Should we make a sticky thread about...

Discussion in 'Computers and The Internet' started by Ginge, May 13, 2004.

  1. Ginge

    Ginge Ye Olde Member

    Viruses? I know several viruses spring up every now and then (like the Windows XP Worm virus), as well as spyware and adware. I was thinking it would maybe be neat if we had a sticky thread where we could let each other know what viruses to look out for and what we know to be the best patches/devices to get rid of viruses, adware, and spyware. That way if anyone has something on their system they need to get rid of, they could just come here. :)

    What do you guys think?
     
  2. crummyrummy

    crummyrummy Brew Your Own Beer Lifetime Supporter

    I say go for it.
     
  3. xaosflux

    xaosflux Sysop Lifetime Supporter Super Moderator

    Great Idea...look up!

    Rep points for you :)
     
  4. Tô®n

    Tô®n Member

    I am going to throw out a link to a site I made that will help people get (Spyware/adware removal programs, as well as anti virii and a firewall) http://www.angelfire.com/rebellion2/lalalachat/Utilities.htm
    other than that I could list to you some ports you need to watch out for, i.e. the ones that well known trojans open up..
    NetBus Pro: {1243}
    NetBus Normal: {12345}
    Subseven 1.9 & 2.0: {1243}
    Back Orifice: {31337} {666}
    Deep Throat: {6670} {6671}
    Blade Runner: {21}
    Win Crash: {21} {3024}
    GirlFriend: {21544}
    Hackers Paradise: {31} {456}
    Delta: {26274} {47264}
    That's the basic list, just thought it might help someone out there. *fallowing text taken from SpyderWares.com*Type netstat -na in the MS-DOS prompt to see the list of connections to your computer. Check for LISTENING and CONNECTED states. If you see the port 31337 in the Local Address list you most probably are infected with BackOrifice( same goes with others i have listed above). There's a useful little tool called TCPView by SysInternals which will give you a list of all the TCP connections to your comp. You can close any suspicious ports with the program. Get it from http://sysinternals.com. Most of the popular trojans are detected by AntiVirus programs. So the best thing you can do is to have an updated AntiVirus running on your system and always check anything you download before you open it (exe.files especialy). Also There are also softwares which deal specifically with trojans. Get a list of them from http://www.anti-trojan-software-reviews.com. Always download programs from the official websites only. Some websites may host the trojaned version of popular games and other softwares. And then a lot of hacking tools (don't hack) are trojaned too or contain backdoors. Also keep in mind some e-mail clients are set to hide file extensions, if you enable it you might actually see the .TXT file as CHECK-THIS-OUT.TXT.vbs, which looks a lot more dangrous than just a plain old .TXT file. Go to http://spyderwares.com/ it's a great site for this line of thing.
    Honestly there is just to much stuff to write one post about when it comes to net safty and security. this is a very needed thread cuz bottom line is (some people suck) and well those of us that don't are left to suffer becuase of "them"...~peace~
     
  5. Ginge

    Ginge Ye Olde Member

    Yay! Thanks so much for sharing that, Torn! :D

    I'm glad you guys like the idea!

    Is the correct plural form of virus 'virii'? I saw you put it up there, and I was going to put that as well, but I wasn't sure. :p
     
  6. eat_some_LSD

    eat_some_LSD Senior Member

    'Tis, 'tis. ;)

    I was recently attached to by an exploit buried in a malicious Javascript somewhere, leaving the virus "JAVABYTE_VERA-1" in my Java VM. Automatically launched AIM with an away message saying "i made a screensaver! you can check it out at http://www.somellamavirus.com/iamawormkiddie/punkarsedloser/screensaver.scr"

    Not the real address, but close. ;)

    Anywho, I'm guessing that downloading the "screensaver" will infect your box with the virus. I assume that it's being spread, and once it's planted it's seed in enough computers, that it'll eventually launch a SPAM attack using unsuspecting persons' bandwidth and identities.

    It's non-destructive, and only duplicates over networks. It's very simple to rid yourself of; PC-Cillin couldn't touch it, but I simply went into my Java VM directory and deleted the offending files. No problems since. :D
     

Share This Page


  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice