bad virus

[Toxic]

Could you expand on that?

I was being a bit facetious,
it wasn't actually a player per se
but a variant of 'scrambler' from a decade ago
http://vil.nai.com/vil/content/v_98665.htm
(scroll down to characteristics)

 

[Beauregard T. Shagnasty]

You seem to have contradicted yourself.

Not at all.

You said you'd start by turning off email, and if its still spewing
mass mailing worms 24 hrs later, the connection is terminated.

If 'twas me, I'd not even wait the 24 hours, 'cause ya know it's not
going to stop until something drastic is done.

How is it going to be spewing mass mailing worms if the ability to
send email is terminated ? How is anyone else in danger of being
infected, since this machine can't email ?

You're showing your lack of knowledge on how these things work. Mass
mailers have their own SMTP engine and do not use your email client. And
it doesn't even need email (that's what the spammers do though). Your
trojan could also be pinging sequential IP addresses, looking for PCs
without firewalls.

 

[David H. Lipman]

From: "gufus" <[email protected]>

| From: gufus
| Subj: Re: bad virusSun, 21 Mar 2010 14:45:27 -0600

| From: David H. Lipman---? To: Xray
| Subj: Re: bad virusSat, 20 Mar 2010 22:25:56 -0400

| Hello, David!

| You wrote on Sat, 20 Mar 2010 22:25:56 -0400:

??||> Looks like I'm looking at a fresh OS reinstall about now, this thing
??||> is insidious and is always one step ahead.

DHL>> ** At this point, my advice is now to WIPE and RE-INSTALL the OS.

| Can you suggest a /good/ wipe app?

If you are jsut re-installing the OS from scratch, the OIS distribution disk will allowyou
to remove any/all partitions and recreate the partitions and perform a FULL Format (rather
than a quick format).

The followg is comprehensive. ESPECIALLY if you want to dispose of a hard disk and you
are worried about the data on it.

If you have Norton or Symantec Ghost, the GDisk & GDisk32 utilities
http://service1.symantec.com/SUPPORT/ghost.nsf/docid/2002112213111525?Open

{ DoD NISPOM compliant }

 

[gufus]

From: gufus
Subj: Re: bad virusSun, 21 Mar 2010 15:51:38 -0600

From: gufus
Subj: Re: bad virusSun, 21 Mar 2010 15:50:34 -0600

From: gufus
Subj: Re: bad virusSun, 21 Mar 2010 15:47:13 -0600

From: David H. Lipman---? To: gufus
Subj: Re: bad virusSun, 21 Mar 2010 17:24:16 -0400

Hello, David!

You wrote on Sun, 21 Mar 2010 17:24:16 -0400:

DHL> distribution disk will allowyou to remove any/all partitions and
DHL> recreate the partitions and perform a FULL Format (rather than a quick
DHL> format).

I was more instered in a zerofill or wipe app.

DHL> If you have Norton or Symantec Ghost, the GDisk & GDisk32 utilities

Not happy with Symantec apps.

 

[FromTheRafters]

I was being a bit facetious,
it wasn't actually a player per se
but a variant of 'scrambler' from a decade ago
http://vil.nai.com/vil/content/v_98665.htm
(scroll down to characteristics)

Okay.

 

[David H. Lipman]

From: "gufus" <[email protected]>

| From: gufus
| Subj: Re: bad virusSun, 21 Mar 2010 15:51:38 -0600

| From: gufus
| Subj: Re: bad virusSun, 21 Mar 2010 15:50:34 -0600

| From: gufus
| Subj: Re: bad virusSun, 21 Mar 2010 15:47:13 -0600

| From: David H. Lipman---? To: gufus
| Subj: Re: bad virusSun, 21 Mar 2010 17:24:16 -0400

| Hello, David!

| You wrote on Sun, 21 Mar 2010 17:24:16 -0400:

DHL>> distribution disk will allowyou to remove any/all partitions and
DHL>> recreate the partitions and perform a FULL Format (rather than a quick
DHL>> format).

| I was more instered in a zerofill or wipe app.

DHL>> If you have Norton or Symantec Ghost, the GDisk & GDisk32 utilities

| Not happy with Symantec apps.

GDisk isn't an application. It is merely a utility.

It is fully DoD sanitiartion compliant.

 

[FromTheRafters]

@news.eternal-september.org:


I can't say I will never download a usenet binary again, lifes too
short to
get all tied up in knots about little things like that.

Up to date anti virus, heed its warnings, you should be fine 99% of
the time.

The one caution I may take is not download certain binaries the day
they are
posted, in case it contains new infections not yet in the AV database.

That's a good idea, at least a small cooling off period to make the zero
day window of opportunity smaller. Let someone else be the canary.

 

[FromTheRafters]

Regarding the original problem, with the unreadable dvd, have
you tried polishing it?
http://www.wikihow.com/Fix-a-Scratched-CD

The scratches on the bottom of the cd/dvd can sometimes be
polished out, allowing the data (on the top layer, usually
protected by the label), to be read.

I've succeeded polishing an old install cd this way, in the
past.

Tried toothpaste?

I also have had success with polishing (or radial scratching).

 

[gufus]

From: David H. Lipman---? To: gufus
Subj: Re: bad virusSun, 21 Mar 2010 17:59:57 -0400

Hello, David!

You wrote on Sun, 21 Mar 2010 17:59:57 -0400:

DHL> GDisk isn't an application. It is merely a utility.

'k

DHL> It is fully DoD sanitiartion compliant.

'k

ttul...

 

[FromTheRafters]

From: "David W. Hodgins" <[email protected]>

| On Sun, 21 Mar 2010 16:18:30 -0400, David H. Lipman


| Yes, although it can take several days of polishing, when
| done by hand.

The most I have ever done is warm water and dish detergent.

I have successfully used steel wool.

 

[David H. Lipman]

From: "gufus" <[email protected]>

| From: David H. Lipman---? To: gufus
| Subj: Re: bad virusSun, 21 Mar 2010 17:59:57 -0400

| Hello, David!

| You wrote on Sun, 21 Mar 2010 17:59:57 -0400:

DHL>> GDisk isn't an application. It is merely a utility.

| 'k

DHL>> It is fully DoD sanitiartion compliant.

| 'k

| ttul...

I sent 'ya a present

 

[David H. Lipman]

From: "FromTheRafters" <[email protected]>


| I have successfully used steel wool.


ROFLOL

 

[gufus]

Hi David,

21 Mar 10, David H. Lipman writes to All:

| From: David H. Lipman-+-? To: gufus
| Subj: Re: bad virusSun, 21 Mar 2010 17:59:57 -0400

I sent 'ya a present

-+- SoupGate-Win32 v1.05
+ Origin: Calgary Organization CDN Fidonet-Internet Gateway
(1:342/77.10)

Just checked the server...

<big smile>


gufus

--
K Klement

Enhance your marketing at http://www.gypsy-designs.com
mailto:[email protected]
Gypsy Designs Fax: (403) 242-3221

.... Computers are unreliable, but humans are even more unreliable.

 

[David H. Lipman]

From: "gufus" <[email protected]>

| Hi David,

| 21 Mar 10, David H. Lipman writes to All:

| Just checked the server...

| <big smile>

 

[Dave Cohen]

Ok heres what happened, I feel like quite an idiot.

After reading dozens of replies and giving up on reading all of them
here is my take.
1. Make image backups of the os and sleep better for all sorts of reasons.
2. If you insist on downloading from a questionable source, run a multi
boot system where each os is completely isolated from each other.
Bootitng from terabyteunlimited will let you make such a system where
the partition table is only loaded with partitions you specify. That way
you can keep a throwaway copy of your main os.
3. If you go to the trouble of running AV software then at least pay
some attention to it's warnings.

I've never had a virus in years of computing, but I've accidentally lost
files and seen hd's go bad.

 

[Dustin Cook]

Ebays a good option, and in fact about the only one for alot of these
older games - Besides downloading an image on the usenet.
Only down side is you have to wait a while for it, obviously.

Highly unlikely any game publisher would feel obliged to send another
copy, and in fact probably do not even stock them.

You never know how many copies are sitting on a shelf someplace in a
storage facility. For the cost of shipping alone in some cases, many
vendors will ship you new media. It's the key you paid for that proves
you own it anyway, not usually the disc itself.

With Ebay, you can't always be sure what your getting is what it should
be. Of course, that's true for damn near everything anymore...

 

[Dustin Cook]

From: "Xray" <[email protected]>



| Yeah, I have a top of the line cd polished, motor driven.
| No joy, if it had worked this never would have happened.


Does it ever work ?

Sometimes, depending on how deep the scratches are; yes...

 

[Dustin Cook]

You seem to have contradicted yourself.
You said you'd start by turning off email, and if its still spewing
mass mailing worms 24 hrs later, the connection is terminated.

How is it going to be spewing mass mailing worms if the ability to
send email is terminated ?

I need to clarify myself.. Sorry.

What I meant by turn off email would be a server side block on a specific
port. That would stop you from using your email client from sending
email, unless you changed the configuration of your program. At the same
time however, a mass mailing worm isn't going to bother with what I did
or worry about it, it's usually using it's own code and email server; on
a port I didn't block.

How is anyone else in danger of being infected, since this machine
can't email ?

That's the thing... Isn't it. *You* can't email, unless you make a change
or two. Don't assume your computer can't either.

 

[FromTheRafters]

Highly unlikely any game publisher would feel obliged to send another
copy,
and in fact probably do not even stock them.

They may have a way to send you a link for a downloadable one. This
would be a more trustworthy channel.

 

[Xray]

From: "Xray"<[email protected]>



| Yeah, I have a top of the line cd polished, motor driven.
| No joy, if it had worked this never would have happened.


Does it ever work ?

Its worked before, yes.
don't know if it does anything a good old fashioned spit shine wouldn't do