their Web-based e-mail services
on July 16, 2004.
Other web-based e-mail systems may be vulnerable.


Description:
Finjan Software identified a new critical cross site scripting
vulnerability in Yahoo's Web-based e-mail service.
This vulnerability allowed hackers to develop an attack that could
have caused significant computer damage during regular Internet use.


This vulnerability resulted from the failure of Yahoo's active
content filter to adequately block ActiveX controls and other active
content components, and affected all Windows based system platforms
that read e-mail messages using Yahoo Web-mail service. Active X
controls are downloadable programs that run with the same rights and
privileges as the user, allowing access to files and personal
information stored on a local hard drive or shared folder.  A no-
click attack could have launched automatically once a user opened an
e-mail message.
For example, the vulnerability could have also potentially allowed a
worm to read Windows address book, replicate and send itself to
everyone in the address book, and have this process repeat at an
exponential rate.  It could have also harvested email addresses from
local files, just like any other worm, and use the Yahoo web-mail
vulnerability to send the email messages. Other web-based e-mail
systems may be vulnerable to this vulnerability.



Technical details:
The potential worm could do anything that the user could do.
It is a potentially automatic attack.
Users had to simply read the infected email message.
This was a cross-site scripting vulnerability of the Yahoo! Web-based
e-mail service.
There are two variants of this vulnerability.
The purpose of Yahoo's active content filter is to block the
injection of any active content into Yahoo! messages.
However, the basic failure that allowed this vulnerability is that
there was no blocking of a backslash that is used instead of the
import rule.

An example:
<style><!--@\ "http://www.finjan.com/mcrc/file.css";--></style>

The injected JavaScript code inside the CSS file is responsible for:

-Getting cookies.
-Automatic launching of malicious code.
-A possible identity theft using a spoofed re-login window.
-Sending an e-mail message.
The injected ActiveX control can be used for a destructive payload of
the propagating worm.
The basic attack does not require an ActiveX control.
The ActiveX control is the payload that can be used to extend the
attack to non-web mail users, or to perform any malicious activity,
including formatting of the hard disk.
Upon using the ActiveX control, end user may get a security warning.
It depends on the security setting of the browser.

An example:
http://www.finjan.com/SecurityLab/SecurityTestingCenter/activex.asp
(Click on the 'test me' button after reading the disclaimer)

Credit:
Bitlance Winter provided the initial tip.
Finjan Software's  Malicious Code Research Center (MCRC) has expanded
it.

Protection:
This specific vulnerability has been eliminated by Yahoo based on
Finjan Software notification.
Finjan's content security products provided proactive defense against
this Yahoo! vulnerability prior to its detection and correction.
Finjan's patented behavior blocking engine will protect computer
users from similar future vulnerabilities and comparable potential
exploits.



Credit: Bitlance Winter , Dror Shalev and Menashe Eliezer.


Finjan Software
Malicious Code Research Center (MCRC) department
http://www.finjan.com/mcrc
Prevention is the best cure!

-----Original Message-----
From: Mark Panitz [mailto:mpanitz@...]
Sent: Saturday, August 21, 2004 10:22 PM
To: DoShelp@yahoogroups.com
Subject: [DoShelp] I think this is a phising attempted but I'm not sureFw: Record out of date

Hello I hope someone can help me here I think the following is a phising attempted but I'm not sure

can anyone verify this/

 

ebayrecoard@...>

To: mpanitz@...

Date: 21 Aug 2004 18:48:59 -0000

Subject: Record out of date

Message-ID: <20040821184859.16924.qmail@...>

Received: from mx02.lax.untd.com (mx02.lax.untd.com [10.130.24.62])
        by maildeliver19.lax.untd.com with SMTP id AABAURF2WAJ4KAWS
        for <mpanitz@...> (sender <anonymous@...>);
        Sat, 21 Aug 2004 11:40:20 -0700 (PDT)
Received: from plesk.marochost.org (ev1s-207-44-196-78.ev1servers.net [207.44.196.78])
        by mx02.lax.untd.com with SMTP id AABAURF2WADG7J2S
        for <mpanitz@...> (sender <anonymous@...>);
        Sat, 21 Aug 2004 11:40:20 -0700 (PDT)
Received: (qmail 16925 invoked by uid 48); 21 Aug 2004 18:48:59 -0000

MIME-Version: 1.0

Content-Type: text/html

Content-Transfer-Encoding: 8bit

X-MAIL-INFO: 4700e1e131d0fdc065a9f139496524dd75505089f440b1dd946580a4dded05b438d57d89f4399d3830897410304545b9c1d95d807439e185800159343db00db9c144913df5b99575f5bdbde4ade5d5e19544b484e1e05090cdcdc940adf1b06500e1e1317d595175386d24f1c950357451c9c9c49d2d6dd48015dd31541d7df56d54547481401519d9ad2095e920e1e9e0e5f0e5f18d004449f959f1f950f1a961fd616531

X-ContentStamp: 3:5:579386860

Return-Path: <anonymous@...>

Message-ID: <20040821184859.16924.qmail@...>

 

Dear valued eBay member,
It has come to our attention that your eBay Billing Information records are out of date. That requires you to update the Billing Information If you could please take 5-10 minutes out of your online experience and update your billing records, you will not run into any future problems with eBay's online service. However, failure to update your records will result in account termination. Please update your records in maximum 24 hours. Once you have updated your account records, your eBay session will not be interrupted and will continue as normal. Failure to update will result in cancellation of service, Terms of Service (TOS) violations or future billing problems.
Please click here to update your billing records.

secure.ebay.com

Thank you for your time!
Marry Kimmel,
eBay Billing Department team.

As outlined in our User Agreement, eBay will periodically send you information about site changes and enhancements. Visit our Privacy Policy and User Agreement if you have any questions.

Copyright 2004 eBay Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
eBay and the eBay logo are trademarks of eBay Inc

Announcements | Register | Shop eBay-o-rama | Security Center | Policies | PayPal Feedback Forum | About eBay | Jobs | Affiliates Program | Developers | eBay Downloads | eBay Gift Certificates My eBay |  Site Map Browse |  Sell |  Services |  Search |  Help |  Community   Copyright © 1995-2004 eBay Inc. All Rights Reserved. Designated trademarks and brands are the property of their respective owners. Use of this Web site constitutes acceptance of the eBay User Agreement and Privacy Policy.