[meteorite-list] Ways to tell who has the VIRUS
From: Don Young <dcyoung1_at_meteoritecentral.com>
Date: Thu Apr 22 09:37:39 2004 Message-ID: <3A4FC734.163A39A0_at_swbell.net> Hi Everyone, My first post in awhile.. I assure you I have questions about meteorites for you experienced folks out there and will be posting those soon. BUT FOR NOW maybe this will help us track this stinking virus. The last copy I received was 24 Dec and it was in FRENCH!!! >From the POST BY Rhett Bourland the following two statements say alot. > Hybris also infects WSOCK32.DLL, renaming it and redirecting > Windows.INI to point to the new, infected file. System File Checker will check your system for changed windows files. If you do a SFC command (Start, Run and key in sfc) If you are infected you will most likely get a message that WININIT has been modified. You will then be given the option to relace it from your Windows Disk or from your Cab Files. > Thereafter, Hybris will send itself via reply mail to whomever > sends new e-mails to an infected computer. The KEY HERE is that if you SEND an infected CPU an E-Mail it automatically sends you a reply from Hahaha. So IF you have the virus and I E-Mail you, even if you do not reply to my message, your PC will send ME a copy from Hahaha. (I am pretty sure it does does this at the time you OPEN the received E-Mail.) This being said how do you tell who it came from? For E-Mail under Netscape Communicator, click on the E-MAIL from Hahaha >>> BUT DO NOT NOT NOT open the attachment. click on VIEW, select PAGE SOURCE. You will get a whole screen full of stuff. You are looking for the last Received: from xxxxxxxxx statement where the xxxxxxxx is the name of the persons computer or user ID followed by the IP address in the form of nnn.nnn.nnn.nnn such as 208.190.39.106 <<-- (My current IP address for SWBELL). This can be plugged at the following web page to find the domain (SWBELL.Net, AOL.COM, ATT_at_HOME, etc)that it belongs to. http://www.osilab.ch/services/dns_e.htm To see your computer name go to MYCOMPUTER, CONTROL PANEL, Double click NETWORK, Select IDENTIFICATION, this name or your ID is placed in xxxxxxxxx when you send an E-Mail. You could have the person that you suspect the virus came from check this... Happy NEW YEAR EVERYONE!!! Don -- Don Young (Faux-Oro) aka (Fools-Gold) Have Cesium MagnetometerS Will travel if you have a Site we can work together. Have my own US METEORITE HUNTERS index by GPS Lat and Lon and detailed maps for EACH meteorite.. Dallas, Texas UPDATED PICTURES AS OF: 02 Dec 2000 My Hobbies: Gold prospecting, Metal detecting and Meteorites hobby pics: Meteorites found at Odessa Tx. With mag. Lg 1 at 16"+, sm at 6"+ http://images.honesty.com/imagedata/h/182/08/21820805.jpg 1856 army pistol ball and cap cylinder http://images.honesty.com/cgi-bin/honesty-image/12391569/cyl12.jpg http://images.honesty.com/cgi-bin/honesty-image/12391570/cyl3.jpg Home made dredge: http://images.honesty.com/cgi-bin/honesty-image/9448307/Dredge2.jpg (SUCKING UP--a target) Detector and suction hose http://images.honesty.com/cgi-bin/honesty-image/9448310/Dredgedt.jpg A little gold in the pan http://images.honesty.com/cgi-bin/honesty-image/3957183/Cabgold.jpgReceived on Sun 31 Dec 2000 06:54:28 PM PST |
 StumbleUpon del.icio.us reddit Yahoo MyWeb
|
