Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Let's all go to our C:Windows Directory after we have made all of our
files in this directory visible. Tell the group the names of the
Folders and Files which show as a light color and let's discuss this.
Dangerous code is always discovered in this directory and but you
need to enable the Windows Features to (view or show) all Hidden
Files.

Let's see how secure your computer actually really is!

Tracker

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

mailbox62001@yahoo.com (mailbox) sent news:47730f14.0405022323.1038b307
@posting.google.com

> NNTP-Posting-Host: 66.109.194.14


OrgName: US Network Services
OrgID: USNS
Address: 2722 Eastlake Ave East
City: Seattle
StateProv: WA
PostalCode: 98102
Country: US

NetRange: 66.109.192.0 - 66.109.207.255
CIDR: 66.109.192.0/20
NetName: USNS-2-NET
NetHandle: NET-66-109-192-0-1
Parent: NET-66-0-0-0-0
NetType: Direct Allocation
NameServer: LINUS.KALLBACK.COM
NameServer: GATE.KALLBACK.COM
NameServer: BART.KALLBACK.COM
Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE
RegDate: 2001-05-31
Updated: 2001-10-19

TechHandle: LI37-ARIN
TechName: International Telcom, Ltd.
TechPhone: +1-800-780-9993
TechEmail: dns-admin@kallback.com

OrgTechHandle: LI37-ARIN
OrgTechName: International Telcom, Ltd.
OrgTechPhone: +1-800-780-9993
OrgTechEmail: dns-admin@kallback.com

# ARIN WHOIS database, last updated 2004-05-02 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

On 3 May 2004 00:23:08 -0700, mailbox spoketh

>Let's all go to our C:Windows Directory after we have made all of our
>files in this directory visible. Tell the group the names of the
>Folders and Files which show as a light color and let's discuss this.
> Dangerous code is always discovered in this directory and but you
>need to enable the Windows Features to (view or show) all Hidden
>Files.
>
>Let's see how secure your computer actually really is!
>
>Tracker

I'll bite. I don't have a c:\windows folder since I'm running W2K, but
I'll substitute with c:\winnt. So, here's the list:

$NTServicePackUninstall$
$NtUninstallKB823182$
$NtUninstallKB823559$
$NtUninstallKB823980$
$NtUninstallKB824105$
....
$NtUninstallQ815021$
$NtUninstallQ828026$
$NtUninstallSP2SRP1$
CSC
inf
Installer (interesting folder, lets go in)
{00010409-78E1-11D2-B60F-006097C998E7}
{00030409-78E1-11D2-B60F-006097C998E7}
{00040409-78E1-11D2-B60F-006097C998E7}
{00100409-78E1-11D2-B60F-006097C998E7}
{00120409-78E1-11D2-B60F-006097C998E7}
{10253A5A-081B-4146-9D76-00547EED4001}
{47D5D869-FE57-4F2F-A358-83CFAA7B4968}
...
19977885.msi
1D48A315.msi
27228fc.msi
2b9db3f8.msi
2de4bd8a.msi
...
Offline Web Pages
PIF

Now, for some "hidden" files:
desktop.ini
folder.htt
mpcwin01.tvl
ShellIconCache
Winnt.bmp
Winnt256.bmp

Well, who knew that the W2K logo's where hidden files and a security
risk.

Now, what's your analysis, Debbie? How badly hacked is my computer?



Lars M. Hansen
http://www.hansenonline.net
(replace 'badnews' with 'news' in e-mail address)

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

"mailbox" <mailbox62001@yahoo.com> wrote in message
news:47730f14.0405022323.1038b307@posting.google.com...
> Let's all go to our C:Windows Directory after we have made all of our
> files in this directory visible. Tell the group the names of the
> Folders and Files which show as a light color and let's discuss this.
> Dangerous code is always discovered in this directory and but you
> need to enable the Windows Features to (view or show) all Hidden
> Files.
>
> Let's see how secure your computer actually really is!

I don't have a c:\windows directory!
I have a C:\WINNT. Is that any good?

When I try to view files in that directory it says my Administrator won't
allow me. Have I been hacked?

My other computer has \root \etc \var but no C:? I tried creating a \Windows
directory but it said I didn't have permission.

Please help me.........

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

"mailbox" <mailbox62001@yahoo.com> wrote in message
news:47730f14.0405022323.1038b307@posting.google.com...
> Let's all go to our C:Windows Directory after we have made all of our
> files in this directory visible. Tell the group the names of the
> Folders and Files which show as a light color and let's discuss this.
> Dangerous code is always discovered in this directory and but you
> need to enable the Windows Features to (view or show) all Hidden
> Files.
>
> Let's see how secure your computer actually really is!
>
> Tracker

OK debbs, how about you tell me, I dont have any "light color" folders
[hidden to normal people]. I do have:

Docs && settings
inetpub
nvidia
program files
windows
wutemp
mycnf.cnf

So, what can you tellme about my machine, theres actually alot you can glean
from that dir listing, if you arent to thick and know a bit.

--
Mimic

ZGF0YWZsZXhAY2FubmFiaXNtYWlsLmNvbQ== ( www.hidemyemail.net )
"Without knowledge you have fear. With fear you create your own nightmares."
"Alzheimer's, cheaper than rohypnol"
"There are 10 types of people in the world. Those that understand Binary,
and those that dont."
"He who controls Google, controls the world".

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

"Mike" <nospam@notherematey.com> wrote in message news:c75c9e$383$1@thorium.cix.co.uk...
>
> "mailbox" <mailbox62001@yahoo.com> wrote in message
> news:47730f14.0405022323.1038b307@posting.google.com...
> > Let's all go to our C:Windows Directory after we have made all of our
> > files in this directory visible. Tell the group the names of the
> > Folders and Files which show as a light color and let's discuss this.
> > Dangerous code is always discovered in this directory and but you
> > need to enable the Windows Features to (view or show) all Hidden
> > Files.
> >
> > Let's see how secure your computer actually really is!
>
> I don't have a c:\windows directory!

She said "C:Windows" not "C:\Windows"

> I have a C:\WINNT. Is that any good?

Well, if that all ya got - it'll *have* to do I guess. )

> When I try to view files in that directory it says my Administrator won't
> allow me. Have I been hacked?

Obviously, if you are not *allowed* to do things. It sounds
like someone called the "Administrator" owns yer box.

> My other computer has \root \etc \var but no C:?

Weird, you really should get that fixed. :0\

> I tried creating a \Windows
> directory but it said I didn't have permission.

On *either* computer!?

You are *soooo oownnned* dude.

I have Win98 and *never* have had to ask for permission to
do stuff. Maybe you should upgrade to Win98?

> Please help me.........

Sorry, but you must ask the "Administrator" for permission
to plead for help in usenet.

....or get special dispensation from Fluffy.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

"Conor" <conor_turton@hotmail.com> wrote in message news:MPG.1b0047176b277b5a98a5aa@news.claranews.com...
> In article <47730f14.0405022323.1038b307@posting.google.com>,
> mailbox62001@yahoo.com says...
> > Let's all go to our C:Windows Directory after we have made all of our
> > files in this directory visible. Tell the group the names of the
> > Folders and Files which show as a light color and let's discuss this.
> > Dangerous code is always discovered in this directory and but you
> > need to enable the Windows Features to (view or show) all Hidden
> > Files.
> >
> > Let's see how secure your computer actually really is!
> >
> ROFL...priceless.

I was thinking almost the same thing, worthless. ;o)

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Lars M. Hansen wrote:
> On 3 May 2004 00:23:08 -0700, mailbox spoketh
>
>
>>Let's all go to our C:Windows Directory after we have made all of our
>>files in this directory visible. Tell the group the names of the
>>Folders and Files which show as a light color and let's discuss this.
>>Dangerous code is always discovered in this directory and but you
>>need to enable the Windows Features to (view or show) all Hidden
>>Files.
>>
>>Let's see how secure your computer actually really is!
>>
>>Tracker
>
>
> I'll bite. I don't have a c:\windows folder since I'm running W2K, but
> I'll substitute with c:\winnt. So, here's the list:
>
> $NTServicePackUninstall$
> $NtUninstallKB823182$
> $NtUninstallKB823559$
> $NtUninstallKB823980$
> $NtUninstallKB824105$
> ...
> $NtUninstallQ815021$
> $NtUninstallQ828026$
> $NtUninstallSP2SRP1$
> CSC
> inf
> Installer (interesting folder, lets go in)
> {00010409-78E1-11D2-B60F-006097C998E7}
> {00030409-78E1-11D2-B60F-006097C998E7}
> {00040409-78E1-11D2-B60F-006097C998E7}
> {00100409-78E1-11D2-B60F-006097C998E7}
> {00120409-78E1-11D2-B60F-006097C998E7}
> {10253A5A-081B-4146-9D76-00547EED4001}
> {47D5D869-FE57-4F2F-A358-83CFAA7B4968}
> ...
> 19977885.msi
> 1D48A315.msi
> 27228fc.msi
> 2b9db3f8.msi
> 2de4bd8a.msi
> ...
> Offline Web Pages
> PIF
>
> Now, for some "hidden" files:
> desktop.ini
> folder.htt
> mpcwin01.tvl
> ShellIconCache
> Winnt.bmp
> Winnt256.bmp
>
> Well, who knew that the W2K logo's where hidden files and a security
> risk.
>
> Now, what's your analysis, Debbie? How badly hacked is my computer?
>
>
>
> Lars M. Hansen
> http://www.hansenonline.net
> (replace 'badnews' with 'news' in e-mail address)

Hello,
> I don't have a c:\windows folder since I'm running W2K

but he said

> C:Windows Directory

in Windows 2k winnt is the Windows Folder %windir% ;-)

Ian.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Hello,

>> I don't have a c:\windows directory!
>> I have a C:\WINNT. Is that any good?

they are the same thing. In windows NT and 2k the folder is WINNT. In
95/98/ME/XP and so on the folder is simply WIndows.

Ian.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Hi,

> My other computer has \root \etc \var but no C:?

Are you sure you are running windows? You may be running linux, Suse,
redhat etc...

Ian.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Hi Conor,

>> ROFL...priceless.

Is this your intellectual contribution? I though you might want to add
something actually worth reading....

With regards to your comment... I myself ROFL at you.

Ian.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Hi,

>> I was thinking almost the same thing, worthless. ;o)

See my reply to Conor.

Ian.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Hi Tracker,

whilst your idea to go through your windows directory is not _POINTLESS_
as other posts may suggest. There are other ways to locate and remove >
Dangerous code

Update your antivirus and scan your computer.

I say it is not pointless if it helps you recognise a suspicious object
in your windows directory.

For example, when msblast.exe in system32 requested permission to access
the internet on desktop firewalls how many people tied this up with the
fact that their RPC service was failing and their PC was rebooting? This
type of conversation can help and so shouldn't be knocked.

Ian.

Archived from groups: alt.computer.security,comp.security.firewalls,alt.comp.anti-virus,alt.comp.virus,alt.pets.ferrets (More info?)

Taking a moment's reflection, Mike mused:
|
| Please help me.........

You've been hacked/owned. ROFL