Ferrari VR6
-
Content Count
234 -
Joined
-
Last visited
Content Type
VR6OC News
Website Content
Profiles
Forums
Calendar
Gallery
Store
Collections
Community Map
Posts posted by Ferrari VR6
-
-
The site's still slow pete...
-
I don't like white mate, the most desirable colours would have to be black and mulberry imo...
-
What the fcuk is tea baggin'?
-
-
-
Most of us have heard a sad story about an accident involving alcohol, however, i have never encountered an alcohol related accident as graphic and devastating as this one...
Those of you who are squeamish, this might not be for you...
http://www.countdooku.pwp.blueyonder.co.uk/vr6/drinkdrive.jpg
-
From what i've heard...
AA = Genuine service
RAC = Bunch of sheisters
-
Quality set pete, VG
-
Awesome car!
The Italian GTi eater, it's got the build quility of a baked bean can and reliability, well, italian, but soooo much fun, it's a cool, rapid go-cart that really will munch up GTi's no probs, good buy mate, good to see one in such good nick too!
-
*cringe* @ that guy :@
reminds me of that fat bloke who was singing that euro pop song, that was funny, this guys needs a slap for being a tw@
-
DOWN WITH MICROSOFT - UP WITH LINUX
Lol and agreed!
-
There's a new high risk email virus doing the rounds (W32.Feebs.D@mm) whether it's related to inviztor @ hotmail . com i don't know but this is no hoax and is absolutely current, the global server team in the company i work for are currenlty lets say... tense
For those who have no idea what all the computer talk is all about, it basically says that the virus is gonna repeatedly pump your pc in every orifice without a rubber and then pass on it's experiences to some arsole who will proabably then rob you! (check the text i've highlighted in red near the bottom)
There are no virus scanner definitions currently written as it's so new so keep an eye out! %-6
Below is some information from the Internet Storm Center and a description from the Symantec WebSite...
---------------------------------------------------------------------------------------------
Published: 2006-01-11,
Last Updated: 2006-01-11 22:28:25 UTC by Daniel Wesemann (Version: 1)
We are currently analyzing a copy of .. something. Attachment name "message.zip", detection by AV is still thin to nonexistent. When run, the code tries to pull additional files from web servers in Russia, so if you have a chance, you might consider blocking the following TLDs on your proxy / perimeter:
1gb.ru / t35.com / hzs.nm.ru / users.cjb.net / h16.ru
UPDATE 2200UTC:Â message.zip contains a file named "Secure E-mail File.hta", which is according to current Virustotal output only detected by Panda and Kaspersky, the latter calls it Worm.Win32.Feebs.k . Samples we've seen come in an email with subject "Secure Message from HotMail.com user". The HTA file is nicely obfuscated, it has 2 obfuscation functions, one being easy unescape, while the other one is a bit more complex. Once it is executed by a user, it will run in the local zone, so it can use various ActiveXObjects. It will try to download executables from 5 web sites (domains listed above), all of which are up and working at this moment.
Symantec
When W32.Feebs.D@mm is executed, it performs the following actions:
1. Drops and executes the following files using a malicious JavaScript, when the .HTA file is viewed:
C:\Command.exe
%UserProfile%\All Users\Start Menu\Programs\Startup\Command.exe
Note: %UserProfile% is a variable that refers to the current user's profile folder. By default, this is C:\Documents and Settings\[CURRENT USER] (Windows NT/2000/XP).
2. Executes the worm, when the JavaScript shows a logon prompt for user name and password as a diversion tactic.
3. Adds the value:
"Stubpath" = "C:\COMMAND.EXE"
to the registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components
\{CD5AC91B-AE7B-E83A-0C4C-E616075972F3}
4. Adds the value:
"(default)" = "%System\[PATH TO DLL WORM COMPONENT]"
to the registry subkey:
HKEY_CLASSES_ROOT\CLSID\{[RANDOM CLSID]}\InprocServer32
so that it runs every time Windows starts.
5. Adds the value:
"[FILE NAME OF DLL WORM COMPONENT]" = "{[RANDOM CLSID]}"
to the registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ ShellServiceObjectDelayLoad
so that it runs every time Windows starts.
6. Sends emails to all addresses found. The email has the following characteristic:
From:
The from address is a combination of one of the following names with one of the following domain names:
Names:
protect
secur
security
securmail
Domains:
@hotmail.com
@gmail.com
@aol.com
@msn.com
@yahoo.com
Subject:
The subject may be the following string:
happy new year
Or alternatively it can be a combination of the following strings:
[sTRING 1]
Secure
Protected
Encrypted
Extended
[sTRING 2]
Mail
E-Mail
Message
Html
[sTRING 3]
[bLANK]
System
Service
Service ([DOMAIN])
from [DOMAIN] user.
[sTRING 4]
Thank you
Sincerely
Best Regards
Subject is a combination of the strings in the following pattern:
[sTRING 1] [sTRING 2] [sTRING 3]
Note: The subject could look like one of the following:
Subject: Protected Message from Gmail.com user.
Subject: Secure Mail Service (HotMail.com)
Subject: Encrypted E-mail from Yahoo.com user.
Message:
You have received [sTRING 1] [sTRING 2] from [DOMAIN] user.
This message is addressed personally for you.
To decrypt your message use the following details:
ID: [RANDOM NUMBERS]
Password: [RANDOM LETTERS]
Keep your password in a safe place and under no circumstances give it
to ANYONE.
[sTRING 1] [sTRING 2] and instruction is attached.
[sTRING 4]
[sTRING 1] [sTRING 2] [sTRING 3],
[DOMAIN]
Note:
The message could look like the following:
You have received Encrypted Message from MSN.com user.
This message is addressed personally for you.
To decrypt your message use the following details:
ID: 44321
Password: mxsjstjgd
Keep your password in a safe place and under no circumstances give it
to ANYONE.
Encrypted Message and instruction is attached.
Best Regards,
Encrypted E-mail Service,
MSN.com
Attachment:
One of the following:
msg.zip
message.zip
data.zip
mail.zip
The attachment contains the worm as an .HTA file with the following name:
[sTRING 1] [sTRING 2] File.HTA
Note:
The attachment could look like one of the following:
Extended Mail File.HTA
Extended E-Mail File.HTA
Secure Mail File.HTA
Secure E-Mail File.HTA
7. Creates the following files:
%System%\MS[RANDOM].exe
%System%\MS[RANDOM]
%System%\MS[RANDOM]32.DLL
Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
8. Loads %System%\MS[RANDOM]32.DLL into all active processes and uses rootkit functionalities to hide its files and registry keys.
9. Adds the value:
"web" = "[http://]popcapfree.t35.com/[REMOVED]"
to the registry subkey:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
10. Stores several registry subkeys containing configuration info, stolen passwords, accounts, and email addresses:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\dat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\cdat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\fdat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\rdat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\sdat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\ldat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\gdat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\pdat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\udat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\idat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\ddat
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS[RANDOM 2 LETTERS]\kdat
11. Modifies the value:
"EnableFirewall" = "0"
in the registry subkeys:
HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsFirewall\DomainProfile
HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsFirewall\StandardProfile
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile
to disable the Windows Firewall.
12. Searches for folders that contain the following strings:
downloads
share
incoming
13. Copies itself to any folders that it finds as the following files:
3dsmax_9_(3D_Studio_Max)_new!_full+crack.zip
ACDSee_9_new!_full+crack.zip
Adobe_Photoshop_10_(CS3)_new!_full+crack.zip
Adobe_Premiere_9_(2.0_pro)_new!_full+crack.zip
Ahead_Nero_8_new!_full+crack.zip
DivX_7.0_new!_full+crack.zip
ICQ_2006_new!_full+crack.zip
Internet_Explorer_7_new!_full+crack.zip
Kazaa_4_new!_full+crack.zip
Longhorn_new!_full+crack.zip
Microsoft_Office_2006_new!_full+crack.zip
winamp_5.2_new!_full+crack.zip
The .zip file contains a nonmalicious text file that matches the name of the .zip file. It is reported, however, that the text file's name does not include the following string:
_new!_full+crack
14. Attempts to lower security settings on the compromised computer by ending security-related programs and by stopping services with names starting with one of the following strings:
armor2net
armorwall
avgcc
avp6
aws
bgnewsui
blackd
bullguard
ca
ccapp
ccevtmgr
ccproxy
ccsetmgr
dfw
dpf
fbtray
fireballdta
FirePM
firesvc
firewal
fsdfwd
fw
fwsrv
goldtach
hacker
hackereliminator
iamapp
iamserv
internet security
ipatrol
ipcserver
jammer
kaspe
kavpf
keylog
keypatrol
KmxAgent
KmxBiG
KmxCfg
KmxFile
KmxFw
KmxIds
KmxNdis
KmxSbx
kpf4gui
kpf4ss
leviathantrial
looknstop
mcafeefire
mpftray
netlimiter
npfc
npfmsg
npfsvice
npgui
opf
opfsvc
outpost
pavfnsvr
pccpfw
pcipim
pcIPPsC
persfw
rapapp
RapDrv
smc
sndsrvc
spfirewallsvc
spfw
sppfw
sspfwtry2
s-wall
symlcsvc
ton
tzpfw
umxtray
vipnet
vsmon
xeon
xfilter
zapro
zlclient
zonealarm
15. Deletes all the startup registry keys associated with these services under the following subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[sERVICE NAME]
16. Starts a local Web server on TCP port 80. When a user connects to the Web server, it loads the .HTA file and also gives a link to offline.zip which is a zip file containing the worm.
17. May gather sensitive information from the compromised computer by monitoring open windows. This includes monitoring for WebMoney, ICQ and cryptography key files. This information can then be sent to a remote attacker.
Symantec Security Response encourages all users and administrators to adhere to the following basic security "best practices":
Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.). Additionally, please apply any security updates that are mentioned in this writeup, in trusted Security Bulletins, or on vendor Web sites.
Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.
-
proabably best to stick a picture of it up ash, there's more than one pipe under the hood fella...
-
Rofl!!!!! good one!
-
Cool, welcome to the club
-
Hello mate, sounds like you either need your door ajusting at the hinge to make it tighter to the car or you need new door seals, i had the same thing happen to mine recently when i had a new door fitted...
-
I expect inviztor @ hotmail . com is just another hoax that in itself can be classed as a virus...
Check this one out, very cleverly written and made me pap myself when it arrived in my mailbox as it came from a user in the company i work for...
From: xxxxxxxxxxxxxx
Sent: 02 December 2005 14:57
To: xxxxxxxxxxxxxx
Subject: FW: Important
A new virus has just been discovered that has been classified by Microsoft as the most destructive ever. This virus was discovered yesterday afternoon by McAfee . This virus simply destroys Sector Zero from the hard disk, where vital information for its functioning are stored.This virus acts in the following manner: It sends itself automatically to all contacts on your list with the title:"A Card for You". As soon as the supposed virtual card is opened the computer freezes so that the user has to reboot. When the ctrl+alt+del keys or the reset button are pressed, the virus destroys Sector Zero, thus permanently destroying the hard disk. Yesterday in just a few hours this virus caused panic in New York, according to news broadcast by CNN. This alert was received by an employee of Microsoft itself. So don't open any mails with subject: "A Virtual Card for You." As soon as you get the mail, delete it!! Even if you know the sender !!!
Please pass this mail to all of your friends.Forward this to everyone in your address book. I'm sure most people, like myself, would rather receive this notice 25 times than not at All!
------------------------------------------------------
PLEASE DO NOT PASS THIS MAIL TO ALL OF YOUR FRIENDS, by forwarding these types of warnings on you are actually propagating the virus itself, i have posted the above to make an example of how easy it is for peeps to create panic with an email and fill the internet up with more spam...
But still, it's better to be safe than sorry
-
interesting one apd, i am and im sure lots of others are looking forward to hearing what the score is between your charged vr and your mates r32 cos a mate of mine that used to own a sc vr now has a r32 and he rekons the r32 is in a different league, i'm with you, i rekon he's just talking up his r32 and the sc vr will take the stock r32 but we'll see when you've done some... 'testing'
-
lol, it is amazing but no suprise mate...
-
Pete, with all due respect and do think this site does have a clean fresh look, i prefered the old site, in my opinion it looked technically more advanced than this site, although the old site may have had it's limitations i thought it was excellent and really appreciated what you'd done with it... which leads me on to my next question, as this site is now your current production website, would you make the source for the old site available for premium members? !lol
-
When the chatbox is on the right the whole balance of the site is incorrect imo...
When the chatbox is on the left, the most used part of the site, the forum, is centrally located and makes navigating the site more user friendly, i use a 21" monitor at home and work and i almost have to turn my head to view the thread topics, i imagine it's the same for other monitor sizes but it's exaggerated for larger screens ?!
-
Impressive and i'm lovin' how you've mounted the flat screen...
-
lol you crack me up dub 25, almost as funny as matey's rover yesterday!
this section is for pictures of member's cars unless i've missed the point?
anyhow i'm liking your Mk3 golf 2.8 vr6 obd2, Vortech v9 'charger, shcrick manifold, Stage 2, stage 3 in a couple of months.....impressive spec! need i say more
-
I heard that many pub owners are trying to ban stag / hen parties or large groups of people that are doing the mile, have you heard the same mate? i think the reason is their places kept getting trashed by pissed up people or peeps fiytiin'! you know as well as i do you welsh boys like a good rumble after a coupla pints
The least desirable colour?
in General Chat
Posted
Forum threads are all about personal opinion, it's just that some people don't / won't respect other people's opinions and that's what causes problems as they take it personally, so, in my opinion, no one colour is better than another, i just prefer black and mulberry, it's like beauty is in the eye of the beholder and all that shite, just enjoy and don't take comments personally unless they're directed at you in which case you have every right to be pissed! right i'm off!!