Got the virus 5 times, while browsing, Norton detected it and could not delete so who knows. Its a breach in the java code, and there is a patch with microsoft, aint it always a patch.

------------------
Sledgehammer will save the day!

Thanks for the tip Diurnal, have to keep an eye out for this one.
By the way, hehe, where did you pick this up? I want to stay out of there. http://www.PCGuide.com/ubb/biggrin.gif

------------------
Please let us know if what we suggest helps. This helps us help you better.

Hey folks,

I've been getting my usual 30 hits per hour on ZA and I've recieved several from this address. 172.181.24.94. I don't know who this is but I thought I'd put it in the address field and see. DON'T DO IT!! http://www.PCGuide.com/ubb/eek.gif

I instantly got infected with JS Seeker, W2/Nimda and JS Nimda. http://www.PCGuide.com/ubb/frown.gif

At least that's all I know about. Who knows what other balony I picked up that the anti-virus didn't pick up? I really have to stop doing this. I'm spending way to much time on the reformat and reinstall end of things. http://www.PCGuide.com/ubb/rolleyes.gif

------------------
Peace and Love, brothers and sisters. Peace and Love

OUCH are you Steve from the Dell commercials, "YOUR getting a dell man"
JK http://www.PCGuide.com/ubb/biggrin.gif
Yeah this virus crap is getting ridioulous, im tired of it, i update my virus stuff and i still get one. Everyone i know has gotten a virus lately, one was So Funny, JSexception, and another a boot sector. But one thing to keep in mind is KAZAA is riddle with viruses, so be careful around there.

------------------
Sledgehammer will save the day!

Ya dude, that's me. http://www.PCGuide.com/ubb/wink.gif

What the heck is KAZAA?

------------------
Peace and Love, brothers and sisters. Peace and Love

172.181.24.94= **EDITED**

------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)


[This message has been edited by sea69 (edited 11-19-2001).]

[This message has been edited by Paleo Pete (edited 11-20-2001).]

Thanks Sea,

I hate to sound dumb, but...I still don't know who's site this is. http://www.PCGuide.com/ubb/redface.gif

I get ZA hits from the AOL block ALL the time. I still haven't made any progress. Is there something I missing on that link?

------------------
Peace and Love, brothers and sisters. Peace and Love

What the HECK?

I clicked the link on that page Sea and was infected AGAIN! http://www.PCGuide.com/ubb/eek.gif

Gimme a break...

------------------
Peace and Love, brothers and sisters. Peace and Love

Odd, i went there and have no virii or other suspicious activity. http://www.PCGuide.com/ubb/rolleyes.gif

------------------
iisbob
"Bachelors should be heavily taxed. It's not fair that some men should be happier than others."
-- Oscar Wilde

Who was at that site Bob? All I get is my F-Prot anti-virus saying...Infected,*****README[1].EML, infection:W32/Nimda.A@mm.

------------------
Peace and Love, brothers and sisters. Peace and Love

had to be a coincidence me thinks http://www.PCGuide.com/ubb/eek.gif

all that link was to show you info that you do not get on a regular whois, or tracert. It shows (usually) what type OS they ues on their server and how long they have been up and a few other things.

I did a trace on the IP addy you gave and came up with that info.

I use this frequently and can assure you that there is no danger- it is from NeoTrace Pro.



------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)


;)~

I use Script Defender (http://www.analogx.com/contents/download/system.htm), it is free, and runs silently in the background- protects against VBS, VBE, JS, JSE, HTA, WSF, WSH, SHS, SHB.

http://www.PCGuide.com/ubb/smile.gif

------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)


;)~

Sorry if it sounded like the link you posted was the cause. I clicked on the explaination of 172.181.24.94 thinking it would give me info. http://www.PCGuide.com/ubb/rolleyes.gif

It's just a link back to the 172,*** site. I was just frustrated with how dumb I can be sometimes.

I wouldn't suggest going to the 172.*** addy, but I'd sure like to know who it is.

------------------
Peace and Love, brothers and sisters. Peace and Love

Here's (http://samspade.org/t/lookat?a=ACB5185E.ipt.aol.com) some more on this IP. {{from Sam Spade}}

(it is safe to click)

interesting, as it resolves to unknown and HACKED within AOL adresss block, new it seems.

AOL.COM.IS.REGULARLY.HAX0RED.BY.INSIDE-AOL.COM
AOL.COM.EATMYSH*T.ORG
AOL.COM

http://www.PCGuide.com/ubb/wink.gif


on a down note however, AOL is soooooooooo BIG that it really does not care enough to go after small hackers that affect only individual users. It seems they only respond when their ENTIRE network has a problem, they do not really care about the individual customer.. talk about being a 'number'- with them, all they know or care is if your account has been PAID!

http://www.PCGuide.com/ubb/mad.gif

------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)

[This message has been edited by sea69 (edited 11-20-2001).]

In the interest of the safety and security of our visitors I decided to remove the questionable link. I did not try to click on it in the interest of MY safety and security.

I can't be sure if the link is harmful or not, but with claims form some of our participants that they were infected by trying it, I felt it best to remove the possibility.

I hope none of our visitors have had any serious problems resulting from visiting this URL, and if so, please do not hold it against sea69, I don't think it was intentional...

Pete

------------------
Support the right to keep and arm bears.
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.dreamwater.com/paleopete/computer.htm) has been moved, please update your bookmarks.

Posted 11-19-2001 08:11 PM

Hey folks,
I've been getting my usual 30 hits per hour on ZA and I've recieved several from this address. 172.181.24.94. I don't know who this is but I thought I'd put it in the address field and see. DON'T DO IT!!
I instantly got infected with JS Seeker, W2/Nimda and JS Nimda.

Pete, if you had gone to the link I provided as iisbob did: Posted 11-19-2001 09:10 PM
Odd, i went there and have no virii or other suspicious activity.

you would have seen that there was absolutely NO "danger" from the link I provided.

The danger, was only if (as warned NOT to) going to the specific IP# itself ) which was how Steve was infected to begin with.

So,........ yes, if you click on any link actually to that IP you will get it (the 'bug')....... but who would have thought that after already being infected with it.. or having been warned that going to it..would infect a machine.. why anyone would click to go directly to that IP is way beyond me.

heh.......... no harm intended there!

In any event, Pete I cannot help that someone clicked on something other than what I provided initially.

My link was valid and usefull, however perhaps I should have issued an advisory to not click the DIRECT link to the BAD IP#...... I forget that sometimes people just click without thinking.. even after being warned.. the threat may not be apparent to some.. sorry if anyone was adversely affected.. I had no idea..........my intention was to help.


http://www.PCGuide.com/ubb/wink.gif

edit: Steve, if you want to see who someone is in the future (do not) put the IP in your browser addy bar, use the above Sam Spade link and type in the IP # .. this is SAFE free, and will tell you who it is without putting you there or in danger from a potentially malicious person.

also, if you use ZoneAlarm, go and get the FREE Zone Alarm Anyalizer- here (http://zonelog.co.uk).

http://www.PCGuide.com/ubb/tongue.gif

------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)

[This message has been edited by sea69 (edited 11-20-2001).]

Well folks,

Sea is right. There was NO danger clicking on the link he provided. It was my own inexperience and stupidity that caused me to click on the 172.*** url a second time. Ummm, that's just kinda the way I learn, or not learn. http://www.PCGuide.com/ubb/rolleyes.gif

I hope I didn't cause anyone a problem.

------------------
Peace and Love, brothers and sisters. Peace and Love

http://www.PCGuide.com/ubb/wink.gif

Steve

How do you think I learned!
(the little I know)


http://www.PCGuide.com/ubb/eek.gif

http://www.PCGuide.com/ubb/biggrin.gif

------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)

[This message has been edited by sea69 (edited 11-20-2001).]

Heh heh, http://www.PCGuide.com/ubb/wink.gif Thanks for all the good info...

------------------
Peace and Love, brothers and sisters. Peace and Love

Sorry, maybe I made a bad call on that one, but felt it best not to take chances.

------------------
Support the right to keep and arm bears.
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.dreamwater.com/paleopete/computer.htm) has been moved, please update your bookmarks.