ircbrute - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: ircbrute



            News: alt.comp.anti-virus [Tue, 16 Mar 2010 15:32:10 -0600]

            Subject: Re: ircbrute

                  News: alt.comp.anti-virus [Tue, 16 Mar 2010
17:18:02 -0400]
*
                  Comment to: Kevin Klement
                  Subject: Re: ircbrute

            Hello, David!

            You wrote to Kevin Klement on Tue, 16 Mar 2010 17:18:02 -0400:

      DHL> The formatting came out a bit weird but, yep, I see your X-Face

            When should I use multline with the X-Face code?

            With best regards, Gufus.  E-mail: info@gypsy-designs.com
            --- Fidolook 2007 (HV) 6.0.6000.97 - 24/12/2008 20:32:05
            * Origin: DHL

            Message-ID: hnosib021c7@news3.newsguy.com

      --- Fidolook 2007 (HV) 6.0.6000.97 - 24/12/2008 20:32:05
      * Origin: Gypsy Designs Inc.




OT: Fidolook (was re: ircbrute)




|             News: alt.comp.anti-virus [Tue, 16 Mar 2010 15:32:10 -0600]

|             Subject: Re: ircbrute

|                   News: alt.comp.anti-virus [Tue, 16 Mar 2010
17::18:02 -0400]
| *
|                   Comment to: Kevin Klement
|                   Subject: Re: ircbrute

|             Hello, David!

|             You wrote to Kevin Klement on Tue, 16 Mar 2010 17:18:02 -0400:

|       DHL> The formatting came out a bit weird but, yep, I see your X-Face

|             When should I use multline with the X-Face code?

No, sorry, that's not what I meant.

The format of the X-Face is perfect.

The BODY of the News Post/Reply is formatted - weirdly.

Play with the General Templates settings and post in a 'test' group and see how
a post and
a reply to your own post appears.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: OT: Fidolook (was re: ircbrute)



Hello, David!

You wrote in conference alt.comp.anti-virus to Gufus on Tue, 16 Mar 2010
19:16:32 -0400:

DHL> No, sorry, that's not what I meant.

k'

DHL> The format of the X-Face is perfect.

k'

DHL> The BODY of the News Post/Reply is formatted - weirdly.

I'm using a skin I DL'ed from http://wwwfidolok.org maybe that's why.

DHL> Play with the General Templates settings and post in a 'test' group
DHL> and see how a post and a reply to your own post appears.

Have been.

Chat soon

With best regards, Gufus.  E-mail: info@gypsy-designs.com

      --- Fidolook 2007 (HV) 6.0.6000.97 - 24/12/2008 20:32:05
      * Origin: Gypsy Designs Inc.




Re: OT: Fidolook (was re: ircbrute)



            News: alt.comp.anti-virus [Tue, 16 Mar 2010 17:26:50 -0600]
            Subject: Re: OT: Fidolook (was re: ircbrute)

      Hello, David!

      You wrote in conference alt.comp.anti-virus to Gufus on Tue, 16 Mar
2010
      19:16:32 -0400:

      DHL> The BODY of the News Post/Reply is formatted - weirdly.

      I might just go back to GoldED on my BBS, It's a lot easyer to use.

      ttul...

      With best regards, Gufus.  E-mail: info@gypsy-designs.com

      --- Fidolook 2007 (HV) 6.0.6000.97 - 24/12/2008 20:32:05
      * Origin: Gypsy Designs Inc.




Re: OT: Fidolook (was re: ircbrute)




|             News: alt.comp.anti-virus [Tue, 16 Mar 2010 17:26:50 -0600]
|             Subject: Re: OT: Fidolook (was re: ircbrute)

|       Hello, David!

|       You wrote in conference alt.comp.anti-virus to Gufus on Tue, 16 Mar
| 2010
|       19:16:32 -0400:

|       DHL> The BODY of the News Post/Reply is formatted - weirdly.

|       I might just go back to GoldED on my BBS, It's a lot easyer to use.

|       ttul...

|       With best regards, Gufus.  E-mail: info@gypsy-designs.com

|       --- Fidolook 2007 (HV) 6.0.6000.97 - 24/12/2008 20:32:05
|       * Origin: Gypsy Designs Inc.

The Author, George Hazen, is Russian and the English "help" modules are that
great.  I
don't think the novice can handle all tha variables in Fidolook.  However, I am
confident
YOU can.



--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: OT: Fidolook (was re: ircbrute)



            News: alt.comp.anti-virus [Tue, 16 Mar 2010 18:08:31 -0600]

            Subject: Re: OT: Fidolook (was re: ircbrute)

      Hello, David!
      You wrote in conference alt.comp.anti-virus to Gufus on Tue, 16 Mar
2010
      19:49:16 -0400:

      DHL> The Author, George Hazen, is Russian and the English "help"
modules
      DHL> are that great.  I don't think the novice can handle all tha
variables
      DHL> in Fidolook.  However, I am confident YOU can.

      All ready have, this should look beter.

      Cheers!

      With best regards, Gufus.  E-mail: info@gypsy-designs.com




Re: OT: Fidolook (was re: ircbrute)



Hello, David!

You wrote on Tue, 16 Mar 2010 19:49:16 -0400:

 DHL> The Author, George Hazen, is Russian and the English "help" modules

Were can I get a english manual?


With best regards, Gufus.  E-mail: info@gypsy-designs.com



Re: OT: Fidolook (was re: ircbrute)



Hello, David!

You wrote on Tue, 16 Mar 2010 19:49:16 -0400:

 DHL> The Author, George Hazen, is Russian and the English "help" modules

Do you know were I can get a English manual?

With best regards, Gufus.  E-mail: info@gypsy-designs.com



Re: OT: Fidolook (was re: ircbrute)



            News: alt.comp.anti-virus [Wed, 17 Mar 2010 15:11:27 -0600]

            Subject: Re: OT: Fidolook (was re: ircbrute)

      Hello, David!

      You wrote on Tue, 16 Mar 2010 19:49:16 -0400:

      DHL> The Author, George Hazen, is Russian and the English "help"
modules
      DHL> are that great.  I don't think the novice can handle all tha
variables
      DHL> in Fidolook.  However, I am confident YOU can.

      Got your email.:)

      Thanks bud!

          Gufus

      --
      K Klement

      Enhance your marketing at   http://www.gypsy-designs.com
                                 mailto:info@gypsy-designs.com
      Gypsy Designs                        Fax: (403) 242-3221

      --- Fidolook 2007 (HV) 6.0.6000.97 - 24/12/2008 20:32:05
      * Origin: Gypsy Designs Inc.




Re: ircbrute



On Tue, 9 Mar 2010 19:28:09 +0000 (UTC),
vjp2.at@at.BioStrategist.dot.dot.com wrote:

Quoted text here. Click to load it

In what way was it broken that it required fixing? Or is this just a
language thing?


Re: ircbrute



*+->
*+->So IRCBRUTE works through the file system?
*+->
*+->*+-There was no need to destroy the fob.
*+->
*+->I agree, but no one was willing to help me fix it.

*+-In what way was it broken that it required fixing? Or is this just a
*+-language thing?

No, they refused to touch the fob. Essentially made me feel I owed it
to them to throw it away. I destroyed it because I wasn;t sure if I
ever left confidential stuff on it.

                    - = -
 Vasos Panagiotopoulos, Columbia'81+, Reagan, Mozart, Pindus, BioStrategist
   http://www.panix.com/~vjp2/vasos.htm http://www.facebook.com/vasjpan2
  ---{Nothing herein constitutes advice.  Everything fully disclaimed.}---
   [Homeland Security means private firearms not lazy obstructive guards]
 [Urb sprawl confounds terror] [Phooey on GUI: Windows for subprime Bimbos]




Re: ircbrute



Quoted text here. Click to load it

Devices, not files. Well, there are files on the device...

When the USB device is inserted, the OS "recognises" the device and
there is a feature that allows data on the device to cause the OS to
invoke a player (autoplay) or otherwise chose a program to execute
(autorun). If your home computer has this feature disabled (as it
should), then you were in no danger. It seems to me that the library has
the worm, and inserting your USB device caused the worm to try and load
an autorun.inf and program (worm body) on the device so as to infect the
next vulnerable (autorun=on) computer it got plugged into.

There is no way to tell (from here) how the library's computer got
infested, there are *other* channels (vectors) used by the worm to
spread.

Quoted text here. Click to load it

That's too bad.



Re: ircbrute



I had to log on to the library with  password.

Clamwin (updated) found nothing on my main machine,
so it does seem the library was the source.
I checked the CDs going back. No infection, no autorun, no RESTORE.

THe infected fob never had contact to my machines except via CDROMS
burned from it.

But CLAMWIN did find a chkdisk error on an 8MB PDF on the 4GB USB fob.

                    - = -
 Vasos Panagiotopoulos, Columbia'81+, Reagan, Mozart, Pindus, BioStrategist
   http://www.panix.com/~vjp2/vasos.htm http://www.facebook.com/vasjpan2
  ---{Nothing herein constitutes advice.  Everything fully disclaimed.}---
   [Homeland Security means private firearms not lazy obstructive guards]
 [Urb sprawl confounds terror] [Phooey on GUI: Windows for subprime Bimbos]




Re: ircbrute




Quoted text here. Click to load it

Thus giving you a false sense of security.

Quoted text here. Click to load it

I use ClamWin as a second opinion scanner, but I still don't trust it
completely. It does have its share of false positives, and I suspect its
share of false negatives as well. If it detects the malware on the USB
device, but not on the machine, my guess is that your machine is not
infested.

Quoted text here. Click to load it

Then how was it detected as being infected with an autorun worm?



Re: ircbrute



*+->
*+-> THe infected fob never had contact to my machines except via CDROMS
*+-> burned from it.

*+-Then how was it detected as being infected with an autorun worm?


On a machine at another library I went to download info from

Actually, I got no warning - I just saw something Resote/Taquito
(faded) on the fob, and when it didn't let me delete it, got
suspicious and right clicked virus scan.


                    - = -
 Vasos Panagiotopoulos, Columbia'81+, Reagan, Mozart, Pindus, BioStrategist
   http://www.panix.com/~vjp2/vasos.htm http://www.facebook.com/vasjpan2
  ---{Nothing herein constitutes advice.  Everything fully disclaimed.}---
   [Homeland Security means private firearms not lazy obstructive guards]
 [Urb sprawl confounds terror] [Phooey on GUI: Windows for subprime Bimbos]




Site Timeline