Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Re: Help, how to kill a virus spreader?

Reply
Thread Tools

Re: Help, how to kill a virus spreader?

 
 
VanguardLH
Guest
Posts: n/a
 
      03-25-2009
Ohmster wrote:

> There is a total butthole in Usenet now spreading pure viruses in all the
> binary newsgroups and he is disguising them as free software or porn
> movies. He will post blah, blah, blah.avi.scr files and they all come
> from the same NNTP server, Usenetserver.com. We have all sent in multiple
> complaints to usenetserver.com and get back "repair tickets" in email. We
> have called them up and complained personally. But they say they do not
> police Usenet and of course not, nobody can, but if one of their
> customers is constantly spreading viruses, they sure as hell can do
> something about it but they never do.


So are these infected posts just in the porn binaries?

Newsgroups: alt.binaries.pictures.pantyhose

Doesn't sound to be a non-sex group. Even if there might be a flood of
infected posts going on now, I doubt infected posts are rare in porn
binaries. Guess you'll have to keep wearing that anti-malware condom
when visiting the sex binaries.

> Is there any other Internet body that governs this matter that we can
> complain to when an NNTP server will not clean up it's act like
> Usetnetserver.com?


http://www.stopbadware.org/home/action
Never used this site. I have sent spam reports to the FTC but not
malware reports. Not familiar with their forums or econsumer.gov.

> Below are some of the infected message headers to show where they come
> from. Thank you.
>
> Path: ...!newshosting.com!post01.iad!not-for-mail
> Newsgroups: alt.binaries.pictures.pantyhose
> Subject: Seventeen-year-old-girls-good-looking-belgian-play.avi [1/1]
> Message-ID: <(E-Mail Removed) m>


How is newshosting.com related to usenetserver.com?


NOTE: Misuse of FollowUp-To header was ignored. My reply was sent to
*all* the original newsgroups. If any were unrelated to each
other or the OP's post was off-topic to any of them, well, that
was the OP's choice to post there.
 
Reply With Quote
 
 
 
 
thanatoid
Guest
Posts: n/a
 
      03-25-2009
VanguardLH <(E-Mail Removed)> wrote in
news:gqcc12$cm1$(E-Mail Removed):

> Ohmster wrote:
>
>> There is a total butthole in Usenet now spreading pure
>> viruses in all the binary newsgroups and he is disguising
>> them as free software or porn movies. He will post blah,
>> blah, blah.avi.scr files and they all come from the same
>> NNTP server, Usenetserver.com. We have all sent in
>> multiple complaints to usenetserver.com and get back
>> "repair tickets" in email. We have called them up and
>> complained personally. But they say they do not police
>> Usenet and of course not, nobody can, but if one of their
>> customers is constantly spreading viruses, they sure as
>> hell can do something about it but they never do.

>
> So are these infected posts just in the porn binaries?


I have seen them in almost every binary group I've been to in
the last 2 weeks, music, celebs, porno, warez, everything. It's
pretty ridiculous.

Some guy posted about 10,000 identically-sized "cracks" in some
warez group a few months ago (I don't go to those often anymore,
but I was bored and I suppose there is a chance in ten thousand
someone wrote a piece of interesting software to look at for 10
minutes in the last couple of years) and I DL'd one and checked
it out, it was just adware for some (never went there, no point)
fairly innocuous sounding site. ESET NOD32 ID'd it.

--
"Who knows what the OP is talking about?"
(about thanatoid)
 
Reply With Quote
 
 
 
 
VanguardLH
Guest
Posts: n/a
 
      03-25-2009
Ohmster wrote:

> VanguardLH <(E-Mail Removed)> wrote in news:gqcc12$cm1$(E-Mail Removed):
>
>> Ohmster wrote:
>>>
>>> Path: ...!newshosting.com!post01.iad!not-for-mail
>>> Message-ID: <(E-Mail Removed) m>

>>
>> How is newshosting.com related to usenetserver.com?

>
> That is the bang path, showing where the post went from computer to
> computer. I believe it shows where it starts to get on your newsreader
> and then all the way back to where it came from.


I understand that. To figure out between which NNTP servers the article
got peered before it reached your NNTP server, you follow the Path from
right to left. The one used by the poster was newshosting.com. A
poster could put any headers in their post, including the Message-ID and
all the other headers that led you to look at usenetserver.com as the
source NNTP server.

I haven't bothered to research if newshosting.com is a sub-tier provider
utilizing Usenetserver's service or the other way around or if the
poster stuck in bogus headers to make it appear he posted from
Usenetserver (i.e., there is no relationship between those 2 NNTP
providers other than perhaps they may peer with each other as other NNTP
servers do).
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Re: How include a large array? Edward A. Falk C Programming 1 04-04-2013 08:07 PM
KILL BABY KILL widescreen drsd2kill DVD Video 3 11-29-2004 09:36 PM
Bava's KILL BABY KILL widescreen drsd2kill DVD Video 0 11-27-2004 12:04 AM
Virus, Virus, Virus..... Phil B Computer Support 2 09-22-2003 05:02 PM



Advertisments