Track down activity from ports 3120, 3466, 3470
there is a better group for this to be posted to, please let me know.
I have McAfee AntiVirus Enterprise version installed. It is updated daily
and is configured to scan "All" files. I run SpyBot Search & Destroy on a
weekly. I have Windows XP firewall enabled. Our corporate LAN is behind a
Cisco router with the IOS firewall installed.
I just installed "Intrusion Catcher 2" and every time I open the web browser
I get several hits from various remote sites, port 80, trying to open a
connection to port 3120, 3466, or 3470 on my PC. All of these ports are
related to various backdoor Trojans.
I feel that my PC is clean, but I don't know how these remote sites would be
alerted that I'm going on-line unless I have some rouge program running on
it. I've used both TCPView and FPort to list the open ports and none of the
above ports are in use.
Is this a threat? Do I have a Trojan on my PC? How can I protect our PCs
from this attack/probe?
I'll put a packet sniffer on it as soon as I get some more time.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Harvey Colwell --- SDS, Inc
Web: http://www.sds400.com/
Eml: harveyc@sds400.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Tag: virus Tag: 32070
XP Firewall connection termination
I have a XP firewall configured to allow a bunch of standard ports.
Why does XP firewall respond with syn_ack to a syn request to the ftp
port as though a service is present. It sends resets for other ports
like HTTP, HTTPS etc ??? Tag: virus Tag: 32069
security settings-active x controls
I hope you will bear with me on this as I am a fairly new
user.
I have been receiving the following message at least once
or twice each time I am online. My operating system is
WindowsMe, although I don't think that makes any
difference regarding this problem. The message states:
"Your current security settings prohibit running Active
X Controls on this page. As a result page may not load
correctly".
The settings I have are all in the medium range.
Any explanation for this problem would be greatly
appreciated. Tag: virus Tag: 32067
recent update
hello.
when I updated the the most recent IE something occurs
that I cannot connect to my websites for upgrading. At
first I thought it was my privacy service in the MacAffee
program but found that eliminating that did not help.
I then did a system restore and all was well... when the
program called for an IE upgrade my problem occurred yet
once again. to this date I have not upgraded my IE due
to my need updating my website.
Can anyone help. Tag: virus Tag: 32062
MS03-037 Patch Verification
Security Bulletin MS03-037 contains 6 different patches
for various products (office 2000, office XP, visio 2002,
etc) and Microsoft recommends applying multiple patches if
you have the specific product installed.
How do you verify a specific patch has been installed on a
particular computer? The bulletin says to check one file
(vbe6.dll) for all of the different patches. Do the
patches modify other files? How can I determine whether or
not both the Office 2000 patch AND the Visio 2002 patch
have been installed?
Thanks! Tag: virus Tag: 32058
Data Transfer Through Routers
I have an MN-100 microsoft 4 port router and i am unable
to recieve direct connection file transfers ex. through
icq. If someone knows how to enable these can you please
let me know at my email address above. Thanks Tag: virus Tag: 32057
what is required to install ms03-037
right now out users are on Office 2000 sp2 and windows
2000 Sp2. After reviewing all the matrial on ms03-037 it
shows that I need to install office 2000 sp3. In order to
install office 200 sp3 I need to install the latest
version of MSI which in turn requires windows 2000 SP3.
Is this right? Is a fix available for earlier versions of
office 2000?
What ever happend to security hotfixes that where not
dependant on service pak?
chuck richards
OTIS Elevator Tag: virus Tag: 32056
Microsoft Please re-evaluate your rating system.
Sorry to gripe about this but with so many "Critical"
patches from Microsoft it is impossible to properly asses
the impact of each of the hotfixes. Every time Microsoft
declares a patch "critical" it means to me at least two
more weeks of unproductive time for my team while they
patch servers.
In my assesment it looks like we could reclassify 80% of
these 'critical' patches as 'significantly important' and
leave the 'crtital' rating for the 20% of patches that are
drop-dead urgent, do it now!
chuck richards
OTIS Elevator Tag: virus Tag: 32055
Hiding domains
I have 2 domains on the same LAN sharing the same IP
address range. One is NT4 with Win98 stations, the other
is 2003 with XP stations. There is NO trust set up
between them.
Is it possible to hide the domains from each other so
that users cannot see the other domain when browsing with
Explorer or My Network Places? Tag: virus Tag: 32048
Networking to a machine know to be infected with a virus
Here's a puzzle: A friend has an old W98 machine which he is sure has a
virus infection. (Hardly surprising, he's never put an antivirus on it,
despite my pleading.) He's a good friend, so I (still) want to help him get
his data back, if possible.
Trouble is, the floppy doesn't work, nor does the CD drive. Network or
modem is the only way in or out.
I've considered asking him to do an online scan via Symantec or McAfee
websites, then download the specific removal tools. Alternatively I could
put an Antivirus, definitions-file and firewall on an FTP site and download
them from there onto the machine. However I don't think it's that
socially-responsible to allow his machine to spray more viruses at the world
while he's online. So, I've been considering connecting by cable to (gulp!)
my fully-patched XP Pro machine with the latest AV and definitions, and
scanning it as a mounted drive. I use a workgroup rather than a domain.
Is this madness? If not, what precautions should I take? I've thought of
running the W98 box as a user with low access rights on my XP box, and
setting the firewall to distrust that machine. Any comments?
--
######################
## PH, London ##
###################### Tag: virus Tag: 32047
Breakin attempts
My windows XP Pro machine started rebooting, upon
investigation of the Log files the problem was lage
number of logon failures filling up the security log
file. Adjusting logging properties corrected that issue.
BUT.......
How can I eliminate these bogus logon attempts? They are
all from 2 "workstations" not on my local network? Tag: virus Tag: 32039
RSA Security Tokens
Hi,
Is there any alternative or similar product for RSA security tokens/ Ace
server ?
Their product is good but expensive.
Any help would be appreciated,
Ali Tag: virus Tag: 32037
~tilde desktop fix Beta
this procedure seems to be working so i thought i post it. this
procedure addresses two problems: the creation of bogus address cards
with nothing or just symbols...not good; the formation of the file
itself on the desktop.
1) if ~ is on your desktop delete it.
2) go to find and type these three symbols "~" and hit find becuase it
does not always wind up on desktop and you could have duplictes and
delete it/them
3)delete the OE shortcut on desktop...you'll get back later
4)go to windows explorer and open outlook express folder and if you see
a file ~ delete it.
5)open WAB and look for any unknown or unidentifiable address cards
and delete them and close WAB. you may now see a new file ~ created
there on the list. if you do not, don't worry about it. it will be
created later.
6)go to the OE icon(envelope) and "send it" to the desktop. if you use
"create shortcut" this procedure may not work because of labeling.
The new icon should now read "Shortcut to msimn.exe"
this outcome has not created those very disturbing bogus address cards
yet or anyone else i've asked to try this. but if it does, you may need
to download some language support from MS whether you use only english
or not. my tests show it can make a difference.
i suspect that the file is open to changes as it sits on the desktop
from sources other than updates from WAB changes. i used w98se and IE6.
good luck
--
Posted via http://dbforums.com Tag: virus Tag: 32035
putting a password on a folder located on my desktop
I need to know how to password protect a folder located
on my desktop. I went into properties but was unable to
find the correct method. Please get back to me ASAP.
Thank you Tag: virus Tag: 32034
IPSec problem
On XP Home Edition computer: Did Windows Update, but it
failed towards the end. Now it disconnects dialup
connection every time I try to scan for updates on Windows
Update page. In event logs, there is a Failure Audit,
event ID 615, "IPSec Services failed to get the complete
list of network interfaces on this machine...", followed
one second later by an Information event that the
connection to the ISP was disconnected. This is the best
clue I have as to what is going wrong -- now I just need
to figure out how to put it right? Tag: virus Tag: 32032
strange happenings OR blaster virus.
Hi all,
Home user-:WinXP,128MB RAM, SP-1,DUN , ICF ENABLED
2 weeks ago ,i was surfing the net when all of a sudden my system popped
this message ,[see file attached]of system shutdown. As usual i am quite
skeptical about such unknown messages. Once or twice previously i have recd
a hoax message from my AVG Antivirus of virus detected while surfing the
net and i just press the "restart" button , to stop the virus from if any,
from attack...This time also i was about to press the restart button but the
since the message was of shutdown and the popup screen also seemed to be
normal i felt may be something related to Dial up networking must have
crashed or something else[but still i was doubtful].
My pc shut down and upon reboot it functioned normally.....2 days later
after a normal morning session, when i put on my Pc in the evening it kept
restarting exactly just after/at the point the black screen comes showing
"windows xp professional".In between these 2 events my AV [Avast 4.0] was
updated for Blaster virus and i had also searched my pc for msblast.exe file
if any and found nothing.
This kept on happening even on safe mode, last good known config, etc.....In
short the Desktop was never seen and before it the PC rebooted.
I booted from Cd for a fresh installation and to my surprise i was shown
only 2 partitions of my total 3 partitions[C:2gb,D:7.81gb,E:6.24gb,] for
installing windows. The E: drive is where my windows XP is loaded and also
all my program files....and this drive was not shown to me. The D: drive is
the dump drive and C: for sundry items.
This was quite a bit surprising as to how This E: disappeared. Now i was
given a choice to either install on the remaining 2 drives or create a new
partition in the balance space... Since i didnt want to take risk, i
preferred to install on C:\ .
At that time the drive had more than 1Gb free space.. Half a middle of the
installation Win xp restarted and then again after booting from the cd i was
shown the 2 choices only C & D. This time however the C: has free space
about 600mb or something.... and i didnt know why XP didnt continue the
installation again...[the free space was gone , may be i think on a/c of
the installation files or what ??? i dont know ] Nevertheless i had to
choose C: again for a fresh installation and opted to format the drive [ no
option ] and loose my files.
This time installation was sucessful and lo ! the explorer window showed me
all my partitions including E:...Even my programs installed were also
functioning properly including the AV
I again searched the Pc for msblast.exe and also got the system scanned by
my AV..But nothing was found....
I then again installed WINXP on E: after a quick format of the partition and
formatted C: and till date my Pc is working fine...
The reason for putting this info is since i came to know from the MS SITE
that the blaster virus also gives such a shutdown message.........
Was my Pc infected or something else ???? [i have a Dial up networking
connection for the net and at all time my XP firewall was enabled, i have
never closed it. ]
The question is what exactly can cause such a message apart from the
virus???[Note: i didnt close any services from the windows task manager or
any such other manhandlings. ]
Next is what this problem on my Pc was.? especially the disappearing of my
partition and again resurfacing , that too intact with all my settings,
programs,etc.
[ i had also not touched any of my hardware , in short everything status
quo ]
thanks n regards
begin 666 system_shutdown.gif
M1TE&.#=A&@$"`?<``````.CEU5Y]V$=6R'0``*Z*BH.@Y'165LOFYI6WZ]X`
M`&MNLWF'WC,``/C___]#0[T``+N5BHVGY7J=WZN_[-Q#0S\^.FUTS:4``)R<
MU?DK*KU+2\"]KY6SZ&:)WWZ=Y?]F9K"NH;TC(3,G),74\N 7%Y-S<Z;6UDA>
MRJTE(G5YO86KZ/^,C)D``/%L97VDXR(0#W:.V+9(2/1B7<134\P``*G$Q'J3
MWW1\U68``/$``.Z\KYEF9J6CEY.MYN^NH9D[-W)OL8>&R%E8450``$UKT?\9
M&<PS,W6&W'%O9[4``)JTZ9MR<GV4Y+]R<LX.#FMXT-CD^+7,\;BVJ<#,S/\S
M,^ 0$/^9F8P``,</#\O9]79]Q)-.2/I/368S,RL:&6YMQ?4:&LX("/80$)^E
MVG24XN/@T!$"`M=04-KU]7%UN_][>]B%?(6$>JT``+L'!Z>][6J1X'NEWID`
M`-89&<#?WUM>Q7)VT=_/P*\R,K/&[V9F9H0``**DV:.LWNJ7C.TW-)V^OF0;
M&JZ"@G6,W9Z<D> +"_4&!NAE7M#>]0@("&6%W/___[4("/]F9FB-X$4!`76$
MV'J+WL] 0.0P+?]+2[N%A7:!QQT<&I 0#TI)1'QZ<NDB(I>5BNZ%>UMHS8IJ
M8LNOHM;N[NTA(7=A86IQM]8``(:CXJJHG*T'!\5?7Y*0AO^$A.;,O;W8V+_3
M\XRNY[[.\/)^=O^EI8];6\[,O<;$M3,S,_\A(>OHUZW%[H>0SVI53_\Z.G>%
MS<R9F<\F(\\[.YREWO]34X%I:7)RM>8``**FW-0)":4&!B @'JO+R\4``/\`
M`,8("-%Y;^Y/3_^9F?\2$N;Y^=G6QOP*"I]\?-9>7N^UK?\G)U [-Z=O9^6!
M=XUX>-Y)25!CS'X``+,Z.K+8V" ``*7 P$T*"0H$`T]3O(.GYYRWZ^@:&FQT
MNK G)-01$<76]_]S<_];6UL``,7=W?@[.\S)NM7IZ?@@(,@='/A64S P+,Q9
M4MY84N@&!IF7C,A*2G%962'Y! ``````+ `````:`0(!0 C_`!D)%%A$P**#
M!STH]!"GH<.'#1])G$BQHL6+&#-JW,BQH\>/($.*'$FRY,*3"A&J%%!DH,!/
M=W!$BA'CALT).'/JW*G3IL^?0(,*'4JTJ-&C2),J7<JTJ=.G3[?XFGJIZI:K
M6+>HV*IF01,<=^Z L?,IDB1)-W(:B!4E2KH7+[1HB1O%@)8HL"9\V-MV;Z(H
M?!-]Z#L8<.&]B#^L;;N$KV'"D!\;_O#7,>7'@A-ECI)9\.'/B4.+'DVZM.G3
MJ%.K7LV:M,^M6;>0Z4.[CXIBN'%[18($QP6R#&[L14=\A?'CR),;)\Z\N?/G
MT*-+GTZ]NO7KV+-KW\Z]NW=T96*L_UM OKSY\Z5BE&G2!,D=.Y$($<I%O[[]
M^_CSZ]_/O[___P`&*." !!9HX($()HC$!>?$-U^"$$8HX8045FCAA1@NV*!\
M&';HX8<@ABCBA1HZ^!\@&CQ0R8K$$).---)4<\B,U503QAZTX))--IQPT@XQ
M9O@'@'U#TC?DD482F60N`!3I))-+0ODDE/4A2>625DIII)5/%JEEE%=F.265
M7GJIY'UBADFFFE4F66:;49KY9I;^E<@A?UGD^00RAAABRI^F^#.-2XP$PTP-
MB"+JC#-*)/,&#/U$:.:('\J)X)CXT4FID!3:^6!_*;0@:@OL.." /QBXH>JJ
M&,@@4 I8Q/^*!3CF6##%IF@"V&23N/:WZZ06\MHKB0R::* MG>RAR2WY-'N+
M)DET8DL``D[Z)I.[JCGGKV"ZJ262EKK);9O77JM?N%\"R^:7Z9+K+KCK?DMF
MME>"Z.FP^:F+[H#[[A?NK_J>B>6XZ(Z++;WS9FMMO0=WZZ2P!PL+L,/#WHMO
MKG-Z&_' 92*\<;?U]LOPPQ"#63#"_PH,9ZX-J]SRRA%CRO"(%E]L\\TXY^QA
MS3KW[///0.O'<]!$%VTTKD/;K&ZUODK:-,L@9FRRNU.+NS3121^M]=9<0YAU
MUV"'+79^7RO=\=AHITUVL7?VB@HC(QJL]MP2OETGVY_B:G>^*U__#77<N/H]
M<J\R3[@W?V6#>#C=C(.]N-!XX_LXS"3S.F6:E8L\IJ832YVNW/HJ''+5P 8L
M<.=4<RZWX7#WE_B'DU\JH>!*S]SX@+'?][J'N2>,Y>]I?DQRE1YCR^[P:QJ,
M,L3(;USX[?_U7M_N'4H/_?4Y6Y\+]1AJC_WWPVK/_87>@V_^B.)''G[KY[=_
M<?H;YKTI*O37;__]^.>O__[\]^___P`,H `'2, "&E!_[-O/^-S'P 9.CT&?
MN( $)TC!"EKP@AC,H 8WR,$.>O"#( RA"$=(PA*:\(04/$<NRO*3G,#E!==Y
MH0QG2,,:VO"&.,RA#G?(PQ[Z\(= #*(0_X?X`IY,H"@T26(,[O")%<ID)C5A
MRRE@D0@I&/&*%- "5'PB10E4T29M24H6A1+&+9KQC&A,HQJ?HH*LD.&-6U%!
M!N:HACJJH11-B 18QO*)X AG+[!X!6=TD9PH2($XZ6@+"6"!R+80AP)_T0(C
M'8D.2E*2.8$<)',L&05$_H4MG41'(D.)#D'>)912:(LNF-,!O* #%E'HP"9#
M><GOV/*6N,QE=5X8&MQL91=^B*,PCR&$W'B%/>XA"PXDD<2@7!$G:XRF-*=)
MS6I:TREGR:8VMZE-WO!&?0X,ISC7%K]QFO.<"Y2%!BH!@C6P8!;PG,456,"*
M=X `'I7H13:"0<@-II'K<J6[W)8&VC*%+<QX:.K2YHQG.2EUK&3"DQCP$)HI
M)35O><0+:$;CM*6 =BE K^,&'=2A#ES@HAK>0("I'( `:_RI&\MP"32,T:<G
M/"$+6$@"M<[)4WR]C@W)2(82E "!&D#@'^1P23#0L%('R,,$0U6"&S @*@(H
MHP?GDI?4-'6\TZU)8^VJ*,RT1;71>:Y@7\T4P5+G57,M-*Q]ZQ0X_\.%%LCJ
MKGC%`A_VR@<B`" ?JPB2/_%%)]J!3*Q9'6N !%<Z[/\MD&N&[:D#'^NA(WU4
M9EPJ*UHQE5G%LFE?<IK8Z&)&.<2:#*+60BV14":O7E%6LK %VVMC2]NCS;:V
MN 7:;7/+VYSM-E@6!1[H_BDZLI+6JV#M;%?A%;S!-M>X,SLHUW[;V^I6;*[6
MS:[1J'N@W G4=BE+KNVT^S/X&<MM"21O;LW;-KVE-[B8TRQ9X46QY,5U<.)E
M[IE,MU#,EK6^7?T=WZ";(/;*CU+>=1F_GG;8`D7V;P$+KX#!FE;'O1<_W#50
M^:S[8/YTN&<&EMR%T]K9R_JWOZ455WY7S.*SPE6<(5Z?>JL;8_3.N+<U=N^-
M>9OC^8UXQSSM,8)_#&1S"KG_R$BF&7:3S&1[,8@^WUC$!."R`EA8N0,=2(>6
MM\SE+GOYRV .LYC'3.8RF_G,:$ZSFM?,YC:3>0EPCG.<L4QG+/O@SJ<XQ0TB
M\0WZ?.*)-/')3FCXS$(;^M"(3K2B%\WH1COZT9".=*&)(I^J7$*8F(YC,=00
M@]Z Y3TPD4E-!-WH:YKZU*A.M:I_L@5+[X(,5\%T!H3 %3SB8(_*Y(U/[J*'
M*<-%D*>8P"FB0 (?D" *6@AV6]J"$SVTI=<3B (<[A(+"; EV3OA]4[:<NU@
M1SL*.&'VLL&-DVLS>P+.CD*OCQWL8;>;V-&6PB>]+>EZ&WK5^&YC;-[(;SO:
M$8^1_XB$6,B"!+2DQ==PN>0IT\$<.'#&,I<)360@/IJ)?\;BA(GX82HS&,%4
M\N%_Z23$,]Z:DIO\Y"A/N<J+,<QC'"..M<E-,8[)`+ `YX\?0(=RC-,6+2A'
MET /NM"'3O2B?Z<)04BZO_TM\Z0GG3U-J/G-?;(7&4I'ABK/NM:WSO6N>_WK
M)X>ZV*$>%&Y*XCWG;;+:=[;DM;M]0AE^N]P?6,ZYV]UK;;^[W@'T6D_,XP$@
M> <K!F_/83Q `XC @X,5#*$/+]C##5[LA"SE^$UQ58%YQX\G4@2/=ZSA\X5?
MT8J&0?I*/* 7&K"'".BAJ[8>MEP<)>UW)XS<Y4Y4O''-F/]^7U]1T:ZUHZK-
MZ$>/*WQVW:WN_*$$)S10A2I80QP"J0,/%&",ZAO#%/\(A$!.X(0QE* $[<@"
M+_H9HLK_S/RX?=T1VM$.*[C?"@I0P"3JT50'N*0"B$(&,L3@C#<THA$C$ ).
M,V!B(S*/=S7H%S5RA7SZ<02-\ 9OL"AB( :F``'$X J$P@AI8 T0P P>R Q#
MA0$B""F)-7SMTE@2E7L<M55L]3P.A7LL-EHOAEP2Q5G_I#$+XV+F$B&[PPXB
MB %*`%,N@09N$%4;D 8KE0:#((*B@@5G, 3D1X /-6&41SGT,H7 %R;,<S8)
MU5 <\R];B%HI:(/!17O$$V!AN(.!RP-1"I)Y][$-&! KH]("/UB'31@K?$4$
MBJ )'+!WUD59A> %!,!7>P4.AFB(! `)YH )0] #.R4D-8B%EE5\+Q-\EQ4R
M:\@R&$51IC6)\Z)6*J8ME=-1`@8N!P507.AD#%@[,1A?+08UEZB"4\."?K-9
M%6:"7*)<P0-[`(9BXU4A_W'GATT6C!U2BYSB6:!8-;V78LIXBZ2C,KP(,M$(
M8<G(B91"C+*C>Z]8>\9U,HSG>] 8CJ,E8=%E6LTHCM)HADJVBN+$AL*(-&[X
MCO*X/?$XC\*(C?8X8_B8C^2UC_R87?[XC]45D +)6P3Y>%9#4<6C/!*#/ VI
M42\HBEE84!,5? SFBCJ(6 GH6O5(*55H7\J(D6SUC%NEBY\%)SO8>C (70:X
MD?#(C@7IAP<9D[0UDS0)6S:)D)%WDUN3D_B1/^]"8B"9@_*5"P=TE$B9E$JY
ME$A)9/3AD_>18*>SA6<XD03CCCP9($<F(AN6E4"SE2$2.PCXBSMY3BXI.^3C
ME/_T")-<.6)N%8JN&%;*]54BF5K;*&&9A8*]R)(8TX(I5H/(""!@J3A$IH:?
M=87,TS>G.#"?&)*D&'N*F8JCJ(:9^)@1U9@O4Y3%0R"#"3MJZ95$TYF\XY93
M.3QA2% +:5$7=9I9N"V6^7J B9+[589_HY -V8VL:2&B63VD*9LXN(TRZ)NV
MUV(F65K:*)P5]HRRZ3E\F9)UHY90:1]="9H@!IT=V3V]>2&T<Y8&LIUDZ4"[
MB9TEJ(D5*5_^Y9C,B9K_A5_215_<*3;AF9;G\Y[5>$[QJ9N?29WE99UL&9;Y
MJ9_5>7QIYV,`:F$"VEX$6J!<<Y\5,IT*^C[\.:!#]J J6\.@%.*@%&ICKG.=
M\IFA1F.AK..A'QJA""JB0!:=)GH[*)JBC+.B+#HW_QHR$"@@`&F!25?6`7*6
MHSJZHSS:HS[ZHT :I$(ZI$1:I$9ZI$B:I$9:9W?6I$Z*9WEV`P* `BZ!`HMP
M<%/6'%:VI5S:I5[ZI6 :IF(ZIF1:IF9ZIFB:IFJZIFS:IF>:9W :IZ=@`'1*
MIZ(1`U P`(SP"5" !(%&:CBQ0_8VJ(1:J(9ZJ(B:J#E1!NLQ=HXJ=M[4&[_Q
M9P'WIU@:J"^DJ)JZ:/C6J9ZJ1I<P%;Y@:;&A%9JV#C=P:Q? 1S$!18#*J9\:
MJ[(ZJ_@F%51Q";&1:7?T%;[!1[<V$SZA!W]A18JF1L)J2%R4"&84"\I*J\[Z
MK$RA`I;&;[)&1W5D:[A&J?^1X!/GQFAEM$7?RJU1D!3A*J[0>J[H2A3ZAA74
M.D<9@!O_ED<"YZM(\!,^$$D=`!>MI L?0 %N\1<&0 +I$&[DYFSIX /J]FU+
M,&Q1D&?(MA/WBFP^D!-M<0H2`&_?1K :VVQND;'^N@0(2P%+$ 44, '^6K(?
M^VT6&P6QL*DN^[*%V@1!L:Y8H0+]I@8RAQOM(:D$9W '!Q>IE B-E$BO\ (2
M<!=2( $C-VZ @7&3$1K.YAE.N[2(,7$3YW#.EK721K5@U[5>^[6E`75J`!M7
MX7(O1QOO*G->P0`U-ZELBW-20 *O9$C,H0N4] JKQ!EP\1=PX7!P``>)H LO
MT!;_"1<%A3M#<?L"L"0%ASNXADL7L-!*C\NW0"MMCOL"=JME42"X+Y!*@FNW
MC-NXA$M$I%NZIGNZ.F0:++<5?M"ZF!9SNL$>DB!P-S<<S+%S"> 6RV%TO-N[
MOON[P(L=39 ;F:9I.7M,[0%JP6&[.[<"4? *";!SP3N]U%N]UNL=-X"S.;N]
MQ>!T05 *-\ >#*"\.)=SQ=&\QW&]ZKN^['N]B<&HCQJ_3="HR:M,S&2IK\H3
MZ;J__-N_16%V`)Q-D?H;$OJB_<BA!ER3")S .+G #-Q3+OK 81/!$MPU%%S!
M/>G &"Q.%[S!VZ7!'MQ M[4#LC #^$!Z78 /+O #CU@M_[\7F)6BDI*W>+/S
MPD%S>9#3G_KQ`W_73BQP!? T3VMP3_DT"L] ( :8(/1ICF*UD>_YD42#P^14
MP/KA`E7 3N[TPT*\!N_0Q?=D>%60#<!@"S.LGG,Y?'FY@K1WQG#9C6ULF'>)
M4*%SA?%R@G_9ERL)7R#5D=A@#[U0"? ``B P`V","T9PR-G0?/,P#\VG`9R@
M#D 0A9 GB^!%A68X>W5LR2PXG#(87[M7R7A\7\E)GK>W-,?Y'[OS!Z-0!;W0
M"_/ !*[@"CR@`SI@?<:@`PIP`($0"#QPR.I !W20"0+(8+A9C:&%DF-(.A!9
M+B6&A@N)F&])8.58B8BY40E%B?^8Z%'TA<KQV HEP D[D@W74 <K50=,0'W&
M4 .DD%0#L0_\8 7A]P2"@ I1L\26MYE(]CK[T [?%P9A, ;&X _T9RJB8 D%
M( \NX0U_HG_(`(')H FU$,(9K,.Y< ]9\ 3O9P@*\"?S9W^$X@T?.('\UPBI
M\ 9?@%6-=SU)K)+&>,,+2,7U(0(0.($,G2@%,"@N\0L?N--2A0&I0((#AHH#
M=6+6>)66R2T/69762)%IN%]-O5H/L]3YA<FZ)YDIZ#L3*2&OHP^I4-(1B"@0
M0 HVD($"@0!0Q0P0``$]'8>84 A9]<FYR#=P#%<8:<-S')=0_%R;K)%JW,DG
M28FY6%S_WSD@K],*0:4J$. &8NT2DS!4_H"$IF+6/S@J#7 +MY)80HG)`=;7
M&>G&9,C)>1TO>^TRNWB*=2G*+@9W]1@!2D"'&) '5+!2DU"$4>4&,B *`Y$'
M=T@$F- &%^-X]CP["D@WU!,*5#4J&T #KEV'3*@*X2 K>]4`F+ )@B71ML6A
M=757<[C==J57>Q4/`' +;CU8@6-\D85^X,AX!%C&*KK H$ `>$B(\KU7!- `
MBG +@87$M;/2M;G>G=B=Q%R68_-:]- &VE .\9 #!+#@\0`)XZ (RJ );4#&
M,NR).8B+;NR;G\R7YDEAG1B+*1.;=)WA%CZ;@^."P C"V@F+1LVYGA2C7X7E
MXC"(XG[MG)D]DK8'UWK<7,$]Q27ZVU<]F<B<U 1%@^9=F4.NU)=GBTL=Y$/]
MA4<MG.T)V#V.82I^?OALW83_?>5:_CT=?(R8[2_J?<WGB([!28YDB%:T*<UZ
MK6#2M2E?_BT*A=5$_C%6.8MEOI*@9>)K?(XQSGLV'IQ%CI6J"-/E?9Q"+GO,
MR,;F+87-N.?CR.?3[.;J#>D[?ET4[9'S!9QMSIA32>EK;NG.&.F*%6',*-J@
M3N-LE^GN4^59&>==[EM<'NO0`^NT;C.V?NL^->NZ3MR\WNMJD^O #N>_/NP#
M7NS&/L'(GNP6O.S,/M&&_NQ>[NS2_L&L7NV-\^7I3=YA#N Z62FY:<V9^9JN
M3BS7+B).'.#>+N;]C2&IW=?C%>A80^T'\I$83LDF^5;"Q>DD+L?ZK>=%28W-
M?N[E_U>&)LCBB_F;[-[9&:GC"-GIFYV.`Q_MEF?P'-.%DFC-6+A:L>>%HUB)
M4C[F7:CQXD['Q%?N%B+LV)XA]+[R/Z/R+I_B!!_SQS[S-*_L-G_S$__C.M^B
M+8^6,-SS.4SQA&/55EWRT-SK+OHVA!*4F?/H@FU9]$+65%_U5G_U6)_U6K_U
M7-_U7I_U(/J<XWGC=MR*#QSV$8*A*>W!: \A:J_S;5]@_RGT]1'W"/+V-V_W
MW75A8PGF@%/QDQST[B[@&D:B!X8^V0E[GAA1WQ754.WOGEXRBV_RG+6:J'F;
MDH_DE<G,XO[DX5X@>E_X8K[->+WI<UF*?XU?.=[HQ^56Q0PUY:B#\:DO6IJ\
M.KC_8_@B%OBAG=J\&%YQ?? <GI*^F.][V=F?`Y*D'O&<B?LR1O<"$OJ@/_?.
M#_W+?RZV7R&TO_9(G.6<<_(,>=5 /Z$;FO-BO]X)R%@BS^TR//J2;H.F$S;4
M?_O6SUH*+Y*G1?D=;O;Z3I;;G# ``0! +H("#18DF!!APH&Y!C9T&%%BQ(<,
M)T)4F%'C1HVH&'%4B.3"N4B$"(%$F5)E0H\<,3;$*!'F19DN-<Y$&%.G18@5
M)V:,2=/GPI<+%0;]210HSYQ+5S[=V#*E2)(FH5Y]*O7F488"E<KT2C2L1:<.
MQQXL>!:MUZ%HC[HU6+'H3YQ X=KM6I>FV9YCL:K4"I)J_\F3?PU'_7A8\6+&
MC5$BO0K9\624@3D.MDH9JV7-G3U_!AV:,F>-F N+!DDZJ6;)9%';3#GT]>S%
MJD..)$P;L4N88=G^;JJV=]J^?GM2+*XT;E[F9HGGE6M4]_24MA.:IJY0=>^#
M.&>V)>XS+GC7X,>G-?IP^4Z^;)GJS1Y?>V*4V.5O3U^SIGFF0EV#]:\IBOH;
M4,#C#D1//@7G4\F^^*Q;D++6')LPPMD@S,7![#"TL$,//\P(0PVIXQ!$$T]\
MD#[!<,LL111?A#%"$5D\;4,58\0Q1]%FK*I&$F_4,4@A&^,QM_N '#)));-"
M,J,1IRMQ22F5++)%&Z?$,LL0F\^\K4<%H]0R3!2K]!%*+L5$$T8ROSPS33=!
M7//(-^>,,4X7Z<331#NOS+//#O?\T4]!%P34S$$/Y;,^&ME$M%':"M4-3$<G
M_0O21]ND-%/#+)V-$4\_!35444<EM5133T4U55579;555U^%M=0&%]6TUD&?
MM#57-W'5M5<M>?4UV"6!%;;8((DU-ED8J?J$,$*0@#9:::>EMEIKK\4V6VVW
MY;9;;[\%-UQQQR67W)$^.2=====EMUUWWX4W7GGGI;=>>^_%-U]]]^6W7W_9
$#0@`.P``
`
end Tag: virus Tag: 32030
Temporary internet files
Is it possible for hackers to use my computer as a storage
spot for porn files? I discover over 10,00 temporary
internet files the other day on my computer. They were
almost all photos from porn sites. No one uses my
computer to look at this type of junk. How can I tell
where they came from and how do I stop it? Tag: virus Tag: 32029
e-mail
Hi;
For the past couple of days, I have been getting e-mails
supposedly from Microsoft saying.."Use this Patch
immediately".It has an attachment, which I didn't open.
I assume this isn't coming from you? Tag: virus Tag: 32020
deleting addresses
How do I delete the addresses that scroll down in the
address box when you type like "W", "WW", or "WWW" when
trying to type in a new website in order for people not to
view where I've been? Tag: virus Tag: 32014
Securing data on Music CD's
Are their any CD burner softwares compatible with Windows
98 that can allow me to make music CDs with the property
that no one can use them to make other copies? If you are
unable to say, please direct me to the appropriate
institution who may answer this question. Thank you.
Regards.
Keith Coombs. Tag: virus Tag: 32008
someone changed my network settings to share files.
Hello,
SOmeone changed my Network settings. they turned off my
firewall. they made somekinda shared docuements in my
computer. they put on share this folder with network. I
dont know what happend. even aol is under a difffrent file.
i think some has stolen my identity. I put my firewall
back up and turned off the sharing in my drives. what
should I do. Tag: virus Tag: 31999
Password
In Windows 98 I would like to set a password so that no
one can get into my computer. I did setup a password,
however, when the "Password message box" appeared, by
clicking "Cancel", the password is bypassed. How do I
setup a password?
Thanks Tag: virus Tag: 31993
MS03-037 and Office 2000
Can I install this patch on systems running the basic
Install of office 2000, which have not been updated by
Service Releases or Service Packs? Or do I need to have
sr1 and service pack 3 installed first?
Thanks
. Tag: virus Tag: 31990
pop-ups
every time i go on-line i am plagued by messenger pop-ups
by firms warning me that my computer is at risk from
hackers through an open port, and try to sell me software
to prevent this. How can i stop these pop-ups from
appearing and disrupting my work? Tag: virus Tag: 31985
Win XP Pro/Win 2k roaming profile
I want to make a back up of win profile on a PDC server, but I don't
want to back up all the files.
I have seen that there is a NTUSER.INI file with some information like
[General]
ExclusionList=Local Settings;Temporary Internet Files;Historique;Temp;
What is the entire command or parameters to complete the list
I am interesting in a parameters like
"InclusionList" .
Thanks for information
--
Posted via http://dbforums.com Tag: virus Tag: 31982
opend ports
How can i know my opend ports information. and how can i protect my pc from
hackers throw these open ports?
please sujest good stuff about ports.
Jai. Tag: virus Tag: 31979
MS03-037 Problem with windows installer
Hi,
Someone in my comapny has installed Microsoft Update MS03-037, and now
says that the Windows installer opens any time he uses any Office
application (including everytime he opens an email in outlook). He
claims that a window that says "Windows Insstaller" opens for a
mintute then closes and then application opens as it should.
Is there any way to rollback the patch, or is this a known problem
with a resolution?
Thanks in advance for any advice you might have! Tag: virus Tag: 31969
critical update repeatedly installs
I have Windows 98, S.E. Recently, I checked the
installation history and noticed that critical update
819696 had requested installation and had been installed
on numerous days in the past. Why the multiple
installations? Did I do something wrong or is this a sign
of some malfunction? Tag: virus Tag: 31967
Why Im Writing My Book - OT in a way
This babe doesn't post that often so this stuff isn't spam and you'll
"know this". There is nothing wrong in trying to help "millions" of
computer victims using Windows and the Internet. My topics are not off
topic and "you'll know this". So stop all your BS, geez! This babe is
tired of your crap and I'll go back to not responding to anyone unless
you e-mail me. Try me!
Just remember, all your insults make me prouder and my EGO is already
big. Way can't some of you make the time to correct my so called
"misinformation" and this babe will listen. If my words are incorrect,
they will be changed, if you?re worthy of it. "The Trackers" don?t have
time for all your street dick games, period. If you don?t want to
listen, please just put me on ignore.
WHY I'M WRITING THIS BOOK:
First off, the members of "The Trackers" are Tracker, Bandito, Pandora,
Horse, Sparky and Spooky.
My purpose in writing this book is because of what I learned was
happening to my computers. At first, the Internet was an object to
explore, discover, and communicate with the world around me. When my
kid elected to adopt a ferret, I desired to gain as much information on
this cute animal in order to raise it up properly. I started my search
for Websites which could be of assistance. But as time wore on and my
search grew narrower, I limited my options down to alt.pets.ferrets. A
few months later, to my amazement, I gave the ferret people another way
to use my computer. I was unaware the hackers were going to use my
computers for an avenue of their own. So I was glad to have found
alt.pets.ferrets, but shocked after posting there to discover,
"hackers". To dissuade people who lack the proper knowledge from
posting, they started to use personal information as a means of attack.
Examples of these can be found in later pages; to the extent they were
willing to go to do this.
Some information on ferrets were given, but when I went back for
additional input, I was advised and told in so many words, "the answer
is good enough since we are experts and you have no reason to question
them".
I felt sorry for the people who lack the proper knowledge when they were
told to go away, and that their questions were stupid. No question is
stupid, only the answers, so I decided to do further research on this
group of people and what their problems were.
I then discovered these people had hacked not only my computers, but
others who went to their Newsgroup. The following is about the people
who were the motivating factor for this Book. How in my research I
found hackers, flamers, stalkers, etc. This Book is written to help the
thousands of computer owners that are disparaged daily by spiteful
individuals; to expose the hackers for who, what, where, and why they
continue their malicious activity. Another goal is to have these owners
close "all" their open ports to the outside world (where applicable).
Tracker Tag: virus Tag: 31961
5 Pages from 5 Chapters
Figured out the excerpts from the five Chapters that I can put on my
Website. The Chapters were written in order per their importance to
"me" in my book. All I have to do now is figure out how to get all of
them on the site and make the time.
Thanks for all your suggestions and they surely are appreciated. May be
now, the world will realize that "My Book" on CD-ROM does exist and it
will help millions of computer users.
Tracker
Shining and Glowin Tag: virus Tag: 31956
MSXML
My windows 98 laptop is determined to need the "Security
Update, February 13, 2002 (MSXML 4.0)" every time Windows
Update does it's thing.
Does anyone know how to make the scanner happy?
Thanks Tag: virus Tag: 31955
repeated downloads of the same security update
I keep getting the same security update (#823559) from
Microsoft (3 times in the last 36 hours, at least 6 times
in the past week). I have Windows 98 and McAfee virus
protection, and I'm a computer illiterate. It doesn't seem
to cause any problems, but I wonder if there are other
updates I'm not getting, and it does take a little time
and trouble each time. Whom do I contact to find out?
Thanks, Wendy Metzger Tag: virus Tag: 31954
Lost license cd key
I have lost my cd key. I have my receipt from gateway
that I bought the software with my computer, I have the
disks to load onto the new computer but I can't find that
blasted certificate of Authenticity.
I thought I had the number written down, but it's asking
for a 25 digit cd key and I can only find 20 digit
numbers in my notes. Tag: virus Tag: 31952
Question about network share access
Hi All,
I have a small office network with a win 2000 server and XP Pro
workstations. I have set certain security access to some files on the server
for some users in my network.
My problem is with the network just not letting me get into these folders
some days, and letting me on others. I end up having to shut down my server
to get the network working again, and I am hosting websites so shutting down
is a bad idea.
Any idea why this access is inconsistent?
One day: I get in fine
Next day: I get "Not Accessible" errors.
Please help. I hope there is something I can do and this isn't just an
"Undocumented Feature" of MS OS's!
Geoff Murray
Sales/Development
N R Computronics
Multimedia Software and Web Development
Charlottetown, Prince Edward Island
Canada
www.make-it-simple.com Tag: virus Tag: 31935
~tilde on desktop
i think it important to start a new thread with this subject titled
so. though this is discussed in many threads throughout db it is
difficult to get the search to parse out such a file. if you go to my
reply to thread 794192 i have stated my experience with this file and
so this is an update since that open, and hope to help others. first,
i now firmly believe it is a security flaw that is able to find its
way in by not having downloaded any language support from ms. since my
bandage-fix it has not happened yet though it can happen if you open a
file that has been corrupted. when you tag it with .wab and open it,
it will have up to three new rolodex cards in your list. working with
an isolated machine and w98se. one person mentioned opeing it with
.doc. one will notice that it has a header. in viewing the hexadecimal
page of this file i noticed that the header is MsingID with tilde
within it. without making anychanges and retaging it with .wab these
new cards can contain simply the two letters. in my case it was: eG;
yy ; and blank, labeled "unknown". i have since, been able to find
extract tilde to come up on the desktop by opening old saved mail
(transfering to a flop and opeing on an isolated machine without the
enhancement). for me if i taged it with messenger and retagged it with
.wab it would create yet another address card. this is creative
backups to be sure. another experiment in logic one can conduct and i
urge to be very careful, is while it is on your desktop, go to "find"
and punch in ~ and you'll get a bunch of stuff as expected. but if you
type in "~" you'll get that file alone. i think and i do not have any
fancy conversion or import/export software, that a symbol is added to
one or more of the address cards if not a new card each time a
conversion or export/import takes place. i do not know of anyone out
there who has come up with a fix, but it has not happened since i
bandged it as i descibed in thread 794192. it did however happen when
i opened an old saved foreign sourced email on the isolated machine.
this happening to many, but it is hard to find when an extension is used
as a file name. i do suggest before you experiment that you put it on a
flop and conduct find in there. you can use find/advanced but be sure
you are offline and without any communication programs open such as IM,
OE, NM as far as windows is concerned.
please, reply or if you start a new thread use tilde or ~tilde in the
title so searches can find it.
be very careful of files that use extensions as names without
extensions.
next i expect a hidden version of this annoyance.
jacques, in formfactor heaven
--
Posted via http://dbforums.com Tag: virus Tag: 31934
Pop -Ups when not on Internet Explorer
I am getting pop-ups constantly! Even when I am not on
Internet Explorer they are coming up. Sometimes close to
one hundred pop-ups. Does anyone know why this is
happening or more importantly, how to fix it? Tag: virus Tag: 31932
expired pages
When I do a search and then select one of the search
results, when I try to go back to the original list of
search results I get a "page has expired" message. Then
when I go to the original form, all of the blanks have
returned to default and I have to start the search all
over again. This started happening around the time I
installed service pack 4. Tag: virus Tag: 31929
Windows Passwod
I want to change my windows password so I can have it
prompt the person logging in to enter a password. When I
go to change it though, it asks for my old password. I
have never used this feature so have no idea what it is.
Any suggestions? Tag: virus Tag: 31927
ISNSYS.dll
I have found a file called ISNSYS.dll that is apparently logging every
keystroke I make. I have tried everything I can think of to remove it
but nothing seems to work. Norton Antivirus is not detecting it (even
after a reinstall) and even deleting it from my registry does not work.
Can anyone help with this?
--
Posted via http://dbforums.com Tag: virus Tag: 31925
Spyware Alert ! >bb-search.com
Please see my post at Forums Spyware Info:
http://forums.spywareinfo.com/index.php?act=ST&f=11&t=10946
Seems to be a new variant - the CWS Shredder may not target this one.
Anyone seeing complaint posts of this Spyware Hijacker should prescribe
"Hijack This" -
Instructions as such - feel free to clip and paste in your post reply!
>Go to:
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Unzip, double-click "HijackThis.exe" and Press "Scan".
When the scan is finished, the "Scan" button will change into a "Save Log"
button.
Click: "Save Log" (generates "hijackthis.log")
Next, HijackThis | Config [button] | Misc Tools [button]
Click: Generate StartupList log [button] (generates "startuplist.txt")
Next, go to the below location: Spyware and Hijackware Removal Support.
http://forums.spywareinfo.com/index.php?showforum=11
Sign in, then copy and paste both files in your message.
HTH
--
siljaline
"Arguing with anonymous strangers on the Internet is a sucker's game
because they almost always turn out to be -- or to be indistinguishable from
-- self-righteous sixteen-year-olds possessing infinite amounts of free time."
- Neil Stephenson, _Cryptonomicon_ Tag: virus Tag: 31923
email attachments
I just up graded my computer to the 6, so I could download
other programs. In doing this, I can't get any of the
attachments that are being sent to me by friends. It says
for security reason I can't get them. One of the
attachments was from my daughter, her resume. I don't
even know who I should be asking for help, but if someone
can tell me what I can do, to get all my attachments, by
disabling something, Itwould be greatly appreciated.
thanks
Liz Tag: virus Tag: 31902
Apology
Re: access denied by OE, I have since found discussion on
this board of the same subject. Forgot to look before I
sent! Sorry. Jdani Tag: virus Tag: 31900
security port 443
My security port 443 has been blocked and I am not able
to view any secure sites. I have spent hours on the phone
with different people,online provider, computer maker,
software people and nothing they do seens to be able to
help me access that port. Any
suggestions????????????????????????????????????????????
Thanks for the help Tag: virus Tag: 31897
KB 823980 Scanner
HOW CAN I KNOW IF THIS PATCH IS ALREADY INSTALLED INTO MY
COMPUTER.I HAVE A;
COMPAQ PRESARIO 5000
WINDOWS XP HOME EDITION Tag: virus Tag: 31896
use this patch immediately
I, too, have been getting this email several times a day
and my Spam Dam will mot let it through. If it is
essential and truly from Microsoft I'd like to know. Tag: virus Tag: 31895
porn on computer
I am a stay at home mom and I only use my computer to check my email and
run my avon business. I have had porn pop-ups appear on my computer and
confronted the only 2 other people about it and they both seem to have
no idea what I'm talking about. We have had porn problems before and
have tried software programs, in fact this is the 3rd computer and
"somehow" it keeps reapearing. I know nothing about computers and I
feel like porn is being accesed but I can't prove it. Please someone
tell me how this keeps happening when everyone in my home seems to be
innocent. it even appears someone has tried to put some sites on the
restricted list after viewing them. I feel like they are accessing it
from their email but I can't prove that either. Help!
--
Posted via http://dbforums.com Tag: virus Tag: 31894
infected by ad popups
Within this past week I have been getting a number of
popups for advertisements ("Evidence Eliminator, Privacy
update, etc..") even when I am not using IE and just the
desktop is displayed. What steps should I take to
eliminate these? Tag: virus Tag: 31893
My computer is trying to send emails every sunday and this
shuts down my system.