Viruses, Trojans and SPAM/Scam watch [Archived].

Use SHA-1 Strydie!.And i feel that because of security against BrutE Force attacks. SHA-1 Digest is 32 Bits longer off course...

I have designed some code in SHA-1 in C.I know the whole logic(My course Stuff,you know!).Same for MD5 and HMAC.
bye!

 

Log in or Sign up to hide all adverts.

The usual method of dealing with spam is get the IP address of the person that generated the spam. This means getting hold of an e-mail header which is difficult to explain "how to get" because there are so many different mail programs and online mail settings that might need to be clicked to get one, so this assumes you've got their IP from this.

You can then do a lookup on the IP address, so you know the canonical name and other data.
(Those that computer lit. will find this easy, but for the rest of you either use:
http://www.info-x.co.uk/netools/netools.asp?tool=13
http://sunny.nic.com/cgi-bin/whois)

When you know which domain name they are from (note your after an ISP domain if it's a DSL/CABLE connection outputting the spam) Get the domain output which might be dsl44-55-66-77.anisp.net, and generate an abuse e-mail address. i.e. abuse@anisp.net

FWD: the e-mail you recieved (INCLUDING FULL HEADERS) to the abuse e-mail address, if the e-mail included attachments, then don't bother sending the attachments.

Just type something in the top of the FWD: like:

Thats pretty much all you can do, the ISP's usually are pretty good, when they have mails sent to abuse that contain the offending e-mail containing header they can deal with the ISP and even packetscan to work out which ports are infected. (Sometimes they pull the plug on the whole IP until the system is made safe again).

Don't go silly though trying to get revenge on someone that you think is attacking your e-mail address, most of the time it's because the person is using an unpatched OS with an out of date anti-virus program running, so it's just those points that caused the outbreak rather than spitefulness.

 

Log in or Sign up to hide all adverts.

I'm sorry, I guess I wasn't very clear. I already did those things a week ago. The IP provider said they would do something.

I'm just still getting the virus emailed to me. No harm I suppose; just an annoyance.

I'd never do anything to anyone. It just seems silly that I know their IP but yet I can't email them to let them know they have a virus.

 

Log in or Sign up to hide all adverts.

Most likely that will only kill your own IP, since it's masquarading with that:

the virus actually sends those mails from YOUR IP, sneaky ééj?
the thing to to is: format your drive completely, re-install your operating sys and install AVAST! it's a virus scanner and cleaner: it has an email client protection and several other functions:

A virus messed up my PC too, before I installed AVAST! now: all a virus does is getting discarded and deleted toroughly by my virus protection!

Please Register or Log in to view the hidden image!

I even have several choices what I want to do with it,..delete, put in the chest with the rest of the virusses or discard, altough I'm not sure of that last functionallity,...

I'm happy now,...they won't get to me, those cretins! I wish for them to be ripped their hearts out of their chest!

Please Register or Log in to view the hidden image!

 

Just updating the thread due to the increase in some virii:

Sasser.A
http://www3.ca.com/threatinfo/virusinfo/virus.aspx?id=39012

Netsky.A to Netsky.Z
This particular worm is difficult to place a link, because the people responsible for the worm apparently have been using Worms similar to how street gangs graffitti their territory. All the varients seem to try and run their server to look like it's anti-virus or a firewall, and generally delete some keys associated with some other viruses (of the other gang no less) and open backdoors to exploit a system further.

 

Got this worm.It does nothing but shuts the system down,which you can abort anyways,Annoying...Very Annoying...


bye!

 

Alert: Dabber worm.

This worm exploits systems infected with sasser worm. It cleans up evidence of the sasser worm and installs a back door. If you haven't run the latest critical updates yet, you're a fool.

http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=125300

 

"I've gotten 9 emails all with the same w32.netsky.D@mm virus in the last 10 days. "
ive gotten this one twie myself, but its obvious what it is. I thought id avoided it, however, my comp is randomly shutting down. same virus?

 

How annoying, I got e-mails with Netsky.Z. Did not know that they arrived at the letter Z yet. But so badly placed, who would open an e-mail that is labeled "Hi" and contains an important file?

 

anyone heard of and/.or know how to get rid of a virus by the name of Dropper.Liba.A? ive been battling it for days now.

 

According to some definitions on the net, Dropper is an old Virus trojan that tries to add other viruses to your system, however it looks an old out of date virus, so I doubt it's the one you've been having problems with

 

I used a program to find out of there was anything, and it kills what it finds, luckily - nothing. Going to www.mcafee.com and download a freebie called stinger.

 

its multiplying like mad and i cant ge rid of it. it stores itself in sys32 and ive tried renaming and deleteing but it just comes back. last time i did it flashed a bluescreen error messag and rebooted... verrrrrryy slowly... not sure what to do

 

I haven't been able to find it with a google search, maybe Stryder can point you to a website. From what I've seen, dropper viruses are not trojans themselves, but they "drop" trojans on your system. You might just have a hacker on the other end laughing his ass off. And if dropper is as old as Stryder thinks, maybe an old out-of-date hacker at that.

Why do you think it's dropper.liba.a? Are you running an antivirus? If you are, it can't handle the virus? Did you try the stinger? Sure don't sound fun.

 

yes my antivirus alerts that D.L.A was found and needs to run antivirus to remove it. but then it says it cant remove the file (win/sys32/inb5-somethingorother.. ) so i have to rename it an manually delete it... but its back an hour later... once i tried to ignore it and i started getting all kinds of alerts, so i ran the antivirus and it removed 5 viruses but couldnt remove the D.L.A

i cant find any info on it either. but i dont know much about viruses. I havnt tried the stinger, ill do that tonight.

 

You might try Pest Patrol. A link is in the FAQ thread. If dropper is as I described, you might have a trojan which is letting the viruses in. Pest Patrol is dedicated to trojan removal.

 

i will try that one first. also when i boot my computer it automatically opens the command prompt window..

 

hmmmm cant find the pest patrol link...

 

Coulda sworn it was added in there. Guess not. It's www.pestpatrol.com. Good luck.

 

what was i supposed to get from pest patrol? im not going to buy it lol. alsothats for adware. and i wont touch adware. last time i tried to remove all the ads etc from my computer windows crumbled and i had to reformat. lol.

going to try stinger now.