Virus writers trade insults as e-mail users suffer Some 20 variants spreading ....

MSNBC ^ | Updated: 3:31 p.m. ET March 03, 2004 | Bob Sullivan - Technology correspondent

[Ernest_at_the_Beach]

Hacks, Viruses, Scams & Spam

Virus writers trade insults as e-mail users suffer

Some 20 variants spreading across Net at furious rate

By Bob Sullivan

Technology correspondent

MSNBC

Updated: 3:31 p.m. ET March  03, 2004

With 20 variations of the Mydoom, Netsky and Bagle viruses circulating around the Internet, it's becoming clear that computer virus writers are engaged in some kind of can-you-top-this game. And it's Internet users who are suffering collateral damage. 

advertisement

E-mail inboxes around the world are teeming with cryptic notes that have simple messages like "Here is the file," or "I want a reply." When antivirus companies give names to malicious programs, they add letters to virus names as a way of indicating variants, with NetSky.A being the initial version, NetSky.B the second variation, NetSky.C the third, etc. On Wednesday, researchers were up to NetSky.F, Bagle.K, and Mydoom.H.

Internet gang warfare?

<<<<<< See the link >>>>>>>>>>>

[VOA]

I'm planning on filing a lawsuit against him for misrepresentation, etc.
Seriously.

When contemplating what should happen to hackers/spammers, I recollect
an old article that I read about alarms for motorcycles.

The article mentioned that your hard-core Hells Angels types preferred
silent alarms for their Harleys.
I've had to examine my soul in contemplating what I'd do if I ever had some sort of
"silent alarm" that would give the address of the spammer living a few blocks away.

OK, I'd call the FBI, but only after fantasizing how delicious it would
be to deal out a bit of real-world justice to one of these evil pencil-necked geeks.

[atomicpossum]

I use AVG Antivirus (free, and great), and preview all my mail with MailWasher. I received probably 100 virus messages, but deleted them all before downloading them from the server with MailWasher.

[PleaseNoMore]

Maybe some of you folks more technological than I can help me...My PC keeps shutting down randomly. I mean it completely turns off. I then have to restart it. Sometimes it will shut down again immediately after I restart it and sometimes it won't. I did an online scan using HouseCall and it located a trojan in two files. I deleted those files. My Norton isn't picking up anything at all.

[atomicpossum]

Although I'm not sanctioning violence...someday, when one of these virus writers is taken out by some vigilante justice...there won't be all that many tears. Personally, I'd prefer they are just tortured. As in being kept in a room without access to a computer or any other electrical device for at least 20-40 years.

What I don't get is why these virus writers waste their time setting up denial-of-service attacks against Microsoft and SCO. It seems to me they could actually do some good by targeting some of the spam-friendly ISPs (some in China and Brazil come to mind) that shelter the constant spam operations that are really clogging up the internet. People would want to get infected to help take part, and once the spam-friendly ISPs knew they would get their business disrupted, they'd have a lot less reason to shelter the spamming scum and we'd see the profitabilty of those operations plummet...

[VOA]

Maybe try "TrojanHunter". It's from Sweden (Michel?) and you can get a 30-day evaluation
copy. Using it and my virus software (with lots of repeated cleansings) I managed
to kill off an exceedingly nasty trojan a couple of weeks ago.

I also recommend "Spybot S&D". I don't know if spyware could be part of your problem...
but my first run of Spybot revealed a LOAD of spyware on my machine. And seemed
to really clean it out.

Also, for information, you might check the "lessons" area of www.jefflevy.com.
While you might have to do some searching through the lesson topics, you
might find something dealing with involuntary shut-downs.

[PleaseNoMore]

Thanks so much. There are so many programs out there that I was honestly lost on which ones to try.

[Ernest_at_the_Beach]

Norton won't pick up those critters.

Start here:

Maintaining Your Privacy on the WWW:
Stop Spyware, Trojans, and Intruders

[VOA]

There are so many programs out there that I was honestly lost on which ones to try.

That's no lie!

Oh, I forgot the REAL advice.
If your machine can stay on long enough...
BACKUP, BACKUP, BACKUP!!!
Try to copy all the data off your machine possible before you try to fix it.
And make a re-boot disk before you do any work.
And, although this is in the worst-case scenario...if you don't have it, try to locate
a CD of the operating system for your machine, in case you've got to do a
total re-install (in which case you'll lose anything you didn't backup!!!).

Checking out that www.jefflevy.com site for info, plus trying (if your machine
will stay on for a bit) good, up-to-date anti-virus, along with Spybot and TrojanHunter
might help.

The machine I cleaned up was an aged Dell (still on Windows 95!).
It took most of a day and lots of sweat...but I was a pretty proud novice
when I realized I'd actually "cured, not killed, the patient".

[Ernest_at_the_Beach]

Pest Patrol is recommended by some!

[Bloody Sam Roberts]

For those that use Norton, Symantec released a new patch yesterday.

Available via Live Update? Or does it need to be downloaded from the Symantec site?

[backhoe]

I use AVG Antivirus (free, and great), and preview all my mail with MailWasher.

That is exactly what I do... AVG had a 2+ megabyte update today. Just after I sent a link to this stuff to my wife at work, she started getting them, about 25 at a time. Darn vermin!

[Ernest_at_the_Beach]

And here is something interesting I am gonna look at:

Hacker Eliminator

Hacker Eliminator picks up where anti virus scanners and firewalls leave off.

[Ernest_at_the_Beach]

Monthly fee with the Hacker package!

[backhoe]

Looks promising- thanks for the link!

[pianomikey]

Ran TrojanHunter... pulled no less than 7 trojans off a computer I *assumed* relatively clean. Thanks for the post, even if it is trial... it got the job done it appears.

[Ernest_at_the_Beach]

Another source of info:

Adware, Spyware and other unwanted "malware" - and how to remove them

[spacewarp]

Ummmm. Open the cover on the PC, pull out your vaccuum cleaner and remove the thick coating of dust from your power supply that is probably causing your system to overheat and shut down.

Paul

[Senator Pardek]

Just got this -

Dear G.com members:

There are several emails being sent around that appear to be coming from
Guitar.com or Gbase.com. The addresses that these emails are being sent from
are:

management@guitar.com
sales@guitar.com
administration@guitar.com
sales@gbase.com
administrator@gbase.com

More than likely there are a few more floating as well. The text of the
email is as follows:

Dear user of Guitar.com,

Our main mailing server will be temporary unavaible for next two days, to
continue receiving mail in these days you have to configure our free
auto-forwarding service.

For details see the attach.

For security purposes the attached file is password protected. Password is
"80667".

The Management
The Guitar.com team


Of course, the attachment is a virus. We are sending this email today
advising you of this determental act. IT IS IN NO WAY AND IN NO FASHION
RELATED TO GUITAR.COM NOR IS IT BEING SENT BY GUITAR.COM. Do not open these
emails and if you do, be sure to run your virus software immediately.

Don Dawson
Managing Director
Guitar.com
Gbase.com

[Ernest_at_the_Beach]

Damn!

[VOA]

Ran TrojanHunter... pulled no less than 7 trojans off a computer I *assumed* relatively clean.

Great to hear you have cleaned things up.

I'll add a few things about my experiences:
1. Combination of TrojanHunter with anti-virus software?
When I had the afore-mentioned nasty trojan, TrojanHunter found, highlighted
and snuffed out at least part of the problem. As a novice, I think that what it found
was something in the registry that helped it (TrojanHunter) identify the
offending trojan and know that it needed to remove SOME lines of code of the trojan.
BUT, even after this happened, problems persisted...even after running TrojanHunter,
our Sophos Anti-Viral and Spybot S&D each about three times.

FINALLY, taking a hint from the Sophos reference/knowledge database,
I selected the "delete" option for removing infected files.
Problem ended...Badabingbadaboom.

So, take this with a grain of salt, but my limited experience does at least make
me think that sometimes VERY minor changes in software settings can radically
increase the efficacy of software that identifies and kills "malware".

2. TrojanHunter (3.8) and Spybot S&D compatibility
What was great about these two was that these programs actually run well with
the aged Windows95.
One little thing to note: at least when I run a Sophos anti-viral scan, it returns
"errors" (that have NO positive/negative effect) that basically tell me
that Sophos can't scan the Spybot S&D files.
I'm just mentioning this little wrinkle, so that y'all won't be concerned if your
anti-viral program freaks out after you install Spybot R&D.