Whatever is left over from the archives of the old Raganuga.Com forums after most of the substantial threads were moved to the relevant areas of the main forums.
VIRUS ALERT - Swen gone berserk
Madhava - Sat, 20 Sep 2003 01:17:46 +0530
Today I have received 20 copies of Swen from Jagadananda. Be on guard. There are two visual variations out there, one looks like a bounced mail with an attached file, the other is camouflaged to look like a Microsoft-sent patch for security vulnerabilities. Whatever you do, don't open these files! Just delete them straight away.
http://securityresponse.symantec.com/avcen....swen.a@mm.htmlhttp://www.f-secure.com/v-descs/swen.shtmlThe sender and subject line vary, though sender is commonly "microsoft", "msn" or "postmaster", or a variant of these.
F-Secure offers a free utility for getting rid of Swen, available from the page given above.
I recommend updating your virus definition databases at least every three days for the time being. Nowadays the internet is swarming with viruses.
Madhava - Sat, 20 Sep 2003 01:22:26 +0530
Oh yes: Rule #1: Never open attached files from an unknown origin. Even if from a known origin, if the file extension is .pif, .exe, .com, .scr, .bat or anything other you can't recognize for that matter, it is highly probable that you are dealing with a virus here. If you suspect that the file may, though unsolicited, still be something that is actually meant for you, write to the sender of the mail and double check whether he meant to send such a file to you.
adiyen - Sat, 20 Sep 2003 05:59:27 +0530
Thanks, Madhava. I already deleted the two emails. They did look suspicious. I guess someone has targeted us here on this site.
Madhava - Sat, 20 Sep 2003 06:30:21 +0530
QUOTE(adiyen @ Sep 20 2003, 12:29 AM)
Thanks, Madhava. I already deleted the two emails. They did look suspicious. I guess someone has targeted us here on this site.
Nah, nothing to do with this site. One of us gets the virus, he has the others' addresses in his address book, and off we go. Nobody targets massive worms which spread around. They just crawl in wherever they can.
Jagat - Sat, 20 Sep 2003 18:03:50 +0530
On Madhava's advice, I appealed to F-Secure, and this shining knight has detroyed the evil worm.
It is now giving me hourly prompts to update for new viruses. Thanks Madhava. My apologies to all who may have received infected emails from my server on account of my foolishness.
Madhava - Sat, 20 Sep 2003 18:08:59 +0530
I'm glad to hear you got rid of it.
Tamal Baran das - Sat, 20 Sep 2003 18:28:23 +0530
I got virus too,i don't know what have happened,but PC is slower a bit.Maybe that's because of amount of traffic today.Mighty British Telecom did erase virus before it came to me,and they did send me a message to inform me about that.This is the message they sent to me:
This message has been processed by BTopenworld Email Protection Service powered by Brightmail Anti-Virus using
Symantec's Norton AntiVirus Technology.
The file glbtvtm.exe attached to this message was found to contain the malicious virus Worm.Automat.AHB and has been removed by BT Openworld Email Protection Service powered by Symantec.
For more information on anti-virus tips and technology, visit
http://www.brightmail.com/antivirus .
Madhava - Sun, 21 Sep 2003 01:00:54 +0530
You have a guardian angel there.
A bit of vocabulary review: "I got the virus" - "I was infected"; "I received the virus" - "The virus came into my inbox, but I wasn't infected (yet)."
PC is slower in general, or just the internet is slower?
Tamal Baran das - Sun, 21 Sep 2003 20:44:35 +0530
Thanks Madhava.
I think internet is the case.Bit slower downloading of pages.I don't really know what to do.
Madhava - Sun, 21 Sep 2003 21:05:44 +0530
If it's a bit slower, I'd attribute it to congested networks caused by the worms going around, nothing you could change.
Madhava - Mon, 22 Sep 2003 00:50:43 +0530
http://edition.cnn.com/2003/TECH/internet/...reut/index.htmlNow that we're at it, let me remind everyone again that
you need to update your virus program at least on a weekly basis. Raksishyatiti vishvaso does not mean that you must neglect protecting your PC in hopes that Krishna will come and hunt down the viruses swarming all over your hard drive. I keep being amazed over how people think that it is not necessary to update virus programs, or worse even, that it is too much trouble! It is not a good idea to learn it the hard way around that there is much more trouble involved in cleaning up your system and trying to recover your lost work (which of course you did not backup, because backups are maya, because we only depend on Krishna) than there is in keeping your system up to date.
Madhava - Mon, 22 Sep 2003 00:58:52 +0530
For those of you using Windows, please note:
QUOTE
A security issue has been identified that could allow an attacker to remotely compromise a computer running Microsoft® Windows® and gain complete control over it. You can help protect your computer by installing this update from Microsoft.
Microsoft has been issuing warnings like this practically on a monthly basis.
QUOTE
"We really haven't done everything we could to protect our customers ... Our products just aren't engineered for security."
- Brian Valentine, senior vice president of Microsoft Windows dev.
In essence, Microsoft keeps discovering new security holes in their product, and release patches whenever they solve the problems. Now,
you need to keep your operating system up to date, lest you leave yourself open for a wide variety of exploits. To do this, visit the following website on a regular basis and download and install whatever patches the site recommends for you:
http://windowsupdate.microsoft.com/
Enough ranting for now I suppose.
Attachment:
Govindaram - Mon, 22 Sep 2003 02:16:27 +0530
Hare Krishna
I open e-mails which start with Hare Krishna or Radhe Radhe
more quicker, and delete e-mails without thinking which start with-out Haribol!
Best way really
adiyen - Mon, 22 Sep 2003 06:42:23 +0530
QUOTE(Govindaram @ Sep 21 2003, 08:46 PM)
Hare Krishna
I open e-mails which start with Hare Krishna or Radhe Radhe
more quicker, and delete e-mails without thinking which start with-out Haribol!
Best way really
Govindaramji,
Sorry to say that is not always a good guide.
My unprotected last computer was wiped out by a worm virus 2 years ago which arrived with a picture of Raghunath Das Gosvami. I opened it thinking a devotee was sending me something nice. That's why I worry now about being targetted. Still be careful!
Hare Krishna!
Madhava - Mon, 22 Sep 2003 16:52:35 +0530
Yes, it is not at all uncommon for a virus to snatch a subject line from an existing e-mail, and if all you have in your inbox is "haribol" and "radhe radhe", then that's what it'll pass on.
Besides, deleting all besides "haribol" mails gets you rid of many letters you need to receive, such as possible messages from your internet service provider, and so forth.