HELP!! MS DOS window "Scrambler for gigabites"
Eddy
After a startup of windows 98 and as soon as I have all my icons on the
desktop, an MS DOS windows open with this message in it "Scrambler for
gigabites". Now I can't access anymore some accessories from my
windows programs (example: The calculator, Windows help, some windows
games,etc.)
This problem occured afer I received an .exe file from a friend
via email. The friend confirmed that he has never send it and assumes
that it's a Trojan!
Does anyone know how to resolve this problem? I run PC DOCTOR in MS DOS
mode and in Windows and Norton Anti-virus but the problem is
not resolved.
Thank you,
Eddy
Sent via Deja.com http://www.deja.com/
Before you buy.
AkHibby
Eddy <eddymo...@my-deja.com> wrote:
> Good day,
>
> After a startup of windows 98 and as soon as I have all my icons on
the
> desktop, an MS DOS windows open with this message in it "Scrambler for
> gigabites". Now I can't access anymore some accessories from my
> windows programs (example: The calculator, Windows help, some windows
> games,etc.)
>
> This problem occured afer I received an .exe file from a friend
> via email. The friend confirmed that he has never send it and assumes
> that it's a Trojan!
>
> Does anyone know how to resolve this problem? I run PC DOCTOR in MS
DOS
> mode and in Windows and Norton Anti-virus but the problem is
> not resolved.
>
boot disks etc for it can be found at http://members.xoom.com/avdisk/
make sure you use a different machine with the same or more recent OS.
Ian
Frederic Bonroy
> This problem occured afer I received an .exe file from a friend
> via email. The friend confirmed that he has never send it and assumes
> that it's a Trojan!
I suppose you did not scan the file before you run it...? What was the name
of the file?
> Does anyone know how to resolve this problem? I run PC DOCTOR in MS DOS
> mode and in Windows and Norton Anti-virus but the problem is
> not resolved.
If you are not using Norton with the latest definitions, update it and run
it again. Otherwise try a trojan scanner, such as The Cleaner from
http://www.moosoft.com
Check your startup folder for illegal entries, as well as the registry keys
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
Yohannas Skrevotch Allen
On Mon, 29 May 2000 17:57:16 GMT, In a fit of passion, Eddy
<eddymo...@my-deja.com> wrote:
>Good day,
>
>After a startup of windows 98 and as soon as I have all my icons on the
>desktop, an MS DOS windows open with this message in it "Scrambler for
>gigabites". Now I can't access anymore some accessories from my
>windows programs (example: The calculator, Windows help, some windows
>games,etc.)
>
>This problem occured afer I received an .exe file from a friend
>via email. The friend confirmed that he has never send it and assumes
>that it's a Trojan!
>
>Does anyone know how to resolve this problem? I run PC DOCTOR in MS DOS
>mode and in Windows and Norton Anti-virus but the problem is
>not resolved.
>
>Thank you,
>
>Eddy
Eddy
scan and found a Trojan named SubSeven and cleaned it up. As per this
Trojan description, it has nothing to do with the prob I'm having now.
But I'm still glad I got rid of it.
As for the "startup folder", well this is getting too technical for me.
Where can I find this start up folder and fix it?
Thanks
Eddy
In article <3932B777...@mail.dotcom.fr>,
Frederic Bonroy <fbo...@mail.dotcom.fr> wrote:
> Eddy wrote:
>
> > This problem occured afer I received an .exe file from a friend
> > via email. The friend confirmed that he has never send it and
assumes
> > that it's a Trojan!
>
> I suppose you did not scan the file before you run it...? What was the
name
> of the file?
>
> > Does anyone know how to resolve this problem? I run PC DOCTOR in MS
DOS
> > mode and in Windows and Norton Anti-virus but the problem is
> > not resolved.
>
> If you are not using Norton with the latest definitions, update it and
run
> it again. Otherwise try a trojan scanner, such as The Cleaner from
> http://www.moosoft.com
>
> Check your startup folder for illegal entries, as well as the registry
keys
> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
> HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
>
>
Eddy
I've never used such a utility program and I'm worried to screw
everything up. Is is easy to use? What about if I don't have another
machine to use?
Eddy
In article <8gucgd$p7d$1...@nnrp1.deja.com>,
AkHibby <akh...@my-deja.com> wrote:
> In article <8gub1m$o2j$1...@nnrp1.deja.com>,
> Eddy <eddymo...@my-deja.com> wrote:
> > Good day,
> >
> > After a startup of windows 98 and as soon as I have all my icons on
> the
> > desktop, an MS DOS windows open with this message in it "Scrambler
for
> > gigabites". Now I can't access anymore some accessories from my
> > windows programs (example: The calculator, Windows help, some
windows
> > games,etc.)
> >
> > This problem occured afer I received an .exe file from a friend
> > via email. The friend confirmed that he has never send it and
assumes
> > that it's a Trojan!
> >
> > Does anyone know how to resolve this problem? I run PC DOCTOR in MS
> DOS
> > mode and in Windows and Norton Anti-virus but the problem is
> > not resolved.
> >
> Try f-prot from http://www.complex.is, a handy utility for building
> boot disks etc for it can be found at http://members.xoom.com/avdisk/
> make sure you use a different machine with the same or more recent OS.
>
> Ian
>
Frederic Bonroy
> As for the "startup folder", well this is getting too technical for me.
> Where can I find this start up folder and fix it?
Start, Programs, StartUp - if it's empty, good. If there are entries, verify
that all programs listed are legitimate programs.
Evelyn
Start, Find, Files or Folders and type in Startup. Double click on the icon
of the Startup folder and you will see the shortcuts to the programs which
start when your PC starts.
If you find one which shouldn't be there, then first, right-click on it, go
to Properties, click on the Shortcut Tab.
Look in the box labelled Target and you will see the program that the
shortcut refers to. Let us know what you find.
Send the shortcut to the recycle bin for now. Make sure you don't delete
the shortcut to your anti-virus program.
Frederic said:
Check your startup folder for illegal entries, as well as the registry keys
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
To do this, go to Start, Run, and in Run type REGEDIT
Your registry editor will open. Look in the folders which Fred mentions and
see if there are any programs in the right-hand pane which you don't
recognize. Use Start,Find, Files or Folders to look for them on your PC.
Post the results here. Don't delete anything yet if this is a new thing for
you.
You really do need access to a virus-free PC in these cases if you weren't
prepared in advance for a virus. When you are all clean and sweet, we will
tell you how to ensure that you are all prepared for next time.
--
Love <><
Evelyn
http://www.woolston.greatxscape.net/
Reply via Newsgroup only
"Eddy" <eddymo...@my-deja.com> wrote in message
news:8gv06g$6t3$1...@nnrp1.deja.com...
> Thanks Fred for your answer. I installed The Cleaner and performed a
> scan and found a Trojan named SubSeven and cleaned it up. As per this
> Trojan description, it has nothing to do with the prob I'm having now.
> But I'm still glad I got rid of it.
>
> As for the "startup folder", well this is getting too technical for me.
> Where can I find this start up folder and fix it?
>
> Thanks
>
> Eddy
>
> In article <3932B777...@mail.dotcom.fr>,
> Frederic Bonroy <fbo...@mail.dotcom.fr> wrote:
> > Eddy wrote:
> >
> > > This problem occured afer I received an .exe file from a friend
> > > via email. The friend confirmed that he has never send it and
> assumes
> > > that it's a Trojan!
> >
> > I suppose you did not scan the file before you run it...? What was the
> name
> > of the file?
> >
> > > Does anyone know how to resolve this problem? I run PC DOCTOR in MS
> DOS
> > > mode and in Windows and Norton Anti-virus but the problem is
> > > not resolved.
> >
> > If you are not using Norton with the latest definitions, update it and
> run
> > it again. Otherwise try a trojan scanner, such as The Cleaner from
> > http://www.moosoft.com
> >
> > Check your startup folder for illegal entries, as well as the registry
> keys
> > HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
> > HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
> >
> >
>
>
AkHibby
Eddy <eddymo...@my-deja.com> wrote:
> Hello there!
>
> I've never used such a utility program and I'm worried to screw
> everything up. Is is easy to use? What about if I don't have another
>
> Eddy
>
The utility is DOS based and only creates AVP or F-Prot RAM boot disks
with the current definitions, there're full instructions in the
download.
The reason for another PC is that is you have a boot virus then the
floppies you create on the ing\fected machine will also be infected.
You can of course use the infected PC but it won't allow some malware
to be cleaned, assuming of course that you are infected.
HTH
Ian
> In article <8gucgd$p7d$1...@nnrp1.deja.com>,
> AkHibby <akh...@my-deja.com> wrote:
> > In article <8gub1m$o2j$1...@nnrp1.deja.com>,
> > Eddy <eddymo...@my-deja.com> wrote:
> > > Good day,
> > >
> > > After a startup of windows 98 and as soon as I have all my icons
on
> > the
> > > desktop, an MS DOS windows open with this message in it "Scrambler
> for
> > > gigabites". Now I can't access anymore some accessories from my
> > > windows programs (example: The calculator, Windows help, some
> windows
> > > games,etc.)
> > >
> > > This problem occured afer I received an .exe file from a friend
> > > via email. The friend confirmed that he has never send it and
> assumes
> > > that it's a Trojan!
> > >
> > > Does anyone know how to resolve this problem? I run PC DOCTOR in
MS
> > DOS
> > > mode and in Windows and Norton Anti-virus but the problem is
> > > not resolved.
> > >
> > Try f-prot from http://www.complex.is, a handy utility for building
> > boot disks etc for it can be found at
http://members.xoom.com/avdisk/
> > make sure you use a different machine with the same or more recent
OS.
Eddy
results:
In STARTUP FOLDER I found the following shortcuts:
1- Microsoft Office
2- Office Startup
3- Shockwave Init
4- True Synch Launcher
5- Adobe gamma Loader.exe
The only shortcut I don't recognize is the "Adobe gamma Loader.exe"
however I do have Adobe Photoshop and Acrobat Reader. This shortcut
refers to the following folder
C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
(I didn't move any shortcut to the recycle bin as you've requested
Evelyn since I didn't know what would be the next step. I'm sceptical
about this Adobe shortcut and I may be wrong but I believe the email
received had something to do with an Adobe Plugin!).
As per the REGISTRY KEYS :
Under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
I found the following 2 files:
NAME = (Default) DATA = (value not set)
NAME = Mirabilis ICQ DATA = "C\Program Files\ICQ\NDetect.exe"
(I have ICQ2000)
Under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
I found the following file:
NAME = (Default) DATA = (value not set)
This is what I've done so far:
1- Did a Virus Scan with IBM Norton that is installed on my Aptiva after
doing a LIVE UPDATE of viruses data. Results= No viruses found.
2- I installed Norton Antivirus 2000 and performed a scan and found the
following worm (happy99.worm).
3- I installed The Cleaner software and performed a scan and found the
following Trojan SubSeven.
This, obviously, didn't resolve my problem. Today, when I turned on my
computer and just before Windows prompt me to enter my passcode, It took
me to DOS black screen with the following C:\ Today I will scramble your
mind. Then it opened an MS DOS Window that I closed immediatly. Then
windows opened normally.
This MS DOS Window appears in the following cases:
1- On startup as I explained before
2- When oppening the following files under Accessories :
- Entertainment (CD Player, Sound Record, Volume Control)
- Communications (Direct Cable Connection)
- Games (Solitaire and FreeCell)
- etc.
3- Windows Help
4- And other items in different programs.
The items are now presented by an MS DOS icon (white square with a blue
top border) instead of it's original picture.
If I click the icons, I get the same MS DOS Window "Scrambler for
gigabites) and the computer seems to be working heavily at that time.I
hope this decription would help and thanks again!
Eddy
In article <8h11rm$45q$3...@newsg4.svr.pol.co.uk>,
> > > > This problem occured afer I received an .exe file from a friend
> > > > via email. The friend confirmed that he has never send it and
> > assumes
> > > > that it's a Trojan!
> > >
> > > I suppose you did not scan the file before you run it...? What was
the
> > name
> > > of the file?
> > >
> > > > Does anyone know how to resolve this problem? I run PC DOCTOR
in MS
> > DOS
> > > > mode and in Windows and Norton Anti-virus but the problem is
> > > > not resolved.
> > >
> > > If you are not using Norton with the latest definitions, update it
and
> > run
> > > it again. Otherwise try a trojan scanner, such as The Cleaner from
> > > http://www.moosoft.com
> > >
> > > Check your startup folder for illegal entries, as well as the
registry
> > keys
> > > HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
> > >
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
> > >
> > >
> >
> >
Axel Pettinger
It seems you're infected with a new email worm. In case you use MS
Outlook and have also an MS Outlook address book then warn the all
people - well, at least send a warning to the first 90 addresses - in
this address book. Forget the warning in case you have the Windows
Scripting Host *not* installed and can therefore *not* execute
files with VBS extension.
> After a startup of windows 98 and as soon as I have all my icons on
> the desktop, an MS DOS windows open with this message in it "Scrambler
> for gigabites".
I'm almost sure that the exact message was "Scrambler by Gigabyte"...
Gigabyte is a female virus writer (from what I know). Don't forget to
say thank you to her later.<g>
> Now I can't access anymore some accessories from my
> windows programs (example: The calculator, Windows help, some windows
> games,etc.)
No wonder, see the description ...
> This problem occured afer I received an .exe file from a friend
> via email. The friend confirmed that he has never send it and assumes
> that it's a Trojan!
No, it's a worm. Tell your friend that he is infected and that he should
also warn all people in his MS Outlook address book.
> Does anyone know how to resolve this problem?
I think I know what you can do. Download AVP from <http://www.avp.ch>.
Then update it with the latest DAILY.ZIP update from
<http://www.kaspersky.ru/bases/daily.zip> or use the built in updater in
case this works. If not then use the daily update as it contains the
detection for "I-Worm.Scrambler".
> I run PC DOCTOR in MS
> DOS mode and in Windows and Norton Anti-virus but the problem is
> not resolved.
Obviously they don't know this new worm yet.
> Thank you,
I hope I could help. For a description of this worm see ...
http://www.avp.ch/avpve/worms/scramble.stm
Good luck, Eddy!
Regards,
Axel Pettinger
Eddy
actually the VOLUME CONTROL! I have very few MP3 files, maybe a dozen.
But still, your reply didn't resolve my problem :( What should I do
next?
Thanks!
Eddy
In article <048912fc...@usw-ex0101-005.remarq.com>,
Gigabyte <giga...@coderz.net> wrote:
> > No, it's a worm. Tell your friend that he is infected and that
> > he should also warn all people in his MS Outlook address book.
>
> Well.. yeah it's a worm.. and a virus in the first place
> (although AVP decided to call it an I-worm). A win32 EXE
> prepender.
>
> And oh err, Eddy.. do you happen to have some of those cute
> little mp3 files on your C: drive? You might wanna check them
> out in that case, Scrambler is a real DJ.. <G>
>
> Gigabyte
> http://www.coderz.net/gigabyte
>
> * Sent from RemarQ http://www.remarq.com The Internet's Discussion
Network *
> The fastest and easiest way to search and participate in Usenet -
Free!
Frederic Bonroy
> The only shortcut I don't recognize is the "Adobe gamma Loader.exe"
> however I do have Adobe Photoshop and Acrobat Reader. This shortcut
> refers to the following folder
> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
> (I didn't move any shortcut to the recycle bin as you've requested
> Evelyn since I didn't know what would be the next step. I'm sceptical
> about this Adobe shortcut and I may be wrong but I believe the email
> received had something to do with an Adobe Plugin!).
I have Adobe Reader as well, and "Adobe gamma Loader.exe" is not part
of it so it probably belongs to Photoshop.
> Under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
> I found the following 2 files:
> NAME = (Default) DATA = (value not set)
> NAME = Mirabilis ICQ DATA = "C\Program Files\ICQ\NDetect.exe"
> (I have ICQ2000)
>
> Under HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
> I found the following file:
> NAME = (Default) DATA = (value not set)
Is this a typo? The second key you inspected should probably be RunOnce,
not Run. If my assumption is correct, you are NOT infected with Happy99
mentioned below.
> 2- I installed Norton Antivirus 2000 and performed a scan and found the
> following worm (happy99.worm).
Where did it find it? Look for files named ska.exe and ska.dll in your
Windows\System folder. If they aren't there, then my assumption that
you are not infected with Happy99 is confirmed. You should still delete
the program Norton reports as Happy99.
Frederic Bonroy
> And oh err, Eddy.. do you happen to have some of those cute
> little mp3 files on your C: drive? You might wanna check them
> out in that case, Scrambler is a real DJ.. <G>
What else could we possibly expect from a sicko like you who decided to show her
stomach ulcers to the world? Why don't you show us your brain ulcers?
Frederic Bonroy
> What's up, can't handle some organs?
Actually, during the past 11 months I have had numerous opportunities to admire
pictures of imflamed bowels and the inside of stomachs... (other people's, not
mine fortunately) - no, the organ itself is not the problem.
No, in fact you are a sicko because you released a (destructive) virus - and the
existence of that image on your web site just confirms this.
Bart Bailey
> Eddy wrote:
>
> > The only shortcut I don't recognize is the "Adobe gamma Loader.exe"
> > however I do have Adobe Photoshop and Acrobat Reader. This shortcut
> > refers to the following folder
> > C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
> > (I didn't move any shortcut to the recycle bin as you've requested
> > Evelyn since I didn't know what would be the next step. I'm sceptical
> > about this Adobe shortcut and I may be wrong but I believe the email
> > received had something to do with an Adobe Plugin!).
>
> I have Adobe Reader as well, and "Adobe gamma Loader.exe" is not part
> of it so it probably belongs to Photoshop.
The gamma loader is the app that sets the screen gamma (contrast) that you
access and adjust through Photoshop.
IIRC from when I had PS onboard there was an entry on the control panel too.
One comment learned empirically, If you feel the need to "tamper" with your
registry, First export the key value to some safe location where it can be
re-merged if need be. ;-)
Bart Bailey
> >
>
> And oh err, Eddy.. do you happen to have some of those cute
> little mp3 files on your C: drive? You might wanna check them
> out in that case, Scrambler is a real DJ.. <G>
The only mp3 on my C: drive is Vampire_Tooth.mp3.vbs :-)
Patrick Nolan, Virus Researcher
>Hi Evelyn and all of you! Thanks again for your help. These are my
>results:
Eddy, you have what is known as HLLP/Scrambler.worm. See this link for
description:
http://vil.mcafee.com/dispVirus.asp?virus_k=98665&
If you have VirusScan, I can send you an EXTRA.DAT file to clean your
system.
Email virus_r...@nai.com or let me know otherwise.
Regards,
Patrick Nolan, Virus Researcher
McAfee AVERT - a division of nai
http://vil.nai.com
-----------------------------------------------------
-----------------------------------------------------
lookin for books,movies,music?
http://nwbuytown.bizland.com
Eddy
I really don't know how to thank you. This is EXACTLY what's happening
with my computer and I recall going on IRC that same day but I never
receive files through it. Can I ask you a favor... Since all this is
new to me, can you tell me the exact procedure to do the cleanup of my
computer? I don't really want to make any mistakes and screw up
everything.
I don't have VirusScan however I have Norton 2000 that I installed AFTER
my computer got infected. I also created 5 boot diskettes with Norton.
Should I download VirusScan ?
Or Should I perform a VirusScan Online ?
What is the EXTRA.DAT file and how can I use it ?
Will my computer work normally after the cleanup or should I do some
reinstallations ?
Can you provide me with the EXTRA.DAT file and detailed instructions ?
Thanks a billion!
Eddy
In article <8h491c$r5f$1...@zeitung.ngc.com>,
"Patrick Nolan, Virus Researcher" <patric...@nai.no.com.spam>
wrote:
> Eddy wrote in message <8h1h6i$2ja$1...@nnrp1.deja.com>...
> >Hi Evelyn and all of you! Thanks again for your help. These are my
> >results:
> [cut]
>
> Eddy, you have what is known as HLLP/Scrambler.worm. See this link for
> description:
>
> http://vil.mcafee.com/dispVirus.asp?virus_k=98665&
>
> If you have VirusScan, I can send you an EXTRA.DAT file to clean your
> system.
> Email virus_r...@nai.com or let me know otherwise.
>
> Regards,
> Patrick Nolan, Virus Researcher
> McAfee AVERT - a division of nai
> http://vil.nai.com
> -----------------------------------------------------
> -----------------------------------------------------
> lookin for books,movies,music?
> http://nwbuytown.bizland.com
>
>
Raid Slam
>Well.. yeah it's a worm.. and a virus in the first place
>(although AVP decided to call it an I-worm). A win32 EXE
>prepender.
I see you got it working. hehehehe
>And oh err, Eddy.. do you happen to have some of those cute
>little mp3 files on your C: drive? You might wanna check them
>out in that case, Scrambler is a real DJ.. <G>
Muahahahahaha. I like this line :-)
Regards,
Raid [SLAM]
http://www.coderz.net/Raid
Snorre Fagerland
wrote:
>Good day,
>
>After a startup of windows 98 and as soon as I have all my icons on the
>desktop, an MS DOS windows open with this message in it "Scrambler for
>gigabites". Now I can't access anymore some accessories from my
>windows programs (example: The calculator, Windows help, some windows
>games,etc.)
>
No wonder. You have been visited by the massmailing virus
W32/Scrambler. This virus sends itself on (as a randomly named exe
file) to the first 90 users in all Outlook address books, with the
subject line "Check this out, it's funny!". It also sends itself over
IRC.
The virus infects other exe files on the hard disk and the infected
files are semi-corrupted and won't work properly.
Every time the virus is started, it prints "Scrambler by Gigabyte" on
the screen in a DOS window.
>Does anyone know how to resolve this problem? I run PC DOCTOR in MS DOS
>mode and in Windows and Norton Anti-virus but the problem is
>not resolved.
We (NVC) have added it to the definition files that are out now. If
you are using Norton, you should contact Symantec for updates; I'm
sure they have added detection and removal for it by now.
Best regards,
Snorre Fagerland
Engine development manager, Norman Virus Control
s...@normand.no (remove the "d" to reply)
Eddy
that I've installed the other day and did the cleanup. However it
didn't repair my files. The QUARANTINED ITEMS are:
Kodakimg.exe ; scaregw.exe ; sndvol32.exe and wsock32.bak
When I click to repair them in Norton, I get a message "unable to
repair" So what is the next step? What should I do? I'm sorry, this is
all new to me and I need some help if it's possible.
Thank you!
Eddy
In article <393772a2...@news.supernews.com>,
Jeffrey A. Setaro
says...
> Thank you very much for the suggestion. I did the update on Norton 2000
> that I've installed the other day and did the cleanup. However it
> didn't repair my files. The QUARANTINED ITEMS are:
> Kodakimg.exe ; scaregw.exe ; sndvol32.exe and wsock32.bak
>
> When I click to repair them in Norton, I get a message "unable to
> repair" So what is the next step? What should I do? I'm sorry, this is
> all new to me and I need some help if it's possible.
>
Replace the files from known clean backups. Some viruses infect
(damage) files in such a way that they can not be disinfected
(repaired) the only thing you can do in those situations is replace
the corrupted files from known clean backup.
> Thank you!
>
Your welcome.
--
Cheers-
Jeff Setaro
jase...@sprynet.com
http://home.sprynet.com/~jasetaro/
PGP Key IDs DH/DSS: 0x5D41429D RSA: 0x599D2A99
Gabriele Neukam
<soho20N...@hotmail.com.invalid> had the will and imagination to
describe the world as such:
>>(although AVP decided to call it an I-worm). A win32 EXE
>>prepender.
>
>I see you got it working. hehehehe
>
>>And oh err, Eddy.. do you happen to have some of those cute
>>little mp3 files on your C: drive? You might wanna check them
>>out in that case, Scrambler is a real DJ.. <G>
>
>Muahahahahaha. I like this line :-)
Would you behave the same way if you got hit by this virus (or a
mutation of it)?
Gabriele Neukam
had the will and imagination to describe the world as such:
>Thank you very much for the suggestion. I did the update on Norton 2000
>that I've installed the other day and did the cleanup. However it
>didn't repair my files. The QUARANTINED ITEMS are:
>Kodakimg.exe ; scaregw.exe ; sndvol32.exe and wsock32.bak
If you have the names of the files, you can at least restore some of
them by using sfc (system file checker) if you have got Windows 98.
Click "Start", choose "Execute..." and enter these three letter.
Insert the Windows CD. Choose to restore specific files, name them,
tell sfc that the source is your CD (for instance d:\win98\), and
where the files should be copied to.
Better locate the target directory/folder before, or just extract
them into a temporary folder and after this copy them to their
proper places.
Hope that works.
Patrick Nolan, Virus Researcher
>Good day Patrick,
Good day :)
>I really don't know how to thank you. This is EXACTLY what's happening
>with my computer and I recall going on IRC that same day but I never
>receive files through it. Can I ask you a favor... Since all this is
>new to me, can you tell me the exact procedure to do the cleanup of my
>computer? I don't really want to make any mistakes and screw up
>everything.
Since this is a prepending virus, it was relatively easy to repair using
VirusScan.
>I don't have VirusScan however I have Norton 2000 that I installed AFTER
>my computer got infected. I also created 5 boot diskettes with Norton.
>
>Should I download VirusScan ?
>Or Should I perform a VirusScan Online ?
If it is an option for you, download VS 4.5 and I can provide the EXTRA.DAT
to you; do you have an email address?
>What is the EXTRA.DAT file and how can I use it ?
http://download.nai.com/products/McAfee-Avert/tools/xtrinstr.rtf
>Will my computer work normally after the cleanup or should I do some
>reinstallations ?
Should work normally.
>Can you provide me with the EXTRA.DAT file and detailed instructions ?
Yep, see above.
>Thanks a billion!
>
>Eddy
>
>
>
>In article <8h491c$r5f$1...@zeitung.ngc.com>,
> "Patrick Nolan, Virus Researcher" <patric...@nai.no.com.spam>
>wrote:
>> Eddy wrote in message <8h1h6i$2ja$1...@nnrp1.deja.com>...
>> >Hi Evelyn and all of you! Thanks again for your help. These are my
>> >results:
Raid Slam
>Would you behave the same way if you got hit by this virus (or a
>mutation of it)?
hehehe. Silly question. if I did get "hit" by it, it's not very
difficult to remove. Besides, I know it's author; No biggie to
get assistance if I needed it. Sometimes evilness does pay. <g>
Regards,
Raid [SLAM]
http://www.coderz.net/Raid
(Oh yes, We're back!)
Gabriele Neukam
<soho20N...@hotmail.com.invalid> had the will and imagination to
describe the world as such:
>>Would you behave the same way if you got hit by this virus (or a
>>mutation of it)?
>
>hehehe. Silly question. if I did get "hit" by it, it's not very
>difficult to remove. Besides, I know it's author; No biggie to
>get assistance if I needed it. Sometimes evilness does pay. <g>
What will he charge you for doing it? (Cleaning up, of course)
Gigabyte
It's 'she', thank you.
Gigabyte
http://www.coderz.net/gigabyte
PaX [SlaM]
>hehehe. Silly question. if I did get "hit" by it, it's not very
>difficult to remove. Besides, I know it's author; No biggie to
>get assistance if I needed it. Sometimes evilness does pay. <g>
What will he charge you for doing it? (Cleaning up, of
course)<<<<<<<<<<<<<<<<<
Virus writers are prohibited by law from charging for cures for their own
work..
Its called commercial data fraud and under current US law its a federal
felony.
Thats the official bit out of the way...
heh as to removing it....like the above poster syas...not really a problem
PaX [SlaM]
Nick FitzGerald
<<snip>>
> ... Sometimes evilness does pay. <g>
Hey Raid -- that's what Bubba reckons too...
He's just waiting for pay day!
--
Nick FitzGerald
Raid Slam
You know him in an intimate personal sort of way or what Nick?
you seem very obsessed with this fellow. Perhaps you should seek
some advice?
Regards,
Raid [slam]
http://www.coderz.net/Raid
>
>--
>Nick FitzGerald
Eddy
your postings with disgust Gigabyte. This virus slowed down my work for
school and I can't deliver my hard work on time! Everything doesn't seem
to work properly since I got this virus. I've posted my original message
asking for help and not expecting your ugliness to show up. THANK YOU!
In article <07265cc4...@usw-ex0101-005.remarq.com>,
Gigabyte <giga...@coderz.net> wrote:
> >What will he charge you for doing it? (Cleaning up, of course)
>
> It's 'she', thank you.
>
> Gigabyte
> http://www.coderz.net/gigabyte
>
> * Sent from RemarQ http://www.remarq.com The Internet's Discussion
Network *
> The fastest and easiest way to search and participate in Usenet -
Free!
>
>
Frederic Bonroy
> I don't think there is anything funny about the whole thing! I read
> your postings with disgust Gigabyte. This virus slowed down my work for
> school and I can't deliver my hard work on time! Everything doesn't seem
> to work properly since I got this virus. I've posted my original message
> asking for help and not expecting your ugliness to show up. THANK YOU!
No, no, no, Eddy. That is exactly what virus writers want to read:
that their viruses have hindered someone from doing his work.
If you really want to annoy Gigabyte you must tell her that the
virus didn't bother you at all...
Eddy
Gigabyte
read
>your postings with disgust Gigabyte. This virus slowed down my
work for
>school and I can't deliver my hard work on time! Everything
doesn't seem
>to work properly since I got this virus. I've posted my
original message
>asking for help and not expecting your ugliness to show up.
THANK YOU!
I wrote the virus, you're the one who was so dumb to catch it..
It's your own fault, deal with it.
Randy Abrams
Gigabyte <giga...@coderz.net> wrote in message
news:0b11c300...@usw-ex0101-005.remarq.com...
> >I don't think there is anything funny about the whole thing! I
> read
> >your postings with disgust Gigabyte. This virus slowed down my
> work for
> >school and I can't deliver my hard work on time! Everything
> doesn't seem
> >to work properly since I got this virus. I've posted my
> original message
> >asking for help and not expecting your ugliness to show up.
> THANK YOU!
>
> I wrote the virus, you're the one who was so dumb to catch it..
> It's your own fault, deal with it.
>
It's your fault for being such an incompetent user that you couldn't keep a
piece of code you claim to have written on your own damn computer. Of
course, now, too embarrassed to admit your feebleness you'll say you meant
to do it. Who'd you buy the virus from so you could say it was your own? You
obviously lack the intellect to have done it yourself. Come clean.
Regards,
Randy
--
--
The opinions expressed in this message are my own personal views
and do not reflect the official views of the Microsoft Corporation.
Raid Slam
What's a matta Randy? Pissed off because a girl can write
software similiar to microsoft? (bugs of courze. heheheh)
I sometimes wonder why you continue to breathe, It's obviously a
waste of not only your time, but mine as well.
Besides, Your such a stupid shit.
Regards,
Raid slam
http://www.coderz.net/Raid
Pierre Vandevenne
>Besides, Your such a stupid shit.
Oh please... First of all, he isn't. Second, that kind of flame always
tends to tell more about its author than about its target...
---
Pierre Vandevenne, MD
www.datarescue.com, home of the IDA Pro Disassembler
Frederic Bonroy
> I wrote the virus, you're the one who was so dumb to catch it..
> It's your own fault, deal with it.
I downloaded your "interview" from your web site and read it.
You drivelled exactly the same pathetic bullshit there, betraying what
a pitiable little creature you are and confirming that you are
currently going (struggling, rather) through puberty.
Do yourself a favor and get lost, worthless vermin. I would rather step
on a pile of shit than on you although there is no significant
difference.
(Yes, I am angry)
PaX [SlaM]
Raidey drop outta this one bro...theres some real nasty shit comming...
regards Dalt
Randy Abrams
Raid Slam <soho20N...@hotmail.com.invalid> wrote in message
news:1ce80dc8...@usw-ex0102-015.remarq.com...
> In article <e1T9cLzz$GA.462@cpmsnbbsa08>, "Randy Abrams"
> <ran...@microsoft.com> wrote:
> >obviously lack the intellect to have done it yourself. Come
> >clean.
>
> What's a matta Randy? Pissed off because a girl can write
> software similiar to microsoft? (bugs of courze. heheheh)
Hey, no sexism here. I'd guess she buys them from the same author you buy
yours from.
Besides, I read on your web page about you fixing some bugs, so if that
constitutes "similar to Microsoft" than you've been proving girls can write
software similar to MS for years :)
>
> I sometimes wonder why you continue to breathe, It's obviously a
> waste of not only your time, but mine as well.
No, wondering why I breathe is only a waste of your time, not mine.
>
> Besides, Your such a stupid shit.
>
This response demonstrates I shouldn't argue this last point with you.
You're obviously an authority.
Regards,
Randy
PS, have you thought of another lie to tell Dr. Costas? We all know you lie
and you proved it again!
Rhape79
>
>I wrote the virus, you're the one who was so dumb to catch it..
>It's your own fault, deal with it.
>
Do yourself a favour and shut up while you still can.
Peace,
Rhape79
Wise man say: When you're in it up to your ears
Keep your mouth shut.
Raid Slam
pie...@datarescue.com (Pierre Vandevenne) wrote:
>Oh please... First of all, he isn't.
Snicker. If you say so. I don't share the same opinion of him.
Rather, I consider him to be a poor Av toadie. And he's doing a
remarkable job of it. He just needs to release a faq every two
weeks or so.
>Second, that kind of flame always tends to tell more about its
>author than about its target...
Oh... Okie, sure DuDE!
Nah seriously tho, Your funny.
Regards,
Raid [SLAM]
Raid Slam
<ran...@microsoft.com> wrote:
>Hey, no sexism here. I'd guess she buys them from the same
>author you buy yours from.
LoL! I've heard this comment before. It's odd you know, to think
somebody would believe I didn't write my own viruses. It's
alright, other software I've written people don't believe I wrote
it either. Perhaps it's the way I act in a public nature. Not all
serious and hypocritical all the time, And oh yes... Certainly
not professional. But, you see, I write software because I enjoy
doing it, not because I really give a fuck if you or someone else
thinks I can/did write it. If you like the program, great. If you
don't like it, I'm always interested in knowing why. (Er, viruses
not included, Ma mailbox isn't that big! ;p). But I'm really not
interested in your opinion of my programming skills. The world
has seen a little of what I can write. Heh Heh
>Besides, I read on your web page about you fixing some bugs, so
>if that constitutes "similar to Microsoft" than you've been
>proving girls can write software similar to MS for years :)
Hmm. You should have read what I put on it. (One sec whilest I
fire up another copy of netscape)
A new version of IRoK has been developed. It corrects a number of
small issues with previous varients. At this time, it is not
available for download; But can be obtained online via IRC.
-- That's from June 4th news.... And you should have read
readsor.htm too (thats the link you'd follow if you clicked on a
dat file)
Hello!
I am in the process of regrouping the virus collections for the
viruses I've written. I've also updated the irok family... To
ensure pure samples arrive for collectors, when I am confident
the irok's have been completed, all virus families will again be
available directly. If there is a particular virus sample you are
interested in, emailing me with the name and version wouldn't be
a bad idea. Please do not email asking for lists, as I don't have
time nor the motivation to organize them that detailed. Sheesh...
All virus samples sent will be in encrypted form. You are
required to use the CryptX v1.1 utility to access the files which
may be sent to you via email. Your email address is not stored
for purposes of solicitation, nor will your address be sold or
given to anyone for any reason. You may click here now to return
to the main menu.
Thats the readsor.htm file, for those who don't feel like
visiting my website. Of course, the clickie thingies don't work
in this format. Who knows who'd get paranoid if I posted html
directly? Besides, html is icky when seen on usenet.
I suppose in the news section I was not specific enough. Most of
the issues I corrected had to do with background interface, Which
the user wouldn't have seen anyways. (I'm testing some routines,
and irok is using various implementations of it).
This explains why I'm not finished with the Irok family as yet.
Not erm, because it has a shitload of bugs. Can't say it has
none, or it wouldn't still be in beta stages would it? But,
atleast I can say I've never charged anybody to test a piece of
beta software. <G>
>No, wondering why I breathe is only a waste of your time, not
>mine.
LoL! Nice word twisty twisty.
>PS, have you thought of another lie to tell Dr. Costas? We all
>know you lie and you proved it again!
Erm, I've proved nothing one way or the other Randy chapsor. I
mean, unless you have some direct evidence DIRECTLY linking me to
the spread of irok? Nobody else (including myself) seems to have
this. If you have something, cough it up. I'm calling your bluff.
;p
For those really interested in semantics, I didn't say I wouldn't
write more of them, I said I wouldn't spread one. And no, I'm
sorry, but offering ENCRYPTED files on a website isn't spreading.
(You have NO ACCESS whatsoever to the virus binary without
decrypting the file, AND the decryption program is indeed a
seperate download altogether). it's a mighty Gray Area we live
in, don't cha think? :-)
Regards,
Raid [slam]
kurt wismer
[snip]
> I wrote the virus, you're the one who was so dumb to catch it..
> It's your own fault, deal with it.
my, what a sensitive and caring response...
do you drown bags full of puppies, too?
--
"and from somewhere in our black subconscious minds when we're asleep
comes a haunting swelling mass of voices, resonating
it's the screams of forgotten victims and the cries of innocence
and the desperate plea for recognition and recompense"
Squeezebucket
<fbo...@mail.dotcom.fr> wrote:
>> I don't think there is anything funny about the whole thing! I read
>> your postings with disgust Gigabyte. This virus slowed down my work for
>> school and I can't deliver my hard work on time! Everything doesn't seem
>> to work properly since I got this virus. I've posted my original message
>> asking for help and not expecting your ugliness to show up. THANK YOU!
>No, no, no, Eddy. That is exactly what virus writers want to read:
>that their viruses have hindered someone from doing his work.
>If you really want to annoy Gigabyte you must tell her that the
>virus didn't bother you at all...
... so she can write an even more maliciois virus that _will_ bother
you?
Raid Slam
Squeezebucket <squ...@me.com> wrote:
>.... so she can write an even more maliciois virus that _will_
>bother you?
Finally! Someone who shows a bit of intelligence regarding virus
writers. It's been years I've awaited a post from a user like
this one above. Avers are under the impression if they insult us,
it will stop us from writing more. They know the same things you
know however, but it can be a salesbooster. How many people saw
the Norton banner ads warning you of the iloveyou virus? :)
Regards,
Raid [SLAM]
PaX [SlaM]
Do yourself a favour and shut up while you still can.
Peace,
Rhape79<<<<<<<<<<<<<<<<<<,
I'll back ya totally on that one Rhape....
we've said it in private gigs now I'll say it in public ...quit while you
still have the option...
regards PaX
Pierre Vandevenne
>write more of them, I said I wouldn't spread one. And no, I'm
>sorry, but offering ENCRYPTED files on a website isn't spreading.
It is spreading, by all definitions : spreading of encrypted viruses and
spreading of their decryptors. Spreading loaded guns with the safety on or
with the safety off sin't fundamentally different. You are spreading harmful
software, with a safety so that you can wash your hands.
The problem that makes most discussions with you on this topic impossible and
a loss of time is that you are simply dishonest in the way you present things.
Randy Abrams
> For those really interested in semantics, I didn't say I wouldn't
> write more of them, I said I wouldn't spread one. And no, I'm
"I can't do anything about Toadie or Termite, as they've made it wild,
and they aren't coming home... But, I can prevent Storm Trooper and
others (mine) from ever becoming wild."
http://x73.deja.com/=rf/[ST_rn=ps]/getdoc.xp?AN=554234609.1&CONTEXT=96039522
4.1648754698&hitnum=3
That's what you said. There's where you said it. How can you prevent them
from becoming wild when you lose control of them?
Logical deduction: What you said is not true, OR irok isn't yours.
Not bad for a stupid guy, eh?
Regards,
Randy
bs...@my-deja.com
"PaX [SlaM]" <P...@SlaMVT-org.uk> wrote:
> >>>>>
> >hehehe. Silly question. if I did get "hit" by it, it's not very
> >difficult to remove. Besides, I know it's author; No biggie to
>
> What will he charge you for doing it? (Cleaning up, of
> course)<<<<<<<<<<<<<<<<<
>
> work..
>
> Its called commercial data fraud and under current US law its a federal
> felony.
> Thats the official bit out of the way...
> heh as to removing it....like the above poster syas...not really a problem
>
> PaX [SlaM]
>
Shit, that means I have to give back all the money i took from these kids at
school from removing my viruses from their pc's?
bs...@my-deja.com
>
> > I don't think there is anything funny about the whole thing! I read
> > your postings with disgust Gigabyte. This virus slowed down my work for
> > school and I can't deliver my hard work on time! Everything doesn't seem
> > to work properly since I got this virus. I've posted my original message
> > asking for help and not expecting your ugliness to show up. THANK YOU!
>
> No, no, no, Eddy. That is exactly what virus writers want to read:
> that their viruses have hindered someone from doing his work.
>
> If you really want to annoy Gigabyte you must tell her that the
> virus didn't bother you at all...
>
Yes, Eddy, never show your pain/anger/lameness/etc in here...Makes all avers
look silly. And speaking of freaking avers, why dont u get an antivirus?
Spend around $30 and have a peace of mind.
Raid Slam
pie...@datarescue.com (Pierre Vandevenne) wrote:
>It is spreading, by all definitions : spreading of encrypted
>viruses and spreading of their decryptors. Spreading loaded guns
>with the safety on or with the safety off sin't fundamentally
>different.
Gun to computer virus analogy is old hat, and isn't accurate.
The decryption program is a piece of shareware. It's not being
"spread" (it's not a virus, and it's not designed soley for
encrypting viruses; I believe it's author intended it to encrypt
sensitive material, Viruses is but one) Encrypted viruses pose no
threat to anyone. And they aren't being spread, They are offered
(to the visitors) if they would like a copy, they are welcome to
it. I'm not posting them on usenet and spreading them around IRC.
By your own fucked up logic Piere, Your "spreading" potentially
dangerous software yourself, If misused it can allow for a person
to unlock the copy-protection mechanizms present in most software
these days. Your product assists criminals with their cracking
efforts. Oi... Your logic doesn't seem so good when turned on you
now does it? :)
>You are spreading harmful software, with a safety so that you
>can wash your hands.
I am not spreading anything. I offer material for those
interested in it. I do not spam usenet with advertising for it,
nor do I invite people to signup to a mailing list so I can spam
them on a more personal level. If they wish to see what I have,
they do so. It's a hobby to me, I make no money or other gain
from it. and I don't harm anybody by doing it. Users may harm
another with it, but alas, That is not my responsibility; Anymore
so then you being held liable if somebody writes a crack because
your software showed them what they needed to patch.
>The problem that makes most discussions with you on this topic
>impossible and a loss of time is that you are simply dishonest
>in the way you present things.
I'm not dishonest in the way I have presented myself. You claim
by hosting them on a website, that I'm somehow spreading them
into the world. Have you ever heard of the freeware concept? I
suppose anybody who's ever hosted a program on a website is
spreading the fucking thing then.
More so, Atleast my software won't contribute to cracking a
several thousand dollar program. :)
Raid Slam
<randyab...@hotmail.com> wrote:
>"I can't do anything about Toadie or Termite, as they've made it
>wild, and they aren't coming home... But, I can prevent Storm
>Trooper and others (mine) from ever becoming wild."
Yes... And where did I say I wouldn't WRITE MORE? (Thats the
semantics issue I called you on).
Not to be too language police like, but can/will/do aren't all
the same word. They each have different meanings.
>That's what you said. There's where you said it. How can you
>prevent them from becoming wild when you lose control of them?
I said I "can" prevent them from becoming wild, I didn't say I
HAD TOO, OR THAT WOULD, ONLY THAT i CAN. Damn caps lock. ;p
I didn't lose control of anything. They aren't like driving a
car. I passed a few samples to some associates. What happened to
it at that point isn't my concern. We did a trade, I recieved
some new viruses for my collection, they recieved some for
theirs. You really annoy me tho Randy, jumping on my case over
software issues and then proudly posting from inside a
microsoft.com domain. It's almost anal retentive.
>Logical deduction: What you said is not true, OR irok isn't
>yours.
Your logic is faulty due to your lack of english comprehension.
What I said is true, I can prevent the spread of viruses I write.
I didn't say I HAD TOO. And yes, Irok is my little baby.
>Not bad for a stupid guy, eh?
Snicker, yes Sir, you are stupid. ;p
Pierre Vandevenne
>In article <8hme64$2uk...@be.kpnqwest.net>,
>pie...@datarescue.com (Pierre Vandevenne) wrote:
>sensitive material, Viruses is but one) Encrypted viruses pose no
>threat to anyone. And they aren't being spread, They are offered
Nobody gets infected by downloading viruses from a web site.
Assholes who are unable to write viruses themselves do however spread the
virus they download.
>By your own fucked up logic Piere, Your "spreading" potentially
>dangerous software yourself, If misused it can allow for a person
>to unlock the copy-protection mechanizms present in most software
>these days.
In fact it is far from being the best tool to achieve that goal. It is not a
debugger. It can't modify programs. As a matter of fact I have personally put
a stop on the development of its assembling patching abilities. I even
considered removing them totally, but we did'nt at the request of customers
(who were not "cracking").
>Your product assists criminals with their cracking
>efforts. Oi... Your logic doesn't seem so good when turned on you
>now does it? :)
You are not turning the logic at all.
A word processor can be used to write nazi propaganda, but a word processor is
not intrinsically bad.
A compiler can be used to write destructive programs but is not intrisically
bad.
A disassembler can be used to crack program (although it is far from the best
tool imho) but it is not intrinsically bad.
A virus _is_ intrinsically bad because it replicates without control and can
affect users that don't want to be affected.
You recognize this yourself since you put restrictions on its distribution.
The point is obvious since our disassembler is never going to have any impact
on the life of unsuspecting users, while virus obviously constantly have.
>from it. and I don't harm anybody by doing it. Users may harm
>another with it, but alas, That is not my responsibility; Anymore
As I said, you wash your hands.
>so then you being held liable if somebody writes a crack because
>your software showed them what they needed to patch.
And Microsoft along because they wrote the compiler used to write the patch,
Intel because they build the processor that ran the soft and Toyota because
that's what the patch writer used to travel to and from is computer.
The problem with virus is that they replicate and affect unwilling users : do
you understand that ?
>into the world. Have you ever heard of the freeware concept? I
>suppose anybody who's ever hosted a program on a website is
>spreading the fucking thing then.
Sure - spreading freeware is nice, because freeware usually doesn't replicate
and affect unwilling users : do you understand that ?
>More so, Atleast my software won't contribute to cracking a
>several thousand dollar program. :)
You have _no_ arguments to defend your position and you choose to attack on
very weak grounds.
---
Pierre Vandevenne, MD
www.datarescue.com, home of the IDA Pro Disassembler
YES ! We have redefined the rules again...
www.datarescue.com/idabase/
Raid Slam
(Pierre Vandevenne) wrote:
>Nobody gets infected by downloading viruses from a web site.
>Assholes who are unable to write viruses themselves do however
>spread the virus they download.
I'm glad we've gotten this straight. Nobody gets infected by
downloading my material only. Thank you. Assholes who do download
and spread one of my viruses are indeed assholes, but that does
NOT make me the asshole! I hate to use gun analogies, but let's
do one... If somebody (an asshole) buys a gun (downloads a virus)
and decides to shoot somebody with it (infect them) are you going
to hold the manufacturer liable (me?) or the asshole who shot the
fucker in the first place? In the US supreme court, this very
thing was tried. The smuck who sued the gun manufacturer lost.
You cannot hold the manufacturer liable for someone elses
actions.
This does apply in the Vx scene as well. You can't hold shit over
my head if I didn't do the crime. Writing the virus in my country
isn't illegal, Offering them on a website pending TOS agreement
isn't illegal either. By themselves, viruses are only a tool. A
device, a simple computer program. People like you make them seem
far worse then they actually are.
>In fact it is far from being the best tool to achieve that goal.
>It is not a debugger. It can't modify programs.
It doesn't have to be able to apply modifications, Only show you
where you need to apply them. Being as I'm sure you've done your
fair share of reverse engineering, I'd say you already know the
process, so I need not explain it. While your software isn't the
perfect tool for the job, It does allow someone with some
intelligence to do it. :)
>a stop on the development of its assembling patching abilities.
>I even considered removing them totally, but we did'nt at the
>request of customers (who were not "cracking").
I could be a registered customer of yours... How would you ever
know? :)
>You are not turning the logic at all.
Indeed sir I am. I'm using your twisted logic on you. My viruses
do nothing when downloaded, you are required to execute them.
>A compiler can be used to write destructive programs but is not
>intrisically bad.
A virus isn't bad nor good, it doesn't know what those are. It
follows instructions. It's upto the author of what those
instructions will be. I realize you think viruses are a huge loss
to the computing industry, however the root of the problem is not
the virus, but the users and lack of training for the users.
Of course, nobody wants to hear that they haven't adequatly
trained their employees.
>A virus _is_ intrinsically bad because it replicates without
>control and can affect users that don't want to be affected.
A virus can do nothing to you, until/unless you execute it. If
you didn't want it to affect you, you should not execute the
code. I do not buy the "But I didn't know it was a virus!"
ignorance is no excuse.
>You recognize this yourself since you put restrictions on its
>distribution.
As any responsible programmer would. I put restrictions on my
freeware (viruses) just like gun manufactures and the us
government do on their sales. It's designed to offer some
protection against themselves (people having to be protected
becuase they are unwilling/incapable of learning safe-hex/safe
gun handling).
I don't mean to sit here and belittle your statements, But...
The root of the problem is the user.
>on the life of unsuspecting users, while virus obviously
>constantly have.
How do you know your product hasn't been used to crack programs
such as 3d studio and autocad2000? That hurts those companies,
they are out several grand.
>As I said, you wash your hands.
Not anymore so then anyone else. You can't single me out pierre,
Every piece of software you load (even the legit ones) deny any
responsibility for anything that could happen to your machine or
the software/data contained inside. From an economics standpoint
with lawsuit happy people, this seems to be a good business
practice.
>The problem with virus is that they replicate and affect
>unwilling users : do you understand that ?
I understand the user isn't aware he is recieving a virus, but
when he executes it, he's no longer unwilling, now is he?
>You have _no_ arguments to defend your position and you choose
>to attack on very weak grounds.
Looks like I struck a cord with you, My apologies. You had it
coming however...
Randy Abrams
Raid Slam <soho20N...@hotmail.com.invalid> wrote in message
> In article <#tEDgKY0$GA.420@cpmsnbbsa08>, "Randy Abrams"
> <randyab...@hotmail.com> wrote:
>
> >"I can't do anything about Toadie or Termite, as they've made it
> >wild, and they aren't coming home... But, I can prevent Storm
> >Trooper and others (mine) from ever becoming wild."
>
> Yes... And where did I say I wouldn't WRITE MORE? (Thats the
> semantics issue I called you on).
No semantics issue here at all. You said you could prevent others from
becoming wild, but you have proven that you lack the skills or inclination
to do so. You clearly could not. Beyond this you also know good and well
that with in the context of the email you were clearly stating that you
would not allow any more to become wild. You clearly lied to Dr. Costas.
I'll stick around and play semantics games with you all year, but everyone
here knows you lied. You know you lied. Evul knows you lied. Spanska knows
you lied.
Additionally, you claimed to have said "I said I wouldn't spread one. " and
now you acknowledge that what you really said is what I posted above. Again,
you lied and have been caught publicly.
<snip>
> I said I "can" prevent them from becoming wild, I didn't say I
> HAD TOO, OR THAT WOULD, ONLY THAT i CAN. Damn caps lock. ;p
Yeah and I can say that I CAN fly under my own power by flapping my arms and
then try to weasel out of it by saying that I didn't say I would. We all
knew that you lacked the self-control to keep from releasing another virus
to the wild. You clearly can not. Don't lie to Dr. Costas and say you can.
<snip>
> theirs. You really annoy me tho Randy, jumping on my case over
> software issues and then proudly posting from inside a
> microsoft.com domain. It's almost anal retentive.
Ah, can't attack my for my actions so you try to play the "well look for who
you work for" issue side step. And all of this coming from a self-proclaimed
Microsoft OEM :) (You just can't live some things down).
> >Logical deduction: What you said is not true, OR irok isn't
> >yours.
>
> Your logic is faulty due to your lack of english comprehension.
You seem to be the one with comprehension problems.
> What I said is true, I can prevent the spread of viruses I write.
> I didn't say I HAD TOO. And yes, Irok is my little baby.
Obviously you couldn't prevent Irok from spreading. Obviously you sought to
mislead Dr. Costas, and obviously the truth is a bit much for you to admit
to.
>
> >Not bad for a stupid guy, eh?
>
> Snicker, yes Sir, you are stupid. ;p
And you predictable!
Regards,
Randy
Pierre Vandevenne
>fucker in the first place? In the US supreme court, this very
>thing was tried. The smuck who sued the gun manufacturer lost.
Well, the US is about the only country in the world where people freely go
around with guns - but granted laws do differ and it is not illegal.
>>a stop on the development of its assembling patching abilities.
>>I even considered removing them totally, but we did'nt at the
>>request of customers (who were not "cracking").
>
>I could be a registered customer of yours... How would you ever
>know? :)
You could, but the opinions that we received are from well known users, even
outside our limited field, and I suspect that you are not one of those well
known person.
>the virus, but the users and lack of training for the users.
Don't agree - you can train the users, but they still won't be available to
decide wether it is safe or not.
For example, I am, myself, unable to decide with 100% certainty to run or not
run unknown binaries I receive on my computer. I think I can be considered as
trained. Even if I wanted really strongly to check, I would have to loose a
couple of hours each time.
>How do you know your product hasn't been used to crack programs
>such as 3d studio and autocad2000? That hurts those companies,
>they are out several grand.
Could be, but maybe it has helped those companies as well at other tasks ?
What was the role of the e-mail program that was used to exchange ideas about
dongles, what was the role of the compiler that was used to implement the
dongle emulation etc....
>>The problem with virus is that they replicate and affect
>>unwilling users : do you understand that ?
>
>I understand the user isn't aware he is recieving a virus, but
>when he executes it, he's no longer unwilling, now is he?
he can remain unaware for years, he can spread for years.
>>You have _no_ arguments to defend your position and you choose
>>to attack on very weak grounds.
>
>Looks like I struck a cord with you, My apologies. You had it
>coming however...
It is not a sensitive area, because I know mostly what our customers do with
our program. As far as crackers are concerned, they might use it (how lame
today's "hacker" is is a long story) , but rest assure that they begin by
stealing our program in the first place before abusing it..
John Bloodworth
>A virus isn't bad nor good, it doesn't know what those are. It
>follows instructions. It's upto the author of what those
>instructions will be. I realize you think viruses are a huge loss
>to the computing industry, however the root of the problem is not
>the virus, but the users and lack of training for the users.
Wrong Raid, viruses are intrinsically bad simply because they infect without
the user knowing or authorising it to do so, however I do agree that it is
not the virus itself that causes the problem as it is just a bit of code. It
is partially the authors fault for placing it such that anyone has access to
it, and the morons fault who decided it would be fun to spread it.
>Of course, nobody wants to hear that they haven't adequatly
>trained their employees.
This is a bug bear of mine.....Why should users have to be trained in every
little area of computing including every little security implication that
comes with it. If everyone had this knowledge then everyone would be VERY
well paid.
>A virus can do nothing to you, until/unless you execute it. If
>you didn't want it to affect you, you should not execute the
>code. I do not buy the "But I didn't know it was a virus!"
>ignorance is no excuse.
Of course it is, viruses attempt to hide themselves from the user, therefore
the whole idea is to fool the user into thinking there is no virus there
>As any responsible programmer would. I put restrictions on my
>freeware (viruses) just like gun manufactures and the us
>government do on their sales. It's designed to offer some
>protection against themselves (people having to be protected
>becuase they are unwilling/incapable of learning safe-hex/safe
>gun handling).
>
>I don't mean to sit here and belittle your statements, But...
>The root of the problem is the user.
Hmm, avoided wearing there but only just.......get a grip Raid, I'll repeat
myself again viruses (in most cases) attempt to fool the user so why is it
the users fault when they are fooled?
>Not anymore so then anyone else. You can't single me out pierre,
>Every piece of software you load (even the legit ones) deny any
>responsibility for anything that could happen to your machine or
>the software/data contained inside. From an economics standpoint
>with lawsuit happy people, this seems to be a good business
>practice.
However the software that is loaded is done so with the users consent
>I understand the user isn't aware he is recieving a virus, but
>when he executes it, he's no longer unwilling, now is he?
I could get repetitious here but I won't
>Looks like I struck a cord with you, My apologies. You had it
>coming however...
Hmmm, however Raid, your arguements fall down on one major point.....user
consent
>Regards,
>Raid [SLAM]
John Bloodworth SE (NEUR)
Network Associates UK
Mobile : +44 (0)7887 626103
Direct : +44 (0)1753 217973
Fax : +44 (0)1753 217520
nos...@all.thanks
> In article <2991b46c...@usw-ex0106-045.remarq.com>, Raid Slam <soho20N...@hotmail.com.invalid> wrote:
>
> >fucker in the first place? In the US supreme court, this very
> >thing was tried. The smuck who sued the gun manufacturer lost.
>
> Well, the US is about the only country in the world where people freely go
> around with guns - but granted laws do differ and it is not illegal.
Not exactly freely, though it might seem that way to foreigners. There are arguably adequate laws that are
inconsistently enforced so that there is a blurring between the dejure and the defacto.
> >>
> >How do you know your product hasn't been used to crack programs
> >such as 3d studio and autocad2000? That hurts those companies,
> >they are out several grand.>>
> It is not a sensitive area, because I know mostly what our customers do with
> our program. As far as crackers are concerned, they might use it (how lame
> today's "hacker" is is a long story) , but rest assure that they begin by
> stealing our program in the first place before abusing it..
FWIW I have a copy of IDA Pro disassembler [even though I currently lack the skills to use it] that was "found" on
usenet, Is this considered stealing? If I hadn't got it this way, I wouldn't have it at all so you haven't been
cheated out of any revenue.
I agree that if I were to accrue financial benefit then I would have an obligation to compensate the authors.
I consider these "freebie" offerings as educational and entertaining opportunities that add luster to my waning
years thus embrace no compunction in seeking, obtaining, nor enjoying them. I also find a compelling fascination
with malware and have amassed somewhat of a zoo yet have no urge to wreak the potential havoc such creations are
capable of.
The interest to me in this ongoing conflict is that irresponsible behavior will be responded to in irrational means
which could limit my access to this source of material. Same situation as the current attention the "gun issue" is
getting.
~~Bart~~
Pierre Vandevenne
>> It is not a sensitive area, because I know mostly what our customers do with
>> our program. As far as crackers are concerned, they might use it (how lame
>> today's "hacker" is is a long story) , but rest assure that they begin by
>> stealing our program in the first place before abusing it..
>
>FWIW I have a copy of IDA Pro disassembler [even though I currently lack the
> skills to use it] that was "found" on
>usenet, Is this considered stealing?
Well, since you ask, yes. Just as using any other piece of software without a
license is.
>I agree that if I were to accrue financial benefit then I would have an
> obligation to compensate the authors.
You know, it is not up to you to agree. If you don't like our licensing
policy, then you don't use or obtain our product - period. Write
your own, buy another one, use freeware. Governmental agencies don't accrue
financial income by using our software, yet they license it. We even have
quite a few retired talented programmers as customers. They don't acrrue
revenue but have kept an active mind
Besides, as lame as most of today's hackers are, they were unable, after
months of trying, to remove IDA's licensing information and resorted to credit
card fraud to obtain a copy - we caught four of such attempts but
unfortunately let the fifth one go through (yeah, that is a bit ridiculous,
those hackers with fancy names being unable to remove simple licensing
information, but anyway). The software obtained through that fraud was then
uploaded to the directories of various unsuspecting webmasters (front page
users with a well known vulnerability) who in turn got some of their sites
shut down because of excessive bandwidth use or will get hefty bills at the
end of the month) - in fact, if you downloaded IDA from one of these pages,
you either contributed to the interruption of service of some of them or
directly stole money from the webmaster that will pay for bandwidth.
In most cases, we could have used the same exploit that was used to post IDA
to trash the compromised sites (or upload trojanized IDA for example) but we
decided against it even if we could consider it as "educational and
entertaining"... That's a direct consequence of our perception of ethics.
>I consider these "freebie" offerings as educational and entertaining
> opportunities
We don't consider that this way, sorry. And since it is our program, we are
the ones who decide what others may or may not do with it, at least legally.
While "hackers" were congratulating themselves of having successfully
completed a credit card fraud, we were working on the new version, which
simply renders the older one obsolete :-)
Compare what you get with your pirate version with what you get with the new
version (www.datarescue.com/idabase/) and you'll see that talent defeats
theft.
I hope that the regular of ACV will forgive me this off-topic message, but
one, IDA is used by many people to analyze trojans and viruses and two, it
seems trendy to attack me directly or indirectly on this topic :-)
Randy Abrams
Raid Slam <soho20N...@hotmail.com.invalid> wrote in message
> In article <8iav0s$ls_...@be.kpnqwest.net>, pie...@datarescue.com
> (Pierre Vandevenne) wrote:
>
> >Nobody gets infected by downloading viruses from a web site.
> >Assholes who are unable to write viruses themselves do however
> >spread the virus they download.
>
> I'm glad we've gotten this straight. Nobody gets infected by
> downloading my material only. Thank you. Assholes who do download
> and spread one of my viruses are indeed assholes, but that does
> NOT make me the asshole! I hate to use gun analogies, but let's
> do one... If somebody (an asshole) buys a gun (downloads a virus)
> and decides to shoot somebody with it (infect them) are you going
> to hold the manufacturer liable (me?) or the asshole who shot the
> thing was tried. The smuck who sued the gun manufacturer lost.
> actions.
The bartender who serves the driver who runs down the victim can be sued. We
can hold the distributor liable. Some bar tenders won't serve intoxicated
customers. You have a history of promoting the spread of viruses and are
unlikely to deny one of your viruses to a spreader. You obviously lack the
ability to keep your viruses from spreading and lack the sense of
responsibility to keep them to yourself.
> This does apply in the Vx scene as well. You can't hold shit over
> my head if I didn't do the crime.
You most certainly could be an accomplice.
> Writing the virus in my country isn't illegal, Offering them on a website
pending TOS agreement
> isn't illegal either. By themselves, viruses are only a tool. A device, a
simple computer program.
> People like you make them seem far worse then they actually are.
No people like you write them to be far worse than they need be.
<snip>
> Indeed sir I am. I'm using your twisted logic on you. My viruses
> do nothing when downloaded, you are required to execute them.
> A virus isn't bad nor good, it doesn't know what those are. It
> follows instructions. It's upto the author of what those
> instructions will be.
It's also up to the author to make sure they don't spread.
> I realize you think viruses are a huge loss to the computing industry,
however the root of the problem is not
> the virus, but the users and lack of training for the users.
No, ignorance of users is an entirely different problem. The root of the
problem with viruses is that they are almost always designed to invade
people's privacy.
<snip>
> A virus can do nothing to you, until/unless you execute it. If
> you didn't want it to affect you, you should not execute the
> code. I do not buy the "But I didn't know it was a virus!"
> ignorance is no excuse.
Then you have no excuse for that last statement. You seem to be mistaking
the fact that ignorance of the law is not a legal defense with your twisted
and ignorant version. If ignorance is not an excuse then you should know
everything. By your own logic if someone spreads one of your viruses it's
your fault for not knowing that they were going to so it. Of course since
you are a proponent of ignorance is no excuse then we must assume you knew
the people would spread your viruses and that's why you let them have them.
<snip>
> As any responsible programmer would. I put restrictions on my
> freeware (viruses) just like gun manufactures and the us
If you were a responsible programmer your viruses would not be able to be
used to covertly infect people. You could learn a ton about responsible
virus programming from Doren Rosenthal. You have demonstrated time and time
again you do not know responsibility. If you were a responsible programmer
there is no way your viruses could infect any computer that was being used
to help people. What have you done to ensure that your viruses will never
interfere with Dr. Costas' work? nothing, because you are deliberately an ir
responsible programmer.
<snip>
> I don't mean to sit here and belittle your statements, But...
> The root of the problem is the user.
with a compiler and an inclination to write viruses.
Ignorant users do not cause covert-self-replicating code to come into
existence.
<snip>
> >The problem with virus is that they replicate and affect
> >unwilling users : do you understand that ?
>
> I understand the user isn't aware he is recieving a virus, but
> when he executes it, he's no longer unwilling, now is he?
I once heard that there are no stupid questions. Thank for the exception to
prove the rule. Of course a user who does not know an executable is infected
is still unwilling when they run the executable designed to do something
other than infect their computer. Get real.
Regard,
Randy
kurt wismer
> In article <#tEDgKY0$GA.420@cpmsnbbsa08>, "Randy Abrams"
> <randyab...@hotmail.com> wrote:
>
> >"I can't do anything about Toadie or Termite, as they've made it
> >wild, and they aren't coming home... But, I can prevent Storm
> >Trooper and others (mine) from ever becoming wild."
>
> Yes... And where did I say I wouldn't WRITE MORE? (Thats the
> semantics issue I called you on).
i don't believe he cares about what you program, raid, but since irok
obviously went into the wild after that statement was made it seems clear
that you despite your ability to keep them out of the wild, you have no
intention of actually doing what is necessary to acheive that goal...
[snip]
> I didn't lose control of anything. They aren't like driving a
> car. I passed a few samples to some associates. What happened to
> it at that point isn't my concern.
indeed, you didn't "lose" control, you intentionally gave it up...
i think we'd all be happier (especially those who've been affected by your
viruses) if you'd keep them to yourself from now on...
cqu...@iafrica.com
<soho20N...@hotmail.com.invalid> wrote:
>In article <8iav0s$ls_...@be.kpnqwest.net>, pie...@datarescue.com
>(Pierre Vandevenne) wrote:
>I hate to use gun analogies
Me too, because they aren't accurate.
Something like a non-replicating trojan would be like a gun; e.g. if I
download a RAT with the intention of integrating this into a system I
wanted to penetrate. And indeed, there's debate about whether stuff
like SubSeven should be marketed with "stealth server" capabilities in
place, as that facilitates such use.
A virus or worm is more like a land mine, in that once it is deployed,
there's no control over who it hits. A bit north of where I live,
kiddies are still being blown up by mines, even as we celerbrate the
xth aniversary of the end of the the wars they were a part of.
>By themselves, viruses are only a tool.
Tools have a use.
BTW: I'm not flaming your choice to do vx here (%Deity% knows there
are enough ppl who will do that anyway) though for the record, I'd
rather you didn't. Even though I get paid to clean up such things as
part of my job, I'd rather be doing things that make things better
rather than simply trying to stay in the same place.
I'm just trying to clarify some "cause and effect" issues :-)
>... viruses are a huge loss to the computing industry,
Yeah, but when I think of viruses, I don't think of the cost to
businesses that pay to get thierselves sorted out. I think of ppl who
aren't able to sort it out or afford to pay to have someone else sort
it for them, and who just lose stuff that can't be replaced.
Saying they should know better or do backups is like saying ppl who
don't want to mugged or raped should stay at home.
There are plenty of users who don't have a clue. I don't have a
problem with that; but when such ppl are employed on the basis that
they possess computer skills, and thier lack of same causes loss to
the company and others, then at least part of the fault must lie with
the user who has mis-represented thier skills, or the company that
fails to screen, train, or take responsability for thier actions.
As an example, I have a client who *repeatedly* recieves septic
attachments from another company, in spite of repeated requests to
said company to cease and desist. In cases like that, I think the
sending company should bear the costs of the cleanup.
>>A virus _is_ intrinsically bad because it replicates without
>>control and can affect users that don't want to be affected.
>A virus can do nothing to you, until/unless you execute it. If
>you didn't want it to affect you, you should not execute the
>code. I do not buy the "But I didn't know it was a virus!"
>ignorance is no excuse.
Oh, come on Raid! I'm sure you'd agree that a large part of the skill
in writing malware is disguising it's nature so that it is
unintentionally executed. Hitting a boxer in a ring is one thing;
hitting an arbitrary person in the street is another.
It's unfair to play a game with someone who not only doesn't want to
play, but isn't even aware the game exits :-)
>I don't mean to sit here and belittle your statements, But...
>The root of the problem is the user.
Ah, blame the victim! If %Deity% didn't want them raped, they
wouldn't have orifaces! Yeah, right. I wouldn't mind if the software
deity didn't put so many orifaces in Windows, though.
>Every piece of software you load (even the legit ones) deny any
>responsibility for anything that could happen to your machine or
>the software/data contained inside. From an economics standpoint
>with lawsuit happy people, this seems to be a good business
>practice.
Sure, because the cost of data is unbounded. It's the only part of
the system that is unique to the user, and that can't be replaced by
throwing money at it. But because vendors have no responsability for
it, "support" is usually pretty cavalier about it.
The difference is that I can't see what the non-malicious purpose of
viruses might be. I can see the virus and worm process is interesting
in itself (entropy, gestalt, life etc. all come to mind) but I don't
see what relevance destructive payloads have in that context.
>------------ ----- --- -- - - - -
Drugs are usually safe. Inject? (Y/n)
>------------ ----- --- -- - - - -
Bart Bailey
> In article <394A2FB8...@amsat.org>, nos...@all.thanks wrote:
>
> >> It is not a sensitive area, because I know mostly what our customers do with
> >> our program. As far as crackers are concerned, they might use it (how lame
> >> today's "hacker" is is a long story) , but rest assure that they begin by
> >> stealing our program in the first place before abusing it..
> >
> >FWIW I have a copy of IDA Pro disassembler [even though I currently lack the
> > skills to use it] that was "found" on
> >usenet, Is this considered stealing?
>
> Well, since you ask, yes. Just as using any other piece of software without a
> license is.
>
> >I agree that if I were to accrue financial benefit then I would have an
> > obligation to compensate the authors.
>
> You know, it is not up to you to agree.
Well if you want to take a confrontational tone, I reserve the right to exert
autonomy in matters of whether I agree or disagree with anything.
> If you don't like our licensing
> policy, then you don't use or obtain our product - period.
I was totally unaware of any licensing policy when I found the app and didn't
realize it was yours until the post I was responding to so my actions weren't a
deliberate attempt to subvert your policy.
> Write
> your own, buy another one, use freeware. Governmental agencies don't accrue
> financial income by using our software, yet they license it. We even have
> quite a few retired talented programmers as customers. They don't acrrue
> revenue but have kept an active mind
So even obtaining a passing interest in something that serendipitously appeared is
a commodity that you seek to protect?
>
> Besides, as lame as most of today's hackers are, they were unable, after
> months of trying, to remove IDA's licensing information and resorted to credit
> card fraud to obtain a copy - we caught four of such attempts but
> unfortunately let the fifth one go through (yeah, that is a bit ridiculous,
> those hackers with fancy names being unable to remove simple licensing
> information, but anyway). The software obtained through that fraud was then
> uploaded to the directories of various unsuspecting webmasters (front page
> users with a well known vulnerability) who in turn got some of their sites
> shut down because of excessive bandwidth use or will get hefty bills at the
> end of the month) - in fact, if you downloaded IDA from one of these pages,
> you either contributed to the interruption of service of some of them or
> directly stole money from the webmaster that will pay for bandwidth.
I didn't find a keygen or patch then go after the app from your site, Nor did I get
it from a warez site, it was posted in multipart to a newsgroup and I just
downloaded and unRARed it. As for bandwidth, yes seems I remember it took quite
awhile to DL the 20 Mb bitch as I'm on a slow dialup.
> In most cases, we could have used the same exploit that was used to post IDA
> to trash the compromised sites (or upload trojanized IDA for example) but we
> decided against it even if we could consider it as "educational and
> entertaining"... That's a direct consequence of our perception of ethics.
And your perception of ethics just might have saved the economic viability of your
company, should word get out that you had deliberately posted "trojanized" malware.
> >I consider these "freebie" offerings as educational and entertaining
> > opportunities
>
> We don't consider that this way, sorry. And since it is our program, we are
> the ones who decide what others may or may not do with it, at least legally.
So sue me! You will then learn the meaning of the term "judgment proof"
> While "hackers" were congratulating themselves of having successfully
> completed a credit card fraud, we were working on the new version, which
> simply renders the older one obsolete :-)
Congrats on the improvement, however if the release of a newer version of some
application rendered the previous one "obsolete" then what's to say the current
version has any more enduring utility?
> Compare what you get with your pirate version with what you get with the new
> version (www.datarescue.com/idabase/) and you'll see that talent defeats
> theft.
Since I probably wouldn't know the difference, it makes no difference.
> I hope that the regular of ACV will forgive me this off-topic message, but
> one, IDA is used by many people to analyze trojans and viruses
What's wrong with an analytical tool being used to analyze something....anything?
> and two, it
> seems trendy to attack me directly or indirectly on this topic :-)
I'm way beyond being concerned with trendiness and I didn't post my comments as an
attack so if you took it that way I apologize.
>
>
> ---
> Pierre Vandevenne, MD
> www.datarescue.com, home of the IDA Pro Disassembler
> YES ! We have redefined the rules again...
Maybe everyone else will go along and play by them too ;-)
~~Bart~~
LHigdon
manufacturers. But, it's not out of the realm of possibilities that
state legislatures (or even the US House and Senate, for that matter)
COULD draft and pass legislation that would hold the manufacturers
liable, financially. Taking the analogy he makes and applying it to
writing code, it's definitely not out of the realm of possibility that
ther could be legislation drafted and passed that would hold an author
of malicious code financially liable, even though they did not
"spread" it. My point is, in a free society, that's how freedoms are
lost. I hope we never see the day when authors of code, malicious or
otherwise are prosecuted just because of what someone else does with
what they wrote. That would be another sad chapter in the history of
government regulation. But "assholes" generally fuck it up for
everyone. So, when the shit comes down on people just for writing
code, they know who they can thank.
On Fri, 16 Jun 2000 09:09:40 -0700, "Randy Abrams"
<randyab...@hotmail.com> wrote:
>
>Raid Slam <soho20N...@hotmail.com.invalid> wrote in message
>news:2991b46c...@usw-ex0106-045.remarq.com...
>> In article <8iav0s$ls_...@be.kpnqwest.net>, pie...@datarescue.com
>> (Pierre Vandevenne) wrote:
>>
>> A virus can do nothing to you, until/unless you execute it. If
>> you didn't want it to affect you, you should not execute the
>> code. I do not buy the "But I didn't know it was a virus!"
>> ignorance is no excuse.
>
>Then you have no excuse for that last statement. You seem to be mistaking
>the fact that ignorance of the law is not a legal defense with your twisted
>and ignorant version. If ignorance is not an excuse then you should know
>everything. By your own logic if someone spreads one of your viruses it's
>your fault for not knowing that they were going to so it. Of course since
>you are a proponent of ignorance is no excuse then we must assume you knew
>the people would spread your viruses and that's why you let them have them.
>
><snip>
>> As any responsible programmer would. I put restrictions on my
>> freeware (viruses) just like gun manufactures and the us
>
>If you were a responsible programmer your viruses would not be able to be
>used to covertly infect people. You could learn a ton about responsible
>virus programming from Doren Rosenthal. You have demonstrated time and time
>again you do not know responsibility. If you were a responsible programmer
>there is no way your viruses could infect any computer that was being used
>to help people. What have you done to ensure that your viruses will never
>interfere with Dr. Costas' work? nothing, because you are deliberately an ir
>responsible programmer.
>
><snip>
>> I don't mean to sit here and belittle your statements, But...
>> The root of the problem is the user.
>
>with a compiler and an inclination to write viruses.
>
>Ignorant users do not cause covert-self-replicating code to come into
>existence.
>
><snip>
>> >The problem with virus is that they replicate and affect
>> >unwilling users : do you understand that ?
>>
>> I understand the user isn't aware he is recieving a virus, but
>> when he executes it, he's no longer unwilling, now is he?
>
>I once heard that there are no stupid questions. Thank for the exception to
>prove the rule. Of course a user who does not know an executable is infected
>is still unwilling when they run the executable designed to do something
>other than infect their computer. Get real.
>
>
>Regard,
>
>Randy
>
>
Peace
Lee Higdon
Fayetteville, GA. (USA)
Pierre Vandevenne
wrote:
>> You know, it is not up to you to agree.
>
>Well if you want to take a confrontational tone, I reserve the right to exert
>autonomy in matters of whether I agree or disagree with anything.
So if I agree to drive your car that is my right yes ?
>I didn't find a keygen or patch then go after the app from your site, Nor did I get
>it from a warez site, it was posted in multipart to a newsgroup and I just
>downloaded and unRARed it. As for bandwidth, yes seems I remember it took quite
>awhile to DL the 20 Mb bitch as I'm on a slow dialup.
Why do you spend your time downloading a 20 MB file which, by your own
admission, you can't even use then ?
Of course, you did not know what it was exactly, you did not know our
licensing terms, but you were fortunate enough to randomly stumble
into this thread - yeah sure. :-)
>And your perception of ethics just might have saved the economic viability of your
>company, should word get out that you had deliberately posted "trojanized" malware.
Unclear at best - ever heard of UCITA - this allows software
developers to remotely disable unlicensed copies of their software.
>Congrats on the improvement, however if the release of a newer version of some
>application rendered the previous one "obsolete" then what's to say the current
>version has any more enduring utility?
Ah, at least something sensible : our legitimate customers get free
upgrades, approximately one every two months.
And anyway, are you hmmmm, wierd enough to consider that significant
improvements should not be released because they lower the value of
previous versions ?
>Since I probably wouldn't know the difference, it makes no difference.
Great, yet you download 20MB on a slow link and come here to post
about it...
>> I hope that the regular of ACV will forgive me this off-topic message, but
>> one, IDA is used by many people to analyze trojans and viruses
>
>What's wrong with an analytical tool being used to analyze something....anything?
No, nothing, your post was off-topic and I was kind of forced in an
off-topic reply.
>> YES ! We have redefined the rules again...
>
>Maybe everyone else will go along and play by them too ;-)
We're expecting that eagerly.
Pierre Vandevenne
Bart Bailey
> On Fri, 16 Jun 2000 11:06:24 -0700, Bart Bailey <nos...@all.thanks>
> wrote:
>
> >> You know, it is not up to you to agree.
> >
> >Well if you want to take a confrontational tone, I reserve the right to exert
> >autonomy in matters of whether I agree or disagree with anything.
>
> So if I agree to drive your car that is my right yes ?
You have the right to agree or disagree with anything, it's how you manifest that right
that could become problematic.
> Why do you spend your time downloading a 20 MB file which, by your own
> admission, you can't even use then ?
Curiosity, it certainly wasn't with any malicious intent.
>
> Of course, you did not know what it was exactly, you did not know our
> licensing terms, but you were fortunate enough to randomly stumble
> into this thread - yeah sure. :-)
I "stumbled" into this thread as a consequence of reading this NG which is only remotely
connected to my surfing activities.
> >And your perception of ethics just might have saved the economic viability of your
> >company, should word get out that you had deliberately posted "trojanized" malware.
>
> Unclear at best - ever heard of UCITA - this allows software
> developers to remotely disable unlicensed copies of their software.
Never heard of UCITA, I'm not a developer. Sometimes the most legitimate reasons for an
action can be misinterpreted, especially if the ratings mongering media sees an
opportunity for controversy.
> >Congrats on the improvement, however if the release of a newer version of some
> >application rendered the previous one "obsolete" then what's to say the current
> >version has any more enduring utility?
>
> Ah, at least something sensible : our legitimate customers get free
> upgrades, approximately one every two months.
>
> And anyway, are you hmmmm, wierd enough to consider that significant
> improvements should not be released because they lower the value of
> previous versions ?
"wierd" ? if I transpose the "e" & "r"- wired, no I'm perfectly sober at this time. If I
transpose the "e" & "i"-weird, well that's a value judgment you'll have to make.
> >Since I probably wouldn't know the difference, it makes no difference.
>
> Great, yet you download 20MB on a slow link and come here to post
> about it...
Nope, I usually look for crakz to new and interesting apps to provide somewhat of an
intellectually oriented usage of my time. The IDA was harvested in my bot along with a
bit of spam, and a fair share of malware. In case you fear that I may represent some new
challenge to your livelihood, I assure you that I'm just an old geezer that missed the
chance to study CS in school [I can work a slide rule] and am only now, in retirement,
getting to play catch up with a computer. I just ghost my c: drive and surf away. I
don't buy nor sell software, can't afford to on my stipend.
> >> YES ! We have redefined the rules again...
> >
> >Maybe everyone else will go along and play by them too ;-)
>
> We're expecting that eagerly.
Good luck and no hard feelings, really.
~~Bart~~
Pierre Vandevenne
>Pierre Vandevenne wrote:
>You have the right to agree or disagree with anything, it's how you manifest
> that right that could become problematic.
(c) laws are almost universal and well understood I think. They allow us to
decide who has or doesn't have the right to use our program. Period.
>I "stumbled" into this thread as a consequence of reading this NG which is only
> remotely connected to my surfing activities.
So you downloaded a 20 MB file that you can't use and stumbled to this group
despite the fact that "it is only remotely connected to your surfing
activities". Jesus, where do you get all that time ?
>Never heard of UCITA, I'm not a developer. Sometimes the most legitimate
>"wierd" ? if I transpose the "e" & "r"- wired, no I'm perfectly sober at this
> time. If I
>transpose the "e" & "i"-weird, well that's a value judgment you'll have to
> make.
Easy fun - I am a native French speaker. I noticed a couple of grammatical
mistakes in your posts as well. Anyway, why not go back to your standard
surfing activities ?
---
Pierre Vandevenne, MD
www.datarescue.com, home of the IDA Pro Disassembler
YES ! We have redefined the rules again...
Bart Bailey
> In article <394BFFCD...@amsat.org>, Bart Bailey <nos...@all.thanks> wrote:
> >Pierre Vandevenne wrote:
>
> >You have the right to agree or disagree with anything, it's how you manifest
> > that right that could become problematic.
>
> (c) laws are almost universal and well understood I think. They allow us to
> decide who has or doesn't have the right to use our program. Period.
I have no argument with that, the point of contention was with the right to agree or
disagree.
>
> >I "stumbled" into this thread as a consequence of reading this NG which is only
> > remotely connected to my surfing activities.
>
> So you downloaded a 20 MB file that you can't use and stumbled to this group
> despite the fact that "it is only remotely connected to your surfing
> activities". Jesus, where do you get all that time ?
I mentioned earlier that I'm retired.
> >Never heard of UCITA, I'm not a developer. Sometimes the most legitimate
>
> >"wierd" ? if I transpose the "e" & "r"- wired, no I'm perfectly sober at this
> > time. If I
> >transpose the "e" & "i"-weird, well that's a value judgment you'll have to
> > make.
>
> Easy fun - I am a native French speaker. I noticed a couple of grammatical
> mistakes in your posts as well.
You do a very good job with English and I was only giving you the benefit of the
doubt as to what exactly had been munged.
> Anyway, why not go back to your standard
> surfing activities ?
Don't fret, you're just a minor amusement that is reaching boredom status quite
rapidly. I only joined the thread in response to your rather off topic
generalization about the American "gun problem".
Of note in passing, is the way you have of attempting to draw the focus of
discussion away from any consistent theme, sorta like when you're in the woods and
spot a quail dragging a wing.
~~Bart~~
Raid Slam
>So if I agree to drive your car that is my right yes ?
Only if I gave you permission to drive it. Otherwise, it's grand
theft auto. :)
>Why do you spend your time downloading a 20 MB file which, by
>your own admission, you can't even use then ?
I've downloaded 650mb+ files, knowing ahead of time My computer
wouldn't run the application. However, I also knew a friends
computer would. In fairness Piere, I've seen your IDA software on
several good quality warez sites, but I've never downloaded it.
I've used only your demo copy a little while. When I find IDA to
be more useful to me, I'll purchase it.
>Unclear at best - ever heard of UCITA - this allows software
>developers to remotely disable unlicensed copies of their
>software.
That allows you to disable YOUR software on the host PC, it does
not grant you permission to disable the entire host nor other
applications of which you do not own, Btw, the UCITA law hasn't
actually gone into effect yet. :) Their is still much debate on
both sides if it would be legal to do so.
>Ah, at least something sensible : our legitimate customers get
>free upgrades, approximately one every two months.
Certainly an incentive to be a legit registered user. Updates are
handy.
Regards,
Raid [SLAM]
Got questions? Get answers over the phone at Keen.com.
Up to 100 minutes free!
http://www.keen.com
Raid Slam
>i don't believe he cares about what you program, raid, but since
>irok obviously went into the wild after that statement was made
>it seems clear that you despite your ability to keep them out of
>the wild, you have no intention of actually doing what is
>necessary to acheive that goal...
What irok does is iroks business, not yours. As for Goals, I've
completed the ones I actually give a fuck about.
>indeed, you didn't "lose" control, you intentionally gave it
>up...
I traded it with some friends. But you know what, I don't have to
explain jack shit to you or anybody else. I didn't do anything
illegal, immoral perhaps, but not illegal. You guys can complain
and piss and moan all you like, it means nothing to me.
>i think we'd all be happier (especially those who've been
>affected by your viruses) if you'd keep them to yourself from
>now on...
Sorry motherfucker, I ain't here to please you.
Regards,
Raid [SLAM]
"I don't need it, You don't wanna fight me. I can see that you
don't even like me. You don't even ... You don't wanna fight me.
You better believe it, You ain't nothing like me."
kurt wismer
> kurt wismer <g9k...@cdf.toronto.edu> wrote:
>
> >i don't believe he cares about what you program, raid, but since
> >irok obviously went into the wild after that statement was made
> >it seems clear that you despite your ability to keep them out of
> >the wild, you have no intention of actually doing what is
> >necessary to acheive that goal...
>
> What irok does is iroks business, not yours. As for Goals, I've
> completed the ones I actually give a fuck about.
as i said, you have no intention...
in case you haven't noticed, the above is basically a restatement of what
you've already said to randy... capability != intention => can != will...
> >indeed, you didn't "lose" control, you intentionally gave it
> >up...
>
> I traded it with some friends.
and you did so of your own free will... it was a conscious decision and
when you gave it to other people you no longer had control over what
happened to it... i know you traded it with your friends, you've already
stated that previously... you didn't lose control over it, control wasn't
placed somewhere you can't remember or taken away from you without your
permission or consent... you made a conscious choice to give up control
by sharing the virus with your friends...
> But you know what, I don't have to
> explain jack shit to you or anybody else.
certainly not to me, i already know what happened, you've explained that
before...
> I didn't do anything
> illegal, immoral perhaps, but not illegal. You guys can complain
> and piss and moan all you like, it means nothing to me.
who's complaining? i'm saying essentially the same things you've said,
only with different words...
> >i think we'd all be happier (especially those who've been
> >affected by your viruses) if you'd keep them to yourself from
> >now on...
>
> Sorry motherfucker, I ain't here to please you.
oh my, name-calling, how quaint... wonderful way to treat people who agree
with your interpretation of events and meanings... remind me not to agree
with you any more since you obviously prefer conflict...
oh, and just so you can maintain that disrespect of me that you cling to
so tenaciously - bite me...
(ps. as i've alluded to elsewhere, every strong expression of emotion that
you make is another weapon that people can use to try to hurt you... for
pete's sake, stop making such a victim of yourself, it's not an attractive
quality in a person... nobody likes a whiner...)
Randy Abrams
Patricia A. Shaffer <ra...@swva.net> wrote in message
news:i432ls4m98ls8e7qq...@4ax.com...
> On Tue, 20 Jun 2000 22:13:32 -0500, Ernest Petter <Ern...@pc-pro.com>
> wrote:
>
> >On Mon, 19 Jun 2000 06:39:54 -0700, Raid Slam wrote:
> >
> >>I traded it with some friends. But you know what, I don't have to
> >>explain jack shit to you or anybody else. I didn't do anything
> >>illegal, immoral perhaps, but not illegal. You guys can complain
> >>and piss and moan all you like, it means nothing to me.
> >
>
> Why LOL? TTBOMK, here is no law against writing or even against
> distributing computer malware.
That depends upon which country you live in. Even at that, you don't have to
break a law to incur a civil lawsuit.
>What *is* illegal is unauthorized access
> (aka computer tresspass), deleting or damaging data, DoS, etc. These
> laws are broken by the spreaders of computer malware, and then, only
> when the spreader is aware that he/she is spreading them. Unless one
> has evidence to show that the author of a particular piece of malware
> distributed it as part of a plan to spread it, i.e., distributed it with
> malice aforethought, then there is no law that applies.
Raid has supplied us with such evidence. He distributed a file (for a long
time) that urged people to spread his viruses. He has posted that he looked
forward to at least one of his viruses getting wild... and it did.
> Apparently there are a number of coders who never distribute their
> creations, or do so with great caution, to assure that the viruses,
> etc., do not get into careless or malicious hands.
That's not the end of the problem for end users. Most of the viruses in the
AV scanner databases have never been seen in the wild.
> Unless and until a
> law is enacted that forbids the writing or possession of malware, I
> think we should encourage the honorable writers and handlers to promote
> the safe handling of all viruses, etc.
We do. Delete them before they leave your PC.
> Unfortunately, there are also coders who *do* knowingly and maliciously
> release at least some of their critters, and some of them openly admit
> it. With all the media attention lately, I expect that the legal systems
> around the world are going to be taking more active measures to
> apprehend and prosecute anyone who knowingly releases a virus/trojan/
> worm into the wild.
Don't forget, Raid, bsl4, and some other virus writers believe that if any
of your patients want to use the last few months of their lives
corresponding with their loved ones by email, it's their fault if they get
infected for not using the precious time they have left to learn about
viruses.
Cheers,
Randy
Patricia A. Shaffer
<randyab...@hotmail.com> wrote:
>
>Patricia A. Shaffer <ra...@swva.net> wrote in message
>news:i432ls4m98ls8e7qq...@4ax.com...
>> On Tue, 20 Jun 2000 22:13:32 -0500, Ernest Petter <Ern...@pc-pro.com>
>> wrote:
>>
>> >On Mon, 19 Jun 2000 06:39:54 -0700, Raid Slam wrote:
>> >
>> >>I traded it with some friends. But you know what, I don't have to
>> >>explain jack shit to you or anybody else. I didn't do anything
>> >>illegal, immoral perhaps, but not illegal. You guys can complain
>> >>and piss and moan all you like, it means nothing to me.
>> >
>> >Literally LOL!
>>
>> Why LOL? TTBOMK, here is no law against writing or even against
>> distributing computer malware.
>
>That depends upon which country you live in. Even at that, you don't have to
>break a law to incur a civil lawsuit.
Ahh, yes ... I was wondering when someone would think of that. The
problem with civil lawsuits is that most civilians don't know how to
gather evidence and can't afford to fund a suit. Now, if a corporation
were to file charges ... they could afford the expense of evidence
gathering and legal fees. So ... why haven't they done so?
>>What *is* illegal is unauthorized access
>> (aka computer tresspass), deleting or damaging data, DoS, etc. These
>> laws are broken by the spreaders of computer malware, and then, only
>> when the spreader is aware that he/she is spreading them. Unless one
>> has evidence to show that the author of a particular piece of malware
>> distributed it as part of a plan to spread it, i.e., distributed it with
>> malice aforethought, then there is no law that applies.
>
>Raid has supplied us with such evidence. He distributed a file (for a long
>time) that urged people to spread his viruses. He has posted that he looked
>forward to at least one of his viruses getting wild... and it did.
Well, that is true enough.
>> Apparently there are a number of coders who never distribute their
>> creations, or do so with great caution, to assure that the viruses,
>> etc., do not get into careless or malicious hands.
>
>That's not the end of the problem for end users. Most of the viruses in the
>AV scanner databases have never been seen in the wild.
I understand that ... I'd view that as a precautionary measure, sort of
like vaccines in people.
>> Unless and until a
>> law is enacted that forbids the writing or possession of malware, I
>> think we should encourage the honorable writers and handlers to promote
>> the safe handling of all viruses, etc.
>
>We do. Delete them before they leave your PC.
That would be nice, but I doubt we are going to get full cooperation in
that endeavor. <g>
>> Unfortunately, there are also coders who *do* knowingly and maliciously
>> release at least some of their critters, and some of them openly admit
>> it. With all the media attention lately, I expect that the legal systems
>> around the world are going to be taking more active measures to
>> apprehend and prosecute anyone who knowingly releases a virus/trojan/
>> worm into the wild.
>
>Don't forget, Raid, bsl4, and some other virus writers believe that if any
>of your patients want to use the last few months of their lives
>corresponding with their loved ones by email, it's their fault if they get
>infected for not using the precious time they have left to learn about
>viruses.
Oh, I'm not forgetting that for a moment. That's why I stick my neck
out in these discussions, trying to put human faces on the victims of
malware. It's a lot harder to ignore the suffering one causes by one's
actions when the sufferer has a face.
--
Patricia
Proud Citizen of the Commonwealth of Virginia
"Anti-spammers are the immune system of the Internet." (CDR M. Dobson)
"The spam wars are about rendering email useless for unsolicited
advertising before unsolicited advertising renders email useless
for communication."(Walter Dnes/Jeff Wynn) Opt-out is cop-out! <http://www.cauce.org>
Bart Bailey
<~~~>
> Apparently there are a number of coders who never distribute their
> creations, or do so with great caution, to assure that the viruses,
> etc., do not get into careless or malicious hands. Unless and until a
> law is enacted that forbids the writing or possession of malware, I
> think we should encourage the honorable writers and handlers to promote
> the safe handling of all viruses, etc.
Very sane and rational observations.
> Unfortunately, there are also coders who *do* knowingly and maliciously
> release at least some of their critters, and some of them openly admit
> it.
Malicious intent is the villain, rather than the intellectual POC endeavor.
> With all the media attention lately, I expect that the legal systems
> around the world are going to be taking more active measures to
> apprehend and prosecute anyone who knowingly releases a virus/trojan/
> worm into the wild.
It's the propensity towards overreaction by legislators that has me concerned in this
matter as well as in other similar situations involving irresponsible use of potentially
harmful material or objects.
~~Bart~~
Dalton
his identity [not that he's done such a good job of that over the past
five years] should you arrange to meet him. I'm *sure* the FBI knows
who Raid is. Only he, or his attorney can verify this with a letter to
the FBI requesting the contents of his file under the "Freedom of
Information Act." I must admit though they won't release any info that
is part of an open or ongoing investigation.<<<<<<<<<<<<<
Quite correct...
Agt ***** *******
Department of justice
FOIA officer
Washington DC 20535
or
Agt Robert P Richardson
Chief FOIA staff
Washington DC 20340
regards Dalt