 sj |
||
|
||
still another virus!
|
|
|
Subject: still another virus! From: SINSULL Date: 19 Jan 01 - 02:22 PM Melissa.w arrives at a user's computer in an e-mail with the subject line "Important Message From," and " Here is that document you asked for ... don't show anyone else ;-)," in the body of the message, just like the original Melissa.
http://www.cnn.com/2001/TECH/computing/01/19/melissa.w.idg/index.html In most instances reported to McAfee a file named "anniv.doc" was attached, said Nolan. The original virus was hidden in a document named "list.doc". The virus is activated when the file is opened. |
|
Subject: RE: still another virus! From: catspaw49 Date: 19 Jan 01 - 02:27 PM CLICK HERE FOR INFO FROM SYMANTEC Spaw |
|
Subject: RE: still another virus! From: GUEST,SeanM, learning the hard way Date: 19 Jan 01 - 08:25 PM Let me start this by saying... AAAARRRRRRRRRGGGGGHHHHHH!!!! Thank you. Damnit, people, be careful about virii. Found out that the household computer has been porting around the BackdoorG2.svr virus for an unknown amount of time... that was with firewall AND antivirus running. Once I'd found the bastard, I tried to get rid of it. That was two days ago, and I'm STILL undoing the havoc that the virus caused when it exploded. Got parts of the BIOS deleted, and god knows what else. Looks like I may get off lucky with just having to completely wipe windows out and reinstall it. For a while, thought I'd have to reformat. BE CAREFUL, PEOPLE. The only thing we have come up with for how this box got hit was that someone WE TRUSTED gave us an infected disk to transfer a document onto. That's all it takes. Not even an email saying "I love you". Sheesh. M |
|
Subject: RE: still another virus! From: Justa Picker Date: 19 Jan 01 - 08:55 PM Part of the problem with some of these more current crops of viruses, is that the actual extension name (as one example "vbs") is hidden, so that what the viewer sees when looking at the files is something like "an_important_message.txt" with the .vbs (or whatever script the virus ends with, missing - but is actually "an_important_message.txt.vbs" .) You inadvertently double click on what you think is a text file and ka-boom! next time you go to reboot your CPU you can't, and then it's time to reboot with the emergency startup disk with CD-ROM support enabled, and typing format c: and reinstalling everything from scratch. I've devised what I'm hoping will be a fool-proof method of defeating them (and I do have a firewall in place which automatically renames and quarantines any dubious attachments with extensions recognized from its library and extras I can add.) I have routed all incoming messsages containing attachments, whether expected or not, to go directly from e-mail to the INCOMING folder within the QUARANTINE folder of Norton Anti Virus. (I'm doing this as well for all downloads.) This way, I know where any and all attachments and downloaded files are contained and can scan the entire INCOMING DIRECTORY prior to opening anything. (Get those weekly updates from the various anti-virus companies!) Anything that even remotely looks suspicious gets deleted before scanning. If I lose a few legitimately sent things, tough. It's worth the risk, for the added safeguards. Reformatting, reinstalling software and drivers and then tweaking everything is a major pain in the ass and a great way to kill the better part of one's day. People should also be aware that viruses which could once only be activated by opening executable files (exe., bat, and others) can now also be executed by opening Mpegs, media files and jpeg image files and of course txt and doc files, as virus creators have figured out how to attach them to seemingly harmless image and media files so that they too execute when you go to view a picture or small movie clip.
|
|
Subject: RE: still another virus! From: Bill D Date: 19 Jan 01 - 09:20 PM I use Norton, which has caught a couple little things...but one trick is to use an email scanning program which will look at your mail ON YOUR SERVER even before you download it...I use POP3 Scan Mailbox which allows several accounts and will let you read the mail and/OR delete it from the server!!!...I delete spam everyday, and I can usually tell if a message is really for me. If it IS a trojan riding on mail from a friend, Norton is there, and I use Eudora or PegasusMail instead of Outlook or Outlook Express..which seem to be the main targets of these virus writing idiots. There ARE wonderful, FREE email programs out there!! Another is FoxMail.....do NOT be afraid to use things beyond what MicroSoft has spoon fed you.... |
|
Subject: RE: still another virus! From: GUEST,markman Date: 17 Mar 06 - 12:43 AM I noticed several times lately extra bytes going out, more than justified by the emails I sent. I looked in Norton's Log Viewer, and noticed Backdoor-g-2(6711) for the "Local Service Port" and "Remote Service Port" in quite a few places. Anyone know just how serious this thing can be? |
|
Subject: RE: still another virus! From: GUEST,.gargoyle Date: 17 Mar 06 - 01:23 AM .Sorcha, you are sick. Don't take it personally, but most of your postings are the sort of
|
|
Subject: RE: still another virus! From: Clinton Hammond Date: 17 Mar 06 - 03:01 AM Sorcha didn't post to this thread..... And well, people need to worry more about root kits than viri these days.... |
|
Subject: RE: still another virus! From: JohnInKansas Date: 17 Mar 06 - 03:02 AM markman - There have been several discussions since 2001 when this thread was active that have included a bit more current info. Your info doesn't look like anything I can offer useful comment on. If you do have a problem, it's probably malware of some sort. Even if a malware/spyware/zombie program got carried in by a virus, the program actually doing things to/with your machine probably doesn't have "viral content" by now, so normal AV methods aren't likely to find a fix. Norton (Symantec) does offer a firewall/connection scan that likely would identify open ports that shouldn't be open, if you have a Norton product on the machine they give a pretty good summary of what you look like to the rest of the web. They may(?) give less info if you're not a Norton user - I don't know for sure what they report in that case. Some recommended tools were listed in another thread not too long ago, and they're probably still good: Subject: RE: Tech: System restore From: JohnInKansas 02 Feb 06 - 02:52 PM (http://www.mudcat.org/thread.cfm?threadid=88492#1660328) Unless someone recognizes your symptoms, I'd suggest checking out the Tom Coyote or similar site for assistance. Gargoyle - So when is it news that a 5+ year old thread contains stale info? And why rant here about someone who hasn't posted in this thread? How long have you neglected your meds this time? I'm really disappointed in you. You're usually much more accurate with your barbs, even when they don't make any more sense than this one. Maybe when you've had a nice nap...(?) John |
|
Subject: RE: still another virus! From: Clinton Hammond Date: 17 Mar 06 - 09:55 AM Norton IS a virus |
|
Subject: RE: still another virus! From: cyder_drinker Date: 17 Mar 06 - 10:35 AM So is Windows.... |
|
Subject: RE: still another virus! From: JohnInKansas Date: 17 Mar 06 - 12:06 PM VM Rootkits: The Next Big Threat?, By Ryan Naraine, eWeek, March 10, 2006 Lab rats at Microsoft Research and the University of Michigan have teamed up to create prototypes for virtual machine-based rootkits that significantly push the envelope for hiding malware and that can maintain control of a target operating system. The proof-of-concept rootkit, called SubVirt, exploits known security flaws and drops a VMM (virtual machine monitor) underneath a Windows or Linux installation. The next little treasure to deal with? John |
|
Subject: RE: still another virus! From: Lancashire Lad Date: 17 Mar 06 - 01:13 PM HONESTLY, this is not meabt to be a smart arsed comment, but when it comes time to upgrade your PC, why not consider buying a Mac? Mac life is virus free LL |
|
Subject: RE: still another virus! From: The Fooles Troupe Date: 17 Mar 06 - 10:43 PM Beacuse Macs are now going to be Intel based, and will probbaly run MS code, which will make them practically iodentical machines? |
|
Subject: RE: still another virus! From: GUEST Date: 17 Mar 06 - 11:02 PM THEY ARE HERE!!!
http://news.bbc.co.uk/2/hi/technology/4816520.stm |
|
Subject: RE: still another virus! From: JohnInKansas Date: 18 Mar 06 - 12:27 AM Actually GUEST, that's a little less than the whole story. Apple has announced that "next generation" Macs will use Intel processors. This required a new Mac OS. Since the new processor is now similar to the processors used with Windows, it was speculated that either OS should be able to run on the new MacTel machines. The article cited reports (as has been known for at least a while) that someone has been able to run a Windows OS on the MacTel computer. This is of rather trivial significance to Mac drivers, on a par with knowing that you can run Windows or Unix on a PC. Apple and Microsoft have been "doing deals" that have not been publicly revealed, but a substantial amount of money has exchanged hands in this dealing. There is considerable speculation that Apple intends to - in essence - concentrate their business either in software, and quit building all their own machines, or concentrate on building machines and pass software development to others. A favored theory is that Apple is in the process of dealing with Microsoft for a new version of Windows, with a "Macish" face scabbed onto it, and that the next-generation OS to be used on MacTel machines actually will be a vaguely disguised Microsoft Windows. There are quite a number of industry experts believing that this is being planned. Neither Apple nor Microsoft has revealed whether it is true; but the MacTel (Mac, with "Intel Inside") computer may begin shipping (soon?) with "MacWindows Inside" logos. John |
| Share Thread: |