This just post by a very concerned and knowledgable poster at the PayPal board.

(Thanks, specialforcesrus)

Jul-28-06 09:00 PDT 15 of 15

Maybe some NEW issues have come up since these were posted:

Possible Security Issues In LiveWorld Products
http://www.gulftech.org/?node=research&article_id=00044-08232004

LiveWorld Products Allow Remote Users to Conduct Cross-Site Scripting Attacks

Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the LiveWorld software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
http://www.securitytracker.com/alerts/2004/Aug/1011036.html


LiveWorld has an unsatisfactory BBB rating
http://www.bbbsilicon.org/commonreport.html?bid=218756

I agree.

Even though there is and has been undeniable proof that of tracking cookies and even virus of various types, redirected spoof sign-in pages etc, exist or have existed on ebay, I have yet to see any trojan warnings at the ebay forums.

I also have yet to see any warnings at any of the so called anti sites. Just the same I always disallow scripts at all sites unless and until needed, and do not click any links without knowing what they are.

I find it curious that no one will come forward with a screenshot and a report/logfile to support their claims, regardless of the posters POV, or the site in question.

For the poster with the monitor turning off, the odds are that it is an internal thermally intermittant problem, a problem with a cable and/or connection, a failing cRapacitor, truly too many variables apply to that scenario. Modern electronics have a certain amount of planned obsolescence due to cheaper design and manufacturing techniques.

I would hope that any asked to provide screenshots and logfiles would realize that this would be of more importance than any dislike of PayPal, ebay, or personal disagreements with various other posters regardless of their POV.

Again, if anyone making any claims about any site needs to back up those claims with evidence.

You need to read the logfile of the firewall. It will tell you details.
If you use Internet Explorer you are also at higher risk.

-- Edited by anonymous at 19:52, 2006-07-30

Hmmm, I just now saw this Ice.

ice*blue*eyes (0 ) View Listings | Report Jul-28-06 14:46 PDT 37 of 87
In fact here you go.
C:\System Volume Information\_restore(F2681A7D-91E5-401A-AC8B-015335799DCO)\RP376\A0032040.exeDType99
File A0032040.exe W32/Threat-Trojan-Bloop-Based! maximu:

Only here. No place else!! Whats it all mean MIKE? And why does it only happen here?

If that happens again, while the alert is still on your screen, make a screenshot by pushing the "PrtSc" key, then open your standard paint program, select "edit", then "paste". Save, and post it here, along with the logfile report. (what program is detecting this, BTW?)

You may want to read this too.

IceBlueEyes wrote:

---

K, Thanks.

---

Yes Ice, be sure to get a screencap of anything like that, regardless of where ever it is, meaning either here, there, or at the other pp related site.

I see someone else posted this:
leng****** (2** ) View Listings | Report Jul-28-06 12:51 PDT 29 of 87
In my case they were the following: jkhhhed.dll found on \windows\system32 is goes on to say Trojanhorsedownloader.generic2.dcc
The other that I have info on was Ao134460.dll found in systemvolumeinformation\_restore{ABBB90EE-BBE1-4BC and called trojanhorsedownloader.generic2.dcc
and the other was servicehosts.exe found in windows\system32\ and the name was trojanhorseIRC/backdoor.sdbot2.ARI

A little googling about that one shows it is a recent vintage also. Not sure how it could be tied to ebay, but I believe the same poster reported that he/she had a tech clean it, and that was the Techs report.

-- Edited by anonymous at 19:15, 2006-07-31

virusesrus wrote:

---

I take back what I said about the Paypal Sux website. I've just read my log from Nortons and, as someone over there said, if I had my alerts turned on so that every one popped up for me to see, my computer would have lit up like a christmas tree, unbelievable. Thank God for Anti Spyware.

Have a good weekend all and try not to get banned from posting on the Paypal board.

---

If that is true, please post a screenshot and a logfile/report. Use the PrtSc key, then open your standard paint, select edit, then paste. Save as, etc.

virusesrus wrote:

---

I tried the Prtscrn and then copy/paste, but for some reason this does not work on my computer / keyboard.

---

If you cannot post evidence, then you cannot be believed.

If the site in question did indeed have virus, spyware etc, it would have been a reported fact by now.

Can you provide even one single bonafide independant report of an occurance of malware originating from, or associated with the site? Perhaps from a anti-virus software firm for instance something like this or even this?

I doubt you can.

That has got to be one of the sorriest excuses i've ever heard of.

The reason this board is "one sided" is because your cronies are too frightened to post here. They don't want to leave the safety of a board that is rife with censorship. Get a clue moron.

And yet they lurk here all the time.  If fact one of them responds over there to what I say about her here, reiterating what I say here, then swears she never comes here. 

Hey virus, What makes you think they are gunning for Caveman?  Are you their spy?

virusesrus wrote:

---

Even if I could you wouldn't believe me, you'd just say I doctored the screen.

I used to do a copy screen of my selling activity on the PP board ( minus my ID of course ) and was always told that I had doctored it, so really, there is no point doing anything like that because I am always going to be wrong and you are always going to be right.

That's why this board is so one sided.

---

Produce even one bonafide independant report of such.. If you cannot, then the threshhold is a screenshot AND a logfile. Produce both, so that the conditions and the results can be duplicated by others, and verified by independant observers.

Even though we all believe you are not clever enough to make a screenshot, let alone doctor one up, at the same time, I already know for a fact you cannot produce them regardless. You, and anyone else making the claim are simply being deliberaterly untruthful, and if there were a shred of proof, it would be common knowledge by now. (you know, like it is common knowledge that PayPal sucks and so does sleazebay)

Check your cookies after logging on to e-bay.  They do more spying than the CIA.  Is there any level they DON'T suck on?

best defense against ebay trojans?

284dan wrote:

---

"best defense against ebay trojans?"

Don't use ebay.

---

Good Call!

IT dont get much more simple than that.

 

that place has been infected for a long time, you know that