The newbie&#039;s dilemma!

August 28, 200717 yr

why? of course i'll answer and have, repeatedly.

maybe you visited an infected web site, or you clicked 'click this to

protect your pc!' or you opened an attachment from an unknown or even a

known person and infected yourself. maybe you didn't keep your computer up

to date with all patches. maybe you got 'caught' the day before your av

updated for whatever it was YOU picked up.

so, your question of why goes right back to you, the one using your

computer.

if you want to know how\why it could be done by another person, this isn't

the group for that. does your isp carry any of the alt.hackers.* groups? if

so, they might tell you how\why it was done.

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:%23OuBvmU6HHA.1208@TK2MSFTNGP03.phx.gbl...

I don't mind you constantly replying with useless comments, Li. :)

At no time did I mention a 'dial-up' modem. I was connected to *Broadband*

via a modem supplied by my ISP (at that time Wanadoo, now Orange) - I *was*

connected and, as you mentioned (correctly) succeptible to attack.

My PC *was* attacked.

Perhaps you know why? ............... but then I'm quite sure you wouldn't

tell others here! <g>

BD

*******************************************************************

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:-qqdndY1_MQjUE7bnZ2dnUVZ_h2pnZ2d@bright.net...

> you were given a few simple answers as to why your dial up modem would

> disconnect.

> there are many more.

>

> a malicious attack on your computer is not one of them.

> again, anyone wanting to harm your computer and\or steal your identity

> would

> want you connected.

>

> whine to google

> "why does my dial up modem disconnect"

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:e3jqNdP6HHA.4712@TK2MSFTNGP04.phx.gbl...

> Yet again, Li, you failed to answer my simple question.

>

> I therefore guess you aren't *pretending* at all. <g>

>

> BD

>

> *****************************

> "Troll_Lady" <TL@DogAgent.com> wrote in message

> news:O0xJHfO6HHA.1052@TK2MSFTNGP05.phx.gbl...

>> ok.

>> so much for your comment 'any help would be appreciated'

>>

>> why would someone disconnect you if they wanted access to your computer?

>> a computer needs to be connected to be attacked.

>> (unless you insert a disc off line that is infected.)

>>

>> so, to be safe, just disconnect your computer and you'll be fine.

>>

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

>> news:eT9MfqN6HHA.3900@TK2MSFTNGP02.phx.gbl...

>> You are either *pretending* to be stupid Li, or you really are - which is

>> it? :)

>>

>> I'd like to apologise for my spelling of 'great' in my original post.

>> Sorry

>> about that.

>>

>> BD

>>

>> ****************************************************************

>>

>> "Troll_Lady" <TL@DogAgent.com> wrote in message

>> news:uW1fMON6HHA.5844@TK2MSFTNGP02.phx.gbl...

>>> when i was strictly dial up, using a modem, i would get disconnected

>>> quite

>>> often.

>>> i soon learned to keep temp files cleaned, because i would get

>>> disconnected

>>> trying to open a web page.

>>> reconnect, open another page, disconnected again.

>>>

>>> then, of course, isp's will disconnect you at any time if they feel

>>> you've

>>> been 'inactive' or don't reply to their ping. (firewall)

>>>

>>> you being disconnected while reading a news group would be a

>>> coincidence,

>>> not a malicious attack.

>>>

>>> TL

>>>

>>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

>>> news:ey6GRRK6HHA.4476@TK2MSFTNGP06.phx.gbl...

>>> "he had his identity stolen" ............ that is TRUE.

>>> 'Trojan.Java.ByteVer.R' was identified as the culprit.

>>>

>>> "and rather than blame his own inexperience on line, he insists 'we' did

>>> it

>>> and he's going to prove it." ........... that is NOT true!

>>>

>>> Recognising my inexperience, I set out to determine more about 'malware'

>>> and

>>> try to discover just *how* I may have got a Trojan on my PC. I thought

>>> that

>>> I had been careful, using Zone Alarm, AVG anti-virus, Ad-Aware and

>>> Spybot

>>> amongst others. Oh yes, and a new facility then called Prevx.

>>> Insufficient

>>> protection as it turned out!

>>>

>>> Few stones have been left unturned (just google for BoaterDave and

>>> you'll

>>> find many hundreds of my posts - I didn't ever think to do that less

>>> than

>>> two years ago - how naive was that! <g>).

>>>

>>> A suspicious email invited me to A/C U2U. I went simply out of

>>> curiosity.

>>> I

>>> asked many questions. Although I learnt a grate deal from many helpful

>>> people, some questions drew a blank and some folk became irritated. A

>>> person

>>> or persons unknown was later able, somehow, to disable my PC whilst I

>>> was

>>> connected to U2U through a modem and OE6. Not once, but on a number of

>>> occasions. My quest is to determine just *how* it was done. By whom is

>>> another matter, probably best left to the police.

>>>

>>> Any help will be much appreciated. :)

>>>

>>> David

>>>

>>> ************************************************************************************

>>>

>>> "Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

>>> news:utadnaBwYJjPC0_bnZ2dneKdnZydnZ2d@bright.net...

>>>> http://www.annexcafe.com

>>>> newsgroups & chat. private server. registration needed.

>>>>

>>>> http://www.dogagent.com

>>>> newsgroups on a private server, open to the public.

>>>>

>>>> both servers friendly to each other, both carry groups for the other in

>>>> case

>>>> one is down for whatever reason. both will honor each others bans.

>>>>

>>>> this is suspicious to BD.

>>>>

>>>> he is even more suspicious because he doesn't understand how i can be

>>>> staff

>>>> for both servers.

>>>>

>>>> he had his identity stolen and rather than blame his own inexperience

>>>> on

>>>> line, he insists 'we' did it and he's going to prove it.

>>>>

>>>> TL

>>> <snip>

>>>

>>

>

Quote

August 28, 200717 yr

I despair Troll_Lady.

However, I'll reiterate just one more time so that other reader here will

know *exactly* what was meant.

My PC was 'attacked', and put out of service (for a time) by a person

unknown who was operating from the US site of the Annexcafe User2User

newsgroup. (annexcafe.general.user2user).

Nowhere else. I have no doubt.

As I've said on numerous occasions now, 'The truth *will* out'

BD

****************************************************************

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:6eGdnfWuc8CGvUnbnZ2dnUVZ_oytnZ2d@bright.net...

> why? of course I know!

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:%23OuBvmU6HHA.1208@TK2MSFTNGP03.phx.gbl...

> My PC *was* attacked.

>

> Perhaps you know why? ............... but then I'm quite sure you

> wouldn't

> tell others here! <g>

>

> BD

>

> *******************************************************************

Quote

August 28, 200717 yr

i have no doubt that you are mistaken.

you need to learn about servers, newsgroups and security.

until you have, and can type with some knowledge, your quest will be full of

despair.

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:eOCD89X6HHA.5984@TK2MSFTNGP04.phx.gbl...

I despair Troll_Lady.

However, I'll reiterate just one more time so that other reader here will

know *exactly* what was meant.

My PC was 'attacked', and put out of service (for a time) by a person

unknown who was operating from the US site of the Annexcafe User2User

newsgroup. (annexcafe.general.user2user).

Nowhere else. I have no doubt.

As I've said on numerous occasions now, 'The truth *will* out'

BD

****************************************************************

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:6eGdnfWuc8CGvUnbnZ2dnUVZ_oytnZ2d@bright.net...

> why? of course I know!

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:%23OuBvmU6HHA.1208@TK2MSFTNGP03.phx.gbl...

> My PC *was* attacked.

>

> Perhaps you know why? ............... but then I'm quite sure you

> wouldn't

> tell others here! <g>

>

> BD

>

> *******************************************************************

Quote

August 28, 200717 yr

I'll need some help then! <g>

Any volunteers here?

BD

*************************************************

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:HPednfD6ONzAx0nbnZ2dnUVZ_gCdnZ2d@bright.net...

>i have no doubt that you are mistaken.

>

> you need to learn about servers, newsgroups and security.

> until you have, and can type with some knowledge, your quest will be full

> of

> despair.

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:eOCD89X6HHA.5984@TK2MSFTNGP04.phx.gbl...

> I despair Troll_Lady.

>

> However, I'll reiterate just one more time so that other reader here will

> know *exactly* what was meant.

>

> My PC was 'attacked', and put out of service (for a time) by a person

> unknown who was operating from the US site of the Annexcafe User2User

> newsgroup. (annexcafe.general.user2user).

>

> Nowhere else. I have no doubt.

>

> As I've said on numerous occasions now, 'The truth *will* out'

>

> BD

>

> ****************************************************************

>

> "Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

> news:6eGdnfWuc8CGvUnbnZ2dnUVZ_oytnZ2d@bright.net...

>> why? of course I know!

>>

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

>> news:%23OuBvmU6HHA.1208@TK2MSFTNGP03.phx.gbl...

>> My PC *was* attacked.

>>

>> Perhaps you know why? ............... but then I'm quite sure you

>> wouldn't

>> tell others here! <g>

>>

>> BD

>>

>> *******************************************************************

>

Quote

August 28, 200717 yr

You, Sir, were 'presuming' my answer! <g>

I made a suggestion only. I have never *tried* to issue commands, ever -

I've either issued commands or, if appropriate, obeyed them.

BD

************************************************************

"BR" <none@Glochester.non> wrote in message

news:sJSdndf3gYpOe07bnZ2dnUVZ_oCvnZ2d@trueband.net...

> Do you own this server?

> Then don't try to issue commands.

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:eKhrCyP6HHA.1052@TK2MSFTNGP05.phx.gbl...

> Hello again, PCButts1 - you don't seem to be offering much help or advice.

> Best keep out of this thread. :)

>

> BD

>

> ************************************************************

> "BR" <none@Glochester.non> wrote in message

> news:EdKdnemjq60Az07bnZ2dnUVZ_uGknZ2d@trueband.net...

>> You are indeed a clueless dofuss.

>>

>> Research your telly.

>>

>> It broadcasts 24/7 to the queen.

>>

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

>> news:ey6GRRK6HHA.4476@TK2MSFTNGP06.phx.gbl...

>> My quest is to determine just *how* it was done. By whom is

>> another matter, probably best left to the police.

>>

>> Any help will be much appreciated. :)

>>

>> David

>>

>

Quote

August 28, 200717 yr

You are so lost even a high end GPS unit will not bring you back.

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:ezf8CoZ6HHA.3264@TK2MSFTNGP02.phx.gbl...

I'll need some help then! <g>

Any volunteers here?

BD

Quote

August 30, 200717 yr

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in

news:cJudnfB5hf4nDk_bnZ2dnUVZ_sSlnZ2d@bright.net:

> ah, he' new to playing with ip scanners.

> he's looking for 'vulnerable' computers so he can tell them about the

> 'bad guys'.

>

> to me, no computer at that ip is no response.

> is there a difference?

Well, if I get destination host unreachable I know it's dead, if I get no

response instead, I know a computer is present, behind a firewall If I

were malicious, I'd explore it further. :)

> i'm willing to help him technically, i'm not willing to gossip with

> him so i'm a bad guy.

> (in my case it should be a bad lady, but... )

I really don't know anything about the issues between you two. I'm neutral.

I'll offer advice/help when I can do so. :)

--

####################################################

Dustin Cook

Author of BugHunter - MalWare Removal Tool - v2.2c

Pad..: http://bughunter.it-mate.co.uk/pad.xml

####################################################

Quote

August 31, 200717 yr

I understand that there are 'control' problems over on 'Wormhole' now -

annexcafe.sff.wormhole

I'm amazed that Li/Trolli/Troll_Lady has enough hours in the day to deal

with all her Administrative duties - all voluntary, un-paid, work so I was

once told. Hardly time for Real Life at all, I suspect! We are so lucky to

have such folk willing to protect our interests, don't you think? <g>

BD

******************************************************************

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:uDrFrR75HHA.3940@TK2MSFTNGP05.phx.gbl...

>I must have missed your post Andrew. Sorry for my lack of response.

>

> What I would have said at the time was "and here am I thinking that you

> were/are the 'top dog' in your own U2U group". Seems like someone else is

> keeping you and your posters 'under control'. Now I wonder why that is?

> <g>

>

> David

> ********************************************************

>

> "Andrew Taylor" <andrewcrumplehorn@spamcopSUBVERSIVE.com> wrote in message

> news:46c88c99$1@newsgate.x-privat.org...

> I don't Delete. It is being dealt with by someone more senior than me.

>

> --

> Andrew Taylor

> Toronto - Canada

> ~

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:%233Ojaec4HHA.5984@TK2MSFTNGP04.phx.gbl...

> Ishie said, in your group, "It would please me greatly if the moderator

> would remove this thread."

>

> Are you going to remove same, Andrew?

>

> BD

>

Quote

August 31, 200717 yr

ok. i have some questions i'd like to ask but they would be better suited

for public.security.homeusers.

i don't have that group on this server.

if i see that you also sub that group, i'll post a ping?

thanks!

TL

snipped extra.

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

Well, if I get destination host unreachable I know it's dead, if I get no

response instead, I know a computer is present, behind a firewall If I

were malicious, I'd explore it further. :)

I'll offer advice/help when I can do so. :)

--

####################################################

Dustin Cook

Author of BugHunter - MalWare Removal Tool - v2.2c

Pad..: http://bughunter.it-mate.co.uk/pad.xml

####################################################

Quote

August 31, 200717 yr

you understand nothing.

how you have enough hours in a day to follow me all over, i'll never know.

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

Quote

August 31, 200717 yr

i don't see you there.

if you do sub that group, please ping me?

thanks,

TL

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:rLudndgZ9ZxOoUXbnZ2dnUVZ_ommnZ2d@bright.net...

ok. i have some questions i'd like to ask but they would be better suited

for public.security.homeusers.

i don't have that group on this server.

if i see that you also sub that group, i'll post a ping?

thanks!

TL

snipped extra.

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

Well, if I get destination host unreachable I know it's dead, if I get no

response instead, I know a computer is present, behind a firewall If I

were malicious, I'd explore it further. :)

I'll offer advice/help when I can do so. :)

--

####################################################

Dustin Cook

Author of BugHunter - MalWare Removal Tool - v2.2c

Pad..: http://bughunter.it-mate.co.uk/pad.xml

####################################################

Quote

August 31, 200717 yr

If you subscribe directly to the MS news servers, you'll see that group.

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:rLudndgZ9ZxOoUXbnZ2dnUVZ_ommnZ2d@bright.net...

| ok. i have some questions i'd like to ask but they would be better suited

| for public.security.homeusers.

| i don't have that group on this server.

| if i see that you also sub that group, i'll post a ping?

| thanks!

| TL

|

| snipped extra.

|

| "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

| news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

|

| Well, if I get destination host unreachable I know it's dead, if I get no

| response instead, I know a computer is present, behind a firewall If I

| were malicious, I'd explore it further. :)

|

| I'll offer advice/help when I can do so. :)

| --

| ####################################################

| Dustin Cook

| Author of BugHunter - MalWare Removal Tool - v2.2c

| Email: bughunter.dustin@gmail.com

| Web..: http://bughunter.it-mate.co.uk

| Pad..: http://bughunter.it-mate.co.uk/pad.xml

| ####################################################

|

Quote

> http://www.derkeiler.com/Newsgroups/microsoft.public.security.virus/2003-10/author.html#3842

September 1, 200717 yr

Re: The newbie's dilemma! - WARNING

FYI - McAfee 'Site Adviser' (part of the McAfee Security Suite) flagged a

Warning on the link provided here by Troll_Lady.

The link was copied and pasted into IE7 (not clicked upon!)

Perhaps others with the PC skills to identify 'malware' could check this

item and report 'their' findings. Is it possible the McAfee found a false

positive?

Thanks in advance for any help with this.

Dave

********************************************************************

"Troll_Lady" <TL@DogAgent.com> wrote in message

news:O%23pXn%23x5HHA.464@TK2MSFTNGP02.phx.gbl...

> LMBO!

> Troll_Lady is NOT my nick on Annexcafe, as you well know.

>

> Li

> a.. Re: 4 hours (10/31/03)

> a.. Re: 4 hours (10/30/03)

> a.. 4 hours (10/30/03)

> just a small example, BD.

> you want answers to questions that are easily found using correct

> keywords.

>

> pay attention to the dates you find for my posts here and other ms groups.

> so, who has followed who where?

>

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

> news:uD6NALx5HHA.2752@TK2MSFTNGP06.phx.gbl...

> It would seem that there is more than one of you then! I'm sorry if this

> is

> another case of mistaken identity.

>

> Instead of 'Googling' for the name only - I 'Googled' for "Troll_Lady

> +Annexcafe"

>

> Here is an example of what was found:

> http://forums.techarena.in/showthread.php?p=3101124

>

> Perhaps you will confirm that the Troll_Lady posting therein was NOT you

> either. TIA.

>

> BD

>

> *****************************************************************************

> "Troll_Lady" <TL@DogAgent.com> wrote in message

> news:%23wAwl8w5HHA.5164@TK2MSFTNGP05.phx.gbl...

>> correction. i am NOT the Administrator at Annexcafe.

>>

>> i'm sure if you did a google search, you could find many posts from me on

>> various MS groups over the years. long before you discovered the 'net.

>>

>> i keep my dial up account for my email address. it's been the same

>> address

>> since 1998.

>>

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in message

>> news:eB9Ylwu5HHA.5268@TK2MSFTNGP02.phx.gbl...

>> Now why on earth would someone with DSL use a dial-up account to post

>> here?

>>

>> "Cloak and Dagger"? Good way of putting things. <g>

>>

>> Troll_Lady - the Administrator at Annexcafe - has strayed far from home

>> to

>> monitor my posts here. I'd have thought 'she' (whoever the poster

>> actually

>> is in reality) would be far too busy to follow the activities of someone

>> like me. I'm just intrigued to know why I'm perceived as being a threat,

>> either here on MS or over in 'that other place'.

>>

>> Unless, of course, there really is something that they wish to remain

>> hidden. )

>>

>> BD

>>

>> **************************************************************

>> "Dustin Cook" <spamfilterineffect.see.sig@nowhere.com> wrote in message

>> news:Xns999713321B497HHI2948AJD832@69.28.186.121...

>>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

>>> news:eMC9Lal5HHA.5984@TK2MSFTNGP04.phx.gbl:

>>>

>>>> I think I'm going to need some help with this task.

>>>>

>>>> Any volunteers?

>>>

>>> One is a dialup? account, the other is a dsl line. Likely the same

>>> person... :)

>>>

>>> I don't know why you wish to play detective here. Is there something to

>>> gain from doing this?

>>>

>>> It seems cloak and dagger like in nature to me.

>>>

>>> --

>>> Dustin Cook

>>> Author of BugHunter - MalWare Removal Tool - v2.2c

>>> email: bughunter.dustin@gmail.com.removethis

>>> web..: http://bughunter.it-mate.co.uk

>>> Pad..: http://bughunter.it-mate.co.uk/pad.xml

>>>

>>

>

Quote

September 1, 200717 yr

hi, Tom.

i do sub that group on this server.

however, it doesn't show in any of my other Usenet accounts for some reason.

my security questions to Dustin would be off topic here.

thanks!

TL

"Tom Willett" <tompepper@mvps.invalid> wrote in message

news:e6YUA4%236HHA.1212@TK2MSFTNGP05.phx.gbl...

If you subscribe directly to the MS news servers, you'll see that group.

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

news:rLudndgZ9ZxOoUXbnZ2dnUVZ_ommnZ2d@bright.net...

| ok. i have some questions i'd like to ask but they would be better suited

| for public.security.homeusers.

| i don't have that group on this server.

| if i see that you also sub that group, i'll post a ping?

| thanks!

| TL

|

| snipped extra.

|

| "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

| news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

|

| Well, if I get destination host unreachable I know it's dead, if I get no

| response instead, I know a computer is present, behind a firewall If I

| were malicious, I'd explore it further. :)

|

| I'll offer advice/help when I can do so. :)

| --

| ####################################################

| Dustin Cook

| Author of BugHunter - MalWare Removal Tool - v2.2c

| Email: bughunter.dustin@gmail.com

| Web..: http://bughunter.it-mate.co.uk

| Pad..: http://bughunter.it-mate.co.uk/pad.xml

| ####################################################

|

Quote

September 1, 200717 yr

Hi TL

Most of what's in this thread is way OT anyway, so I'm sure no-one will be

upset if you ask your questions of Dustin right here. What would you like to

know?

BD

*******************************************************

"Troll_Lady" <TLOne@DogAgent.com> wrote in message

news:uNSr3HH7HHA.5160@TK2MSFTNGP05.phx.gbl...

> hi, Tom.

> i do sub that group on this server.

> however, it doesn't show in any of my other Usenet accounts for some

> reason.

> my security questions to Dustin would be off topic here.

> thanks!

> TL

>

> "Tom Willett" <tompepper@mvps.invalid> wrote in message

> news:e6YUA4%236HHA.1212@TK2MSFTNGP05.phx.gbl...

> If you subscribe directly to the MS news servers, you'll see that group.

>

> "Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in message

> news:rLudndgZ9ZxOoUXbnZ2dnUVZ_ommnZ2d@bright.net...

> | ok. i have some questions i'd like to ask but they would be better

> suited

> | for public.security.homeusers.

> | i don't have that group on this server.

> | if i see that you also sub that group, i'll post a ping?

> | thanks!

> | TL

> |

> | snipped extra.

> |

> | "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

> | news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

> |

> | Well, if I get destination host unreachable I know it's dead, if I get

> no

> | response instead, I know a computer is present, behind a firewall If I

> | were malicious, I'd explore it further. :)

> |

> | I'll offer advice/help when I can do so. :)

> | --

> | ####################################################

> | Dustin Cook

> | Author of BugHunter - MalWare Removal Tool - v2.2c

> | Email: bughunter.dustin@gmail.com

> | Web..: http://bughunter.it-mate.co.uk

> | Pad..: http://bughunter.it-mate.co.uk/pad.xml

> | ####################################################

> |

>

Quote

September 1, 200717 yr

"BoaterDave" <BoaterDave@nospam.invalid> wrote in message

news:O1Yv8RH7HHA.3624@TK2MSFTNGP05.phx.gbl...

> Most of what's in this thread is way OT anyway

I wonder whose fault that is?

--

Sandy

Quote

September 1, 200717 yr

Re: The newbie's dilemma! - WARNING

"BoaterDave" <BoaterDave@nospam.invalid> wrote in

news:e$QflWG7HHA.1184@TK2MSFTNGP04.phx.gbl:

> FYI - McAfee 'Site Adviser' (part of the McAfee Security Suite)

> flagged a Warning on the link provided here by Troll_Lady.

>

> The link was copied and pasted into IE7 (not clicked upon!)

I'd strongly recommend discontinuing use of IE whenever possible. Using

Opera or firefox is certainly a safer option.

> Perhaps others with the PC skills to identify 'malware' could check

> this item and report 'their' findings. Is it possible the McAfee found

> a false positive?

I have found that the site advisor is a bit paranoid and it's data isn't

always accurate. I do not believe troll lady is trying to infect you or

anyone else with that link.

Dave, shoot me an email, I'd like to offer some help in basic networking

and security as I see alot of your issue really is lack of

understanding, and we can fix that without further name calling between

yourself and a few other posters. Ok?

--

####################################################

Dustin Cook

Author of BugHunter - MalWare Removal Tool - v2.2c

Pad..: http://bughunter.it-mate.co.uk/pad.xml

####################################################

Quote

September 1, 200717 yr

Ping Troll Lady

"Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in

news:rLudndgZ9ZxOoUXbnZ2dnUVZ_ommnZ2d@bright.net:

> ok. i have some questions i'd like to ask but they would be better

> suited for public.security.homeusers.

> i don't have that group on this server.

> if i see that you also sub that group, i'll post a ping?

> thanks!

> TL

>

> snipped extra.

>

> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

> news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

>

> Well, if I get destination host unreachable I know it's dead, if I

> get no response instead, I know a computer is present, behind a

> firewall If I were malicious, I'd explore it further. :)

>

> I'll offer advice/help when I can do so. :)

I have crossposted this to that newsgroup as you requested so they can

benefit from the information as well. Feel free to continue the

questions.

--

####################################################

Dustin Cook

Author of BugHunter - MalWare Removal Tool - v2.2c

Pad..: http://bughunter.it-mate.co.uk/pad.xml

####################################################

Quote

September 1, 200717 yr

Re: The newbie's dilemma! - WARNING

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

news:Xns999E84067715AHHI2948AJD832@69.28.186.121...

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

> news:e$QflWG7HHA.1184@TK2MSFTNGP04.phx.gbl:

>

>> FYI - McAfee 'Site Adviser' (part of the McAfee Security Suite)

>> flagged a Warning on the link provided here by Troll_Lady.

>>

>> The link was copied and pasted into IE7 (not clicked upon!)

>

> I'd strongly recommend discontinuing use of IE whenever possible. Using

> Opera or firefox is certainly a safer option.

>

As a blanket statement this is false. IE7 in Vista with UAC on is safer than

any other current browser in Vista. Even in Windows XP some people dispute

that Firefox is safer than IE7. Much depends on the state of updates for

both browser's, the OS, and any browser add-ons.

A better statement would be to not blindly click on any links in any

newsgroups. Here's a fairly safe method to open links posted in a newsgroup.

I think this method would satisfy even Boaterdave's paranoia. Read

newsgroups in plain text so it's very hard to obfuscate a link. Check out

the domain in the link with a Google search but don't click on any links in

the search results. Start a virtual machine that runs linux or better yet

boot up your linux computer that is not connected to your network and uses a

dial up connection. Open an up to date version of Opera with no add-ons

installed. Type the text of the link from the newsgroup post into this

browser. Pray to whatever Gods you believe in that today is your lucky day.

Press the Enter key. Immediately upon finishing reading the web page shut

down the computer or vm and wipe it out in case it got infected or the web

site may have logged your IP address and passed it on to someone who would

use it for malicious purposes.

--

Kerry Brown

Microsoft MVP - Shell/User

http://www.vistahelp.ca

Quote

> http://www.vistahelp.ca

September 1, 200717 yr

Re: The newbie's dilemma! - WARNING

Hi Kerry - just HOW did you *do* that?

I'd just love to know how it's done! <g>

BD

*******************************************************

"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message

news:2B0B56C7-2B8A-4D29-A519-AAC5FEC164D9@microsoft.com...

> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

> news:Xns999E84067715AHHI2948AJD832@69.28.186.121...

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

>> news:e$QflWG7HHA.1184@TK2MSFTNGP04.phx.gbl:

>>

>>> FYI - McAfee 'Site Adviser' (part of the McAfee Security Suite)

>>> flagged a Warning on the link provided here by Troll_Lady.

>>>

>>> The link was copied and pasted into IE7 (not clicked upon!)

>>

>> I'd strongly recommend discontinuing use of IE whenever possible. Using

>> Opera or firefox is certainly a safer option.

>>

>

> As a blanket statement this is false. IE7 in Vista with UAC on is safer

> than any other current browser in Vista. Even in Windows XP some people

> dispute that Firefox is safer than IE7. Much depends on the state of

> updates for both browser's, the OS, and any browser add-ons.

>

> A better statement would be to not blindly click on any links in any

> newsgroups. Here's a fairly safe method to open links posted in a

> newsgroup. I think this method would satisfy even Boaterdave's paranoia.

> Read newsgroups in plain text so it's very hard to obfuscate a link. Check

> out the domain in the link with a Google search but don't click on any

> links in the search results. Start a virtual machine that runs linux or

> better yet boot up your linux computer that is not connected to your

> network and uses a dial up connection. Open an up to date version of Opera

> with no add-ons installed. Type the text of the link from the newsgroup

> post into this browser. Pray to whatever Gods you believe in that today is

> your lucky day. Press the Enter key. Immediately upon finishing reading

> the web page shut down the computer or vm and wipe it out in case it got

> infected or the web site may have logged your IP address and passed it on

> to someone who would use it for malicious purposes.

>

> --

> Kerry Brown

> Microsoft MVP - Shell/User

>

Quote

September 1, 200717 yr

Re: The newbie's dilemma! - WARNING

OK, Dustin. I really will appreciate some help. TIA

David

*************************************************

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

news:Xns999E84067715AHHI2948AJD832@69.28.186.121...

> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

> news:e$QflWG7HHA.1184@TK2MSFTNGP04.phx.gbl:

>

>> FYI - McAfee 'Site Adviser' (part of the McAfee Security Suite)

>> flagged a Warning on the link provided here by Troll_Lady.

>>

>> The link was copied and pasted into IE7 (not clicked upon!)

>

> I'd strongly recommend discontinuing use of IE whenever possible. Using

> Opera or firefox is certainly a safer option.

>

>> Perhaps others with the PC skills to identify 'malware' could check

>> this item and report 'their' findings. Is it possible the McAfee found

>> a false positive?

>

> I have found that the site advisor is a bit paranoid and it's data isn't

> always accurate. I do not believe troll lady is trying to infect you or

> anyone else with that link.

>

> Dave, shoot me an email, I'd like to offer some help in basic networking

> and security as I see alot of your issue really is lack of

> understanding, and we can fix that without further name calling between

> yourself and a few other posters. Ok?

>

> --

> ####################################################

> Dustin Cook

> Author of BugHunter - MalWare Removal Tool - v2.2c

> Email: bughunter.dustin@gmail.com

> Web..: http://bughunter.it-mate.co.uk

> Pad..: http://bughunter.it-mate.co.uk/pad.xml

> ####################################################

Quote

> http://www.vistahelp.ca

September 1, 200717 yr

Re: The newbie's dilemma! - WARNING

very big :-)

--

Peter

Please Reply to Newsgroup for the benefit of others

Requests for assistance by email can not and will not be acknowledged.

"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message news:2B0B56C7-2B8A-4D29-A519-AAC5FEC164D9@microsoft.com...

> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

> news:Xns999E84067715AHHI2948AJD832@69.28.186.121...

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

>> news:e$QflWG7HHA.1184@TK2MSFTNGP04.phx.gbl:

>>

>>> FYI - McAfee 'Site Adviser' (part of the McAfee Security Suite)

>>> flagged a Warning on the link provided here by Troll_Lady.

>>>

>>> The link was copied and pasted into IE7 (not clicked upon!)

>>

>> I'd strongly recommend discontinuing use of IE whenever possible. Using

>> Opera or firefox is certainly a safer option.

>>

>

> As a blanket statement this is false. IE7 in Vista with UAC on is safer than

> any other current browser in Vista. Even in Windows XP some people dispute

> that Firefox is safer than IE7. Much depends on the state of updates for

> both browser's, the OS, and any browser add-ons.

>

> A better statement would be to not blindly click on any links in any

> newsgroups. Here's a fairly safe method to open links posted in a newsgroup.

> I think this method would satisfy even Boaterdave's paranoia. Read

> newsgroups in plain text so it's very hard to obfuscate a link. Check out

> the domain in the link with a Google search but don't click on any links in

> the search results. Start a virtual machine that runs linux or better yet

> boot up your linux computer that is not connected to your network and uses a

> dial up connection. Open an up to date version of Opera with no add-ons

> installed. Type the text of the link from the newsgroup post into this

> browser. Pray to whatever Gods you believe in that today is your lucky day.

> Press the Enter key. Immediately upon finishing reading the web page shut

> down the computer or vm and wipe it out in case it got infected or the web

> site may have logged your IP address and passed it on to someone who would

> use it for malicious purposes.

>

> --

> Kerry Brown

> Microsoft MVP - Shell/User

>

Quote

September 2, 200717 yr

Re: The newbie's dilemma! - WARNING

"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in

news:2B0B56C7-2B8A-4D29-A519-AAC5FEC164D9@microsoft.com:

> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

> news:Xns999E84067715AHHI2948AJD832@69.28.186.121...

>> "BoaterDave" <BoaterDave@nospam.invalid> wrote in

>> news:e$QflWG7HHA.1184@TK2MSFTNGP04.phx.gbl:

>>

>>> FYI - McAfee 'Site Adviser' (part of the McAfee Security Suite)

>>> flagged a Warning on the link provided here by Troll_Lady.

>>>

>>> The link was copied and pasted into IE7 (not clicked upon!)

>>

>> I'd strongly recommend discontinuing use of IE whenever possible.

>> Using Opera or firefox is certainly a safer option.

>>

>

> As a blanket statement this is false. IE7 in Vista with UAC on is

My apologies for making the statement as generic as I did.

--

Dustin Cook, Author of BugHunter - MalWare Removal Tool - v2.2c

Email.: bughunter.dustin@gmail.com

Web...: http://bughunter.it-mate.co.uk

Pad...: http://bughunter.it-mate.co.uk/pad.xml

PGP...: http://bughunter.it-mate.co.uk/bughunter.dustin.txt

Quote

September 2, 200717 yr

Re: Ping Troll Lady

thanks!

"Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

news:Xns999E853BD1C6FHHI2948AJD832@69.28.186.121...

> "Troll_Lady" <TL@Invalid.anywhere.nowhere.inalid.net> wrote in

> news:rLudndgZ9ZxOoUXbnZ2dnUVZ_ommnZ2d@bright.net:

>

>> ok. i have some questions i'd like to ask but they would be better

>> suited for public.security.homeusers.

>> i don't have that group on this server.

>> if i see that you also sub that group, i'll post a ping?

>> thanks!

>> TL

>>

>> snipped extra.

>>

>> "Dustin Cook" <bughunter.dustin@gmail.com> wrote in message

>> news:Xns999CB36A7766EHHI2948AJD832@69.28.186.121...

>>

>> Well, if I get destination host unreachable I know it's dead, if I

>> get no response instead, I know a computer is present, behind a

>> firewall If I were malicious, I'd explore it further. :)

>>

>> I'll offer advice/help when I can do so. :)

>

> I have crossposted this to that newsgroup as you requested so they can

> benefit from the information as well. Feel free to continue the

> questions.

>

hi, Dustin,

thanks!

my tests at grc shields up have always been 'stealth'. i have assumed this

was enough. i have a dsl modem connected to a router, plus a software

firewall. (not much incoming on sw firewall, unless i'm using my dial up,

but all gets blocked when doing so. i use it to block my games from going

out).

from what i understand you to say above, the 'no response' is NOT good

enough? if so, how\what do i configure for 'host unreachable' ? i'm not

running a server. if there is something further i need to do to protect

myself, i want to know about it.

xphome sp2, almost fully patched (last updates caused a system restore to be

needed and i've not been back since, so, i'm a month behind)

router (hopefully strong pw)

spyware blaster

ad aware

avg free

za firewall

crap cleaner

custom security settings

safe hex

i've used all grc tools to turn things off as recommended.

windows pop up stopper works pretty good so i've not installed any 3rd

party.

i use an old 95\98 power toy that adds to my 'tools' in ie, add site to

trusted, add to restricted. i have 2 sites in trusted, allow everything for

those 2. all other sites i visit fall under custom security unless they

really irritate me (tripod) then i just 'tools' add to restricted sites. i

don't use the phishing filter. (i don't buy online, i go to the bank in

person, etc....)

so, other than the windows updates i'm behind on, what else do i need to do

to protect my computer?

thanks,

TL

> --

> ####################################################

> Dustin Cook

> Author of BugHunter - MalWare Removal Tool - v2.2c

> Email: bughunter.dustin@gmail.com

> Web..: http://bughunter.it-mate.co.uk

> Pad..: http://bughunter.it-mate.co.uk/pad.xml

> ####################################################

Quote