0
FastEd

VIRUS WARNING

By FastEd, in The Bonfire

Recommended Posts

FastEd    0

FastEd
Yet again someone has written a luverly virus with which to destroy your computer:
(if you can't be bothered reading this long post, just read the last few lines ;))
Just got sent this 'interesting' email:
Subject: ZaCker
From: "Forties D, Integrated Ops Mech"
To: myemailaddy@here.com
Date: Wed, 02 Jan 2002 20:01:47
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_000_01C193C8.45FCCDE4
Content-Type: text/plain
Don't waste any time ,Subscribe now
------_=_NextPart_000_01C193C8.45FCCDE4
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
[Filename: ZaCker.exe, Content-Type: application/octet-stream]
The attachment file in the message has been removed by eManager.
------_=_NextPart_000_01C193C8.45FCCDE4--
Went on norton website and found this:
W32.Maldal.D@mm is an extremely damaging worm. It was written and distributed on December 28, 2001. The virus code is in Visual Basic. It is about 27 KB in size and is packed using Aspack. The worm uses Microsoft Outlook to send itself to all contacts in your Microsoft Outlook address book.
Damage:
Payload Trigger: Upon execution
Payload:
Large scale e-mailing: Utilizes Microsoft Outbook to mail everyone in the Outlook address book
Deletes files: Attempts to delete antivirus software and files with the following extensions: .ini, .php, .exe, .com, .mpeg, .dat, .zip, .txt, .exe, .xls, .doc, and .jpg.
Causes system instability: Critical system files may have been deleted
Technical description:
When the worm is executed for the first time, it will installs itself as \Windows\System\Win.exe.
It then adds the value
%System%\win.exe
to the registry key
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
so that the worm runs the next time that you start Windows. In most cases, however, because of the damage that is done by this worm, the computer will no longer load Windows.
Next, the worm obtains the computer name. This is done because the worm is programmed to send email messages with a subject line that includes the name of the computer. The attachment that is sent with the message is an .exe file. The name used for this attached file is composed of the computer name plus the .exe extension, for example, Johns PC.exe.
If the worm is executed a second time, the email message will have the subject "ZaCker" and an attachment named ZaCker.exe. This is because the worm renames the computer to "ZaCker."
W32.Maldal.D@mm is a retroworm (a worm virus that actively attacks antivirus programs in an effort to prevent detection). It deletes antivirus programs
NOTE: If the worm has already executed, it is likely that you will first have to reinstall the operating system and most (if not all) programs. In addition, most data files such as Microsoft Word documents, text files, and so on will have to be restored from a clean backup.
ouch, is what i would say, if you couldn't be bothered to read all that, it means, your comptuer = buggered.
don't execute this attachment!
Fucking virus writing computer monkey shitheads.
Ed

Share this post

Link to post
Share on other sites

lummy    4

lummy
And along those lines, If you get an e-mail from someone warning you about YET another Virus, BEFORE you send the e-mail to every person you have ever known, PLEASE PLEASE check at WWW.SARC.COM to see if it is a hoax or not.

Share this post

Link to post
Share on other sites

AggieDave    6

AggieDave
Hell, half of the viruses that are out there are just the ones that head-fake all the baby-netizens into forwarding the warning to *everyone* in their address book. I've been on the net for a bit over 10 years and used to BBS before that, so I'm used to this crap, though its still annoying as hell. If only people kept their virus definations updated and checked *real* sources every couple weeks to see what's out there, that would solve this. But no, the same people who drive 60mph in the hammer lane while talking on their cell phones and sipping their Starbucks latte insist on e-mailing everyone every damn time they get forwarded a warning.
On a lighter note, I helped a friend clean his computer up from a virus about a year ago, which turned out to be very funny. It would e-mail his address book saying "hey, check out the pictures of me I just uploaded to the web" or something like that. The link went to a site with some hard-core porn on it. He sent this to all kinds of people with out knowing it, like his pastor, his parents and some of the administration at the school. Very funny from my persepective, though he was very very embarressed to say the least.
Once you're gone, you can't come back
When you're out of the blue
And into the black-NeilYoung

Share this post

Link to post
Share on other sites

Zennie    0

Zennie
Quote

The virus code is in Visual Basic.


'Nuff said. :P
Oh, and BTW, Linux and *NIX boxen don't have these problems. Just thought I'd point that out as a PSA of sorts. ;)
"Zero Tolerance: the politically correct term for zero thought, zero common sense."

Share this post

Link to post
Share on other sites

Pammi    0

Pammi
Yeah yeah...we got f***** by a little trojan bullshit thing that kept locking up our puter then totally fubar'ed it after we deleted the file somehow. Just got back up after it. Norton didn't help.
I have to say...what the hell???? What do these people get off this stuff? On the Geek Wall of Fame???? Totally pisses me off.
Closing pin jewelry

Share this post

Link to post
Share on other sites

AggieDave    6

AggieDave
Yup, half the time, with the little piddly-shit viruses that go around they were created by some 14 year old AOL script kiddie wanna-be who saw "hackers" and "swordfish" 10 too many times. Instead of learning about systems, networks, programming and telephone systems they're using some other person's programs to create viruses, lame trojan horses, trying to break into NT boxes using some old-ass exploit just to trash the system. Or just DOSing a machine for the hell of it. They don't understand what being a *real* hacker is all about. They're just dumbass crackers (CRiminal hACKERS, for the media-influenced uninformed). That is what happened to IRC and half the damn web. Even though it wasn't that long ago, I long for the days past when just about no one had heard of the Internet. Back when I could cruise gopher sites, telnet into some cool BBSes or dial up some cool ones still, when Usenet wasn't all about porn and flaming people. Back when IRC wasn't overrun by child porn sick-o's and AOL wanna-be's. Before NT overran the general populas and people would get pissed during a discussion about which *nix flavor was the best.
Sorry, I had to rant, please disregard...
Once you're gone, you can't come back
When you're out of the blue
And into the black-NeilYoung

Share this post

Link to post
Share on other sites

Kris    0

Kris
And back when Blue-Boxes used to still work, Captain Crunch whistles weren't just for kids and people wondered what the "QUARTER.VOC" file was that they saw on the file area of the BBS... but we knew.
Kris
Yes, I still have my trusty Red-Box that is made from a Hallmark voice greeting card, a 1/4" mini plug and installed in a red Motorola pager case. :)

Share this post

Link to post
Share on other sites

indyz    1

indyz
Dude! I still have mine made from a Radio Shack Tone Dialer. Unfortunately, it stopped working because I kept taking it apart to make "improvements" and to show my friends how to do it.
--
Brian
perl -e 'print join " ", reverse split _, qq/Freefaller_Another_Just/'

Share this post

Link to post
Share on other sites

BadDog    0

BadDog
Yeah, just what is this "new" software called? There's nothing I like more than sitting around trying to create more software conflicts that I can then solve in twice the time it took me to create them. That's why all of my machines are dual boots.
CorporateLawyerDave aka BadDog

Share this post

Link to post
Share on other sites

Zennie    0

Zennie
Quote

Instead of learning about systems, networks, programming and telephone systems they're using some other person's programs to create viruses, lame trojan horses, trying to break into NT boxes using some old-ass exploit just to trash the system.


Script kiddies. LOL.

And they wouldn't even begin to know how to write a real virus or come up with a new, innovative exploit the old fashioned way. Nope, now they just whip out their Visual Virus Builder Pro and slap one together with a nice fancy point & click interface. No coding skillz required! ;)

I actually got an email containing that virus last night. PCCillin caught it, warned me before I had even looked at my Inbox and cleaned the file so that I could delete it.
If you don't have them yet, PCCillin & ZoneAlarm are your friends! ;)
"Zero Tolerance: the politically correct term for zero thought, zero common sense."

Share this post

Link to post
Share on other sites

Jessica    0

Jessica
Quote

I long for the days past when just about no one had heard of the Internet. Back when I could cruise gopher sites, telnet into some cool BBSes or dial up some cool ones still, when Usenet wasn't all about porn and flaming people. Back when IRC wasn't overrun by child porn sick-o's and AOL wanna-be's. Before NT overran the general populas and people would get pissed during a discussion about which *nix flavor was the best.

Are you SURE you're 21? Y'sound about 90 here...;)
Pet me! I'm harmless and cute!

Share this post

Link to post
Share on other sites

PhreeZone    20

PhreeZone
All the realy innovative virus writers are way more interested in writing viruses that are totally unique and never thought of before. A few are working on some really cool polymorphic coding techniques that will render most current virus scanners dumb untill they rewrite the scanners. C++ is quickly losing ground to VB as the language that is most commonly used..... what a shame....
There will be a virus coming out in not too long that will target a recently discovered hole in AOL's AIM program. The source code for part of the exploit has been going around for a few days and I'm just waiting for some lame Skript Kiddie to toss the packets together in the right sequence and let it loose. The hole will pretty much allow backdoor access to the client PC with admin (or root for all you *nix geeks) rights. The exploit is triggered by just a few properly crafted buffer overflow packets and it looks fairly simple to write. Scary thing about this one is that a decent PC on broadband could take control of 100's of PC's an hour.
AOL will be releasing an updated AIM client in the next few days so its my advice that you upgrade to it as soon as it's released.
I want to touch the sky, I want to fly so high ~ Sonique

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
0
Go To Topic Listing