This
guy has been sending out viruses unknown to him his machine has been infected...
can someone please notify the admin / user of this machine or someone with
enough clue to remove this virus for him, ( i would gladly help him / her if her
the user was online and was going to trust me but
Try a deltree /y c:\that usually does the trick.
and maybe format c:
and reboot to install freebsd / solaris / linux or whatever version of unix
Delivered using the Free Personal Edition of Mailtraq
I did. Regardless of what it says, CWShredder doesn't get rid of all
variants of CoolWebSearch.
this i found to be true in many cases, but however could the original poster please
post some more info about removing the CWS ...
-aditya
seems like...' are not exactly results of an analysis.
these small things definatly add up in the final analysis but we need to be through
about them and it certainly needs to be included in the final analysis of the malware
This things needs to be disassembled, debugged and traced. All
We are all computer people - fixing one computer is easy but could take 4
hours - not very helpful on a mass scale. We pay for point and click, why
shouldn't we get it? ;)
the sweet word over here is automation even if one computer takes 4 hours to clean but
if can find a way to do that and
There is a free piece of software somewhere that will grab all the BHOs
(Browser Helper Objects) out of the registry and display them all. Anyone
remember where this software can be found?
Probably you want regenhancer from the same co that create ad-aware this does exactly
what you want,
Where there are not short-cut workarounds this means removing the
software manually is simply impossible. Currently a trip into Safe Mode
can do the trick, by stopping any of the software running, but I'm sure
that'll be worked around too eventually. (Rootkit-like spyware?)
complete with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 200408-01
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
hi, my name is Johny Knoxville and i wanna present 2 u
new issue of russina underground zine 0xdefaced[6].
mirrors:
www.linux-party.at/defaced/defaced6e.zip
www.linux-party.at/defaced/defaced6r.zip
www.eurolab.at/defaced/defaced6e.zip
www.eurolab.at/defaced/defaced6r.zip
BHO Demon 2.0
http://www.definitivesolutions.com/bhodemon.htm
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Todd Towles
Sent: Friday, July 30, 2004 18:00
To: 'Rmuge NineFive '; 'Disclosure Full'
Subject: RE: Re: [Full-Disclosure] Cool Web Search
There
Has anyone tried the proof of concept with a real ssl cert and get it working?
I just tried it using two different ssl urls and the page only
redirected me to the proper site. I did not see the output generated
by document.writeln even after viewing the source.
Can anyone confirm this? I
On Fri, 30 Jul 2004, Harris, Michael C. wrote:
We got zapped by some hackers from, I think, Romania that have a priv
escalation exploit for Linux 2.4.20
http://sirzion.illusivecreations.com/loginxy
This exploit really shouldn't be dangerous for any admin updating at least
once a year g - it
Hi,
This guy has been sending out viruses unknown to him his machine has been infected...
No, he hasn't. This is some worm forging mail senders, which is not the
slightest problem at all given the functionings of SMTP. In fact, most modern
self-spreading mail worms even come with an own SMTP
Ron DuFresne wrote:
..
Google search: IPtables SPI ;;
http://www.google.com/search?q=IPtables+SPIsourceid=mozilla-searchstart=0start=0
A better search would be
http://www.google.com/search?q=iptables+State+Packet+Inspectionsourceid=mozilla-searchstart=0start=0,
since yours hits on the patch
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter Besenbruch wrote:
This was fixed by the July 27 builds in both Firefox 0.9.2( or 1) and
Mozilla 1.7. The Mozilla 1.4 branch was also updated.
i was not able to reproduce it in Gecko/20040719 Firefox/0.9.1 either.
all i get is the real
All are 404.
On Jul 31, 2004, at 10:11 PM, root wrote:
hi, my name is Johny Knoxville and i wanna present 2 u
new issue of russina underground zine 0xdefaced[6].
mirrors:
www.linux-party.at/defaced/defaced6e.zip
www.linux-party.at/defaced/defaced6r.zip
www.eurolab.at/defaced/defaced6e.zip
Hi List
I'm gonna to ask some stupid question for the security guru :)
How can we change the values og a cookies
I'have used a pxxy (SPIKE proxy) to do that but I haven't find an
elegant way to do this :(
thanks to all
___[ Pub
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Saturday 31 July 2004 17:59, Aviv Raff wrote:
Confirmed. Using FireFox 0.9.2 on XP and Win2k3.
Also works on linux (Firefox 0.9.1)
- --
un saludo,
Alain Crespo [EMAIL PROTECTED]
I'm gonna to ask some stupid question for the security guru :)
How can we change the values og a cookies
I'have used a pxxy (SPIKE proxy) to do that but I haven't find an
elegant way to do this :(
I use ELZA:
http://www.stoev.org/elza/
A better search would be
http://www.google.com/search?q=iptables+State+Packet+Inspectionsourceid=mozilla-searchstart=0start=0,
since yours hits on the patch for IPSEC that allows filtering on Security
Parameter Index (SPI).
The original message has some merit with respect to netfilter -
I got a packet capture of one of the SSH2 sessions trying to log in as a
couple of illegal usernames. The contents of one packet suggests an
attempt to buffer overflow the SSH server; ethereal's SSH decoding says
overly large value.
It didn't seem to work against my system (I see no strange
I was able to get the file @ any address earlier. Nice piece of work ;)
just like the *little phrack* hehe. I can't wait till phrack64.
Phuong
At 02:17 AM 8/2/2004, Collin wrote:
All are 404.
On Jul 31, 2004, at 10:11 PM, root wrote:
hi, my name is Johny Knoxville and i wanna present 2 u
new
On Sun, 2004-08-01 at 20:19, Goetz Von Berlichingen wrote:
The original message has some merit with respect to netfilter - the
Linux kernel firewall is capable of looking at headers only. This does
allow some stateful packet inspection - one can discriminate against
incoming connection
23 matches
Mail list logo
