FWIW, it worked for me. Now Jim, if you can only do something about all the spam I am getting I be VERY happy. It's just getting ridicules, when will people realize that is not way to make money. Opps, sounds like a rant starting. Best not do that :-) Mark S ----- Original Message ----- From: "Jim Harrison" <jim@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, February 01, 2004 7:02 PM Subject: [isalist] RE: ISA blocking script for W32_MyDoom > http://www.ISAserver.org > > How has it failed for you? > > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://www.microsoft.com/isaserver > http://isaserver.org/Jim_Harrison > http://isatools.org > > Read the help, books and articles! > ----- Original Message ----- > From: "Raji Arulambalam" <rajia@xxxxxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Sunday, February 01, 2004 12:33 > Subject: [isalist] RE: ISA blocking script for W32_MyDoom > > > http://www.ISAserver.org > > the link does not work.! > > > > -----Original Message----- > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] > Sent: Saturday, January 31, 2004 6:09 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] ISA blocking script for W32_MyDoom > Importance: High > > > http://www.ISAserver.org > > Hi all, > > Black Hat was a blast, but I still missed having Tom nearby for support and > brains... > > As promised, you can find the MyDoom blocking script on > www.isatools.org/block_mydoom.vbs. > > I don't have a "cleaner" script this time because this one attaches itself > to the explorer process and if the script kills that > process, it effectively commit suicide. > Symantec, Computer Associates, etc all have perfectly functional removal > tools and steps. > > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://www.microsoft.com/isaserver > http://isaserver.org/Jim_Harrison > http://isatools.org > > Read the help, books and articles! > > > - > > Email disclaimer: This email and any attachments are confidential. If you are not the intended recipient, do not copy, disclose or > use the contents in any way. If you receive this message in error, please let us know by return email and then destroy the message. > Environment Bay of Plenty is not responsible for any changes made to this message and/or any attachments after sending. > ****************************************************** > This e-mail has been checked for viruses and no viruses were detected. > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: strangconst@xxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub')