Re: Help, how to kill a virus spreader?

Discussion in 'Computer Support' started by VanguardLH, Mar 25, 2009.

  1. VanguardLH

    VanguardLH Guest

    Ohmster wrote:

    > There is a total butthole in Usenet now spreading pure viruses in all the
    > binary newsgroups and he is disguising them as free software or porn
    > movies. He will post blah, blah, blah.avi.scr files and they all come
    > from the same NNTP server, Usenetserver.com. We have all sent in multiple
    > complaints to usenetserver.com and get back "repair tickets" in email. We
    > have called them up and complained personally. But they say they do not
    > police Usenet and of course not, nobody can, but if one of their
    > customers is constantly spreading viruses, they sure as hell can do
    > something about it but they never do.


    So are these infected posts just in the porn binaries?

    Newsgroups: alt.binaries.pictures.pantyhose

    Doesn't sound to be a non-sex group. Even if there might be a flood of
    infected posts going on now, I doubt infected posts are rare in porn
    binaries. Guess you'll have to keep wearing that anti-malware condom
    when visiting the sex binaries.

    > Is there any other Internet body that governs this matter that we can
    > complain to when an NNTP server will not clean up it's act like
    > Usetnetserver.com?


    http://www.stopbadware.org/home/action
    Never used this site. I have sent spam reports to the FTC but not
    malware reports. Not familiar with their forums or econsumer.gov.

    > Below are some of the infected message headers to show where they come
    > from. Thank you.
    >
    > Path: ...!newshosting.com!post01.iad!not-for-mail
    > Newsgroups: alt.binaries.pictures.pantyhose
    > Subject: Seventeen-year-old-girls-good-looking-belgian-play.avi [1/1]
    > Message-ID: <>


    How is newshosting.com related to usenetserver.com?


    NOTE: Misuse of FollowUp-To header was ignored. My reply was sent to
    *all* the original newsgroups. If any were unrelated to each
    other or the OP's post was off-topic to any of them, well, that
    was the OP's choice to post there.
    VanguardLH, Mar 25, 2009
    #1
    1. Advertising

  2. VanguardLH

    thanatoid Guest

    VanguardLH <> wrote in
    news:gqcc12$cm1$:

    > Ohmster wrote:
    >
    >> There is a total butthole in Usenet now spreading pure
    >> viruses in all the binary newsgroups and he is disguising
    >> them as free software or porn movies. He will post blah,
    >> blah, blah.avi.scr files and they all come from the same
    >> NNTP server, Usenetserver.com. We have all sent in
    >> multiple complaints to usenetserver.com and get back
    >> "repair tickets" in email. We have called them up and
    >> complained personally. But they say they do not police
    >> Usenet and of course not, nobody can, but if one of their
    >> customers is constantly spreading viruses, they sure as
    >> hell can do something about it but they never do.

    >
    > So are these infected posts just in the porn binaries?


    I have seen them in almost every binary group I've been to in
    the last 2 weeks, music, celebs, porno, warez, everything. It's
    pretty ridiculous.

    Some guy posted about 10,000 identically-sized "cracks" in some
    warez group a few months ago (I don't go to those often anymore,
    but I was bored and I suppose there is a chance in ten thousand
    someone wrote a piece of interesting software to look at for 10
    minutes in the last couple of years) and I DL'd one and checked
    it out, it was just adware for some (never went there, no point)
    fairly innocuous sounding site. ESET NOD32 ID'd it.

    --
    "Who knows what the OP is talking about?"
    (about thanatoid)
    thanatoid, Mar 25, 2009
    #2
    1. Advertising

  3. VanguardLH

    VanguardLH Guest

    Ohmster wrote:

    > VanguardLH <> wrote in news:gqcc12$cm1$:
    >
    >> Ohmster wrote:
    >>>
    >>> Path: ...!newshosting.com!post01.iad!not-for-mail
    >>> Message-ID: <>

    >>
    >> How is newshosting.com related to usenetserver.com?

    >
    > That is the bang path, showing where the post went from computer to
    > computer. I believe it shows where it starts to get on your newsreader
    > and then all the way back to where it came from.


    I understand that. To figure out between which NNTP servers the article
    got peered before it reached your NNTP server, you follow the Path from
    right to left. The one used by the poster was newshosting.com. A
    poster could put any headers in their post, including the Message-ID and
    all the other headers that led you to look at usenetserver.com as the
    source NNTP server.

    I haven't bothered to research if newshosting.com is a sub-tier provider
    utilizing Usenetserver's service or the other way around or if the
    poster stuck in bogus headers to make it appear he posted from
    Usenetserver (i.e., there is no relationship between those 2 NNTP
    providers other than perhaps they may peer with each other as other NNTP
    servers do).
    VanguardLH, Mar 25, 2009
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Phil B

    Virus, Virus, Virus.....

    Phil B, Sep 22, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    519
    DaveW
    Sep 22, 2003
  2. drsd2kill

    Bava's KILL BABY KILL widescreen

    drsd2kill, Nov 27, 2004, in forum: DVD Video
    Replies:
    0
    Views:
    544
    drsd2kill
    Nov 27, 2004
  3. drsd2kill

    KILL BABY KILL widescreen

    drsd2kill, Nov 27, 2004, in forum: DVD Video
    Replies:
    3
    Views:
    649
    drsd2kill
    Nov 29, 2004
  4. Gregory Hall

    Re: Help, how to kill a virus spreader?

    Gregory Hall, Mar 27, 2009, in forum: Computer Support
    Replies:
    0
    Views:
    456
    Gregory Hall
    Mar 27, 2009
  5. Skybuck Flying

    Warning: 76.191.100.35 malware/virus spreader

    Skybuck Flying, May 7, 2011, in forum: Windows 64bit
    Replies:
    13
    Views:
    1,702
    Skybuck Flying
    Jun 13, 2011
Loading...

Share This Page