worm-virus going around: System Shutdown

One of my computers yesterday had a strange virus attack.

SYSTEM SHUTDOWN (after 60 seconds)
shutdown initiated by NT Authority/System
Remote Procedure Call

So that every time I use the computer, no matter if I login or not, the
computer shuts down after about 10 minutes of use time.

I suppose Spammers were not responsible for this latest virus because
I suspect spammers really do not want to go to jail but want to sit pat
in their
living rooms making money by spamming.

I suppose some foreigner who hates the USA is responsible for this
latest
virus.

I hope Microsoft does not have a "patch" solution for I am rather tired
of
patches. I hope this virus can be fixed totally by Microsoft and not
have to
do some patching.

The law on software should be that whenever viruses like these crop up,
that
the software company should fix it without having hundreds of millions
of people fix the problem that Microsoft should have had the commonsense
of
spotting the problem before it became harmful to millions of people.

I mean, Microsoft is having profit revenue of 10 billion dollars per
month and
why should 100 million people solve a problem that Microsoft should have
spotted or realized before they sold Windows and its gaping loopholes so
that
viruses are a breeze to shutdown the system.

And spammers are not much different than people who plant viruses and
are criminals. Because both waste the time and energy and money of
millions of
people.

Archimedes Plutonium,
whole entire Universe is just one big atom where dots
of the electron-dot-cloud are galaxies

 

Perhaps you could protect yourself by using a foreign operating system.

-- Richard

 

Download and install the patch:
http://download.microsoft.com/download/9/8/b/98bcfad8-afbc-458f-aaee-b7a52a9
83f01/WindowsXP-KB823980-x86-ENU.exe

Sincerely,

Mathew Orman
www.ultra-faster-than-light.com
www.radio-faster-than-light.com

 

News coverage of the John Doe family in Connecticut and camera back in
Washington of Congresspeople in a champagne party before recess.

The Doe family has been familar with spam for over 10 years now and
wondering why Senators and Representatives never do anything about it.
The Doe children upstairs are calling for Mom over some spam in the
computer.

.......

Meanwhile in Washington the Senators and Representatives are all relaxed
sipping champagne and nibbling on foreign cheeses and raspberry whip cream
parfait.

........

In the Doe family, Mom sees that the children have opened up spam email
despite her telling them not to and that the children have now gotten the
family
in trouble be responding to spam.

.........


Meanwhile in Washington the Senators and Representatives are entertained by

the 3 tenors singing songs upon request. And the steak dinners with
potatoes
au gratin and garlic bread are served.

..........

Meanwhile at the Doe family, Mom is horrified to find that one of the spam
emails contains a virus and whether the computer now needs to be rebooted
and destroying all the work saved on that computer.

........


Back in Washington the laughter and gaiety is heard as the lazy Congress
people
are reveling in after liquors and ice cream.


........

Meanwhile at the Doe family, Father has opened up his work computer to do
some work for the evening only to find a new message of System Shutdown
initiated by NT Authority/System, Remote Procedure Call. Everytime he logs
on the computer shuts down after a few minutes.

.........

Back in Washington the Congress people are chatting about where they will
vacation the next 6 weeks, and some are talking about seeing the late movie

of the newest releases before going to bed that evening.


..........

Meanwhile at the Doe home, there is a air of quiet anger about the house in

that the USA Congress has let the condition of computers get to this stage
of deterioration where spam and viruses takes up over half of the time
spent
on computers.

Not only are Americans becoming the obese society but its Congress has
become the Lazy Legislators. A worthwhile Congress would have passed some
law against Spam by 1995. A worthwhile Congress would have passed tougher
laws on virus-creators than what we have.

Archimedes Plutonium,
whole entire Universe is just one big atom where dots
of the electron-dot-cloud are galaxies

 

Why not just bite the bullet and install an open-source operating system.
FreeBSD is rock-solid, but if you want securit *and* ease of use, try
Slackware 9. No virii, no reboots after installing software, and the comfort
of having nmap and ping so you can launch (ahem) preemptive strikes.

davidoff

 

There are some solutions that are used by ourselves, and many of our
clients.

All emails with executable attachments are deleted, and the receiver
is notified about the deletion. This is all executable extensions that
can be of exe, dll, inf, scr, zip, arc, and ect. Only JPEG, BMP, GIF,
TXT, and some other basic ones that are not executable are allowed.
All of the allowed ones are scanned.

All acceptable file types are scanned for known viruses and or
trojens, and are deleted if unacceptable. The email programs are all
set up to not auto open any attachments or auto execute any java,
xscript, or any executable code that can come embeded in an email.

All the email programs are set up to not auto preview the emails. Auto
previewing is a dangerous practice.

The users are informed that they are to delete without opening any
emails that are spams, or non business type emails. With experience
these are easy to spot.

There are systems put in to place where all the emails can be checked
before being allowed to to the user's email boxes. This will make the
need of an extra staff member just for email policing.

We get about 300+ spams and unacceptable emails average per day. It
takes time to go through these and clean them up. This is part of the
culture these days, and until something can be done about it, it has
to be done this way.

Viruses, and trojens come in mostly from opening email, and their
attachments. With the proper setups, education, and procedures, this
problem can be delt with. Make sure you are using a very good up to
date virus scanner.

Jerry Greenberg

 

Even Lao-Tsu found 2500 years ago, that where there is a
law, there are robbers and thieves.
You can spend a fortune on hounding virus writers, or you
spend 50 $ on a decent open source OS.

Rene

 

Hmm .

Personally I'd like to see the virus writers hanged by the teeth over
a pot of boiling hydrochloric acid, but thats just me . <G>

-A

 

I've sometimes wondered about that. Or rather, the Western world in
general. Sending out viruses seems like a relatively cheap, safe, and
easy way to attack the infrastructure.

 

I do not think the worm/virus gives you enough time to download anything
before it shutsdown. I guess that is why Microsoft will be sending diskettes
all over.

But I wonder if I can take my computer back to the store and get a refund
and buy a computer that does not have Instant Messenger or these other
stupid worm/virus highways.

Archimedes Plutonium,
whole entire Universe is just one big atom where dots
of the electron-dot-cloud are galaxies

 

12 Aug 2003 19:42:48 -0700

I am not a computer science expert but a greenhorn. I am not an electronics
expert but a greenhorn there also.

I think some commonsense advise is needed and put into practice. By taking
the example of the BioWorld in that you do not know what is coming down
the pike and so you buffer and insulate yourself via diversity.

It is terrible to have one type of computer in your organization and it is
terrible
for all the computers to have the same OS and software.

Jerry talks alot about email. What works for me is to have the crumbiest and
worst computer in my operation as the "email computer" and I never read email
from my other computers. They are email free. And the one email computer is one
in which I expect viruses to appear because it is easy to reboot the darn old
machine. And I never bother with upgrades unless the computer will not work
without them.

These big offices with large numbers of computers all working from the same
software and same OS and same everything else, that when a virus hits-- then
whammo-- all the computers are out. Commonsense applying the Bioworld to
computers is that you diversify so that if a virus hits, it knocks out only a
percentage of the computers and the other computers can work overtime.

Archimedes Plutonium,
whole entire Universe is just one big atom where dots
of the electron-dot-cloud are galaxies

 

Some research would help here, as it would with your spam postings. The
worm is transmitted by IP to port 135 after a random scan of IP's on the
net. It means you've received the virus over tcp/ip and DCOM when
connected to the net, nothing else, which means you're probably connected
broadband and no firewall and default settings.

 

When I scan the security update with Norton Antivirus, it tells me
that the virus contained in it is [email protected] and this makes me too
afraid to use it.

Any help, please? Perhaps giving me an official Microsoft site will
help.

(...Starblade Riven Darksquall...)

 

You can manually remove the Messenger folder.
Also make shore that you have the firewall on.

Sincerely,

Mathew Orman
www.ultra-faster-than-light.com
www.radio-faster-than-light.com

 

Yes,
that is the exact way it gets in!
With firewall on it has no chance to get in!

Sincerely,

Mathew Orman
www.ultra-faster-than-light.com
www.radio-faster-than-light.com

 

What security update ?

 

Get your terms correct. OS has a different meaning.

NOT open software. Are you talking about Open Source? Before you
harp on a software distribution method, you had better study it well.

<snip>

/BAH

Subtract a hundred and four for e-mail.

 

Sounds like you're talking about that 200K message that
claims to be a Microsoft Security Update and that you
get in unsolicited e-mail.

You're right to be suspicious. It's a virus. It was making
the rounds for a couple of months before this latest
worm. It apparently harvests e-mail addresses from newsgroups,
as it is the account I use here that is most affected. I have
to clear that account out of around 1.5M of such messages
every few days.

Is this unsolicited e-mail now claiming to be a worm fix? My
that's nasty. I recognize them by title and size and don't
read them.

http://www.microsoft.com/security/incident/blast.asp

- Randy

 

You know, after I sent my other (slightly flaming) reply to your first and
second paragraphs, I re-read the entire post... and a thought struck me...
you seem to be spouting the same party line as the worm does... are you, in
fact, the jerk that wrote the worm, maybe? Or one of his sick followers?
Was your original post not a cry for help, but rather merely a chance to
spout your anti-Microsoft agenda?

And about your nick... where do you get off using the name of such an
intelligent man if you are either incapable of following simple instructions
to protect yourself, or malicious enough to do such damage to prove a point?
I think you should change your sign-in name to stupid_sludge, or some such!
Archimedes Plutonium just doesn't suit you either way.

 

Yes the help you need is to return the computer to whomever you bought
it
from and demand that they clear your machine out of this virus and send
the bill to Microsoft. And if they refuse, then demand your money back
for the entire
computer.

It is ridiculous to have Microsoft gorging on 10 billion dollars profit
per month
because they sell shoddy and crappy products and then expect customers
to
fix their crap.

Why, on the news last night the height of ridiculousness was to see in
Texas,
people calling up home repairman that travel to your home and fix your
computer for $150. per visit. People should do the opposite and demand
that Microsoft send every owner of Windows a new disk that is not crappy
as XP.

When Johnson & Johnson has a crappy bottle lid, they don't wait for
everyone else to fix their bottle, they recall it at no expense to the
customers.

When Exxon has an oil spill, they don't wait for everyone else to clean
up the spill while they gorge on another 10 billion per month profit
stream.

When Schering Plough has a purity problem with drugs, they don't wait
around
and have others fix it at their own expense but fix it at the company's
expense
and are fined for it.

Likewise, everyone who has this Microsoft problem, then Microsoft should
send
out a disk to all owners or refund all owners of $200.

Has anyone looked at those crappy instructions on how Microsoft expects
people to clean out this virus. Here again, you have to be a computer
engineer
to follow those instructions.

I would almost bet that if Bill Microsoft had this virus on his computer
and by
trying to follow the instructions posted by Microsoft that Bill would be
unable
to clear out his machine of the virus.

I say, that Microsoft should have a website where in, at most, two
clicks and every computer with the virus will be cleaned out.

Bill is under the delusion that Americans are happy in their homes with
spending
hours trying to figure out instructions on how to rid this virus.

So, I say, have Microsoft refund every owner of Windows XP with $200
because their product is shoddy.

Microsoft should be no differently treated than Exxon, or J & J, or the
many
other companies caught with shoddy or defective products.

The burden to fix should not be the millions of victims while Microsoft
gleefully
rakes in another 10 billion in profit each and every month.

I say give Microsoft a class action suit because they continue to sell
defective
products and they expect everyone else to fix their problem.

Archimedes Plutonium
whole entire Universe is just one big atom where dots
of the electron-dot-cloud are galaxies