The saddest time of my life.

Hi people,

Before I say anything ALWAYS remember to BACKUP, as my very sad story will show.

Visual XNet 6.0 WAS at the very stages of release, when suddenly a virus attacked my system yesterday night. The virus W32.Weird infected all my executables files and other system files. And suddenly it backtp to attack other files i.e. *.DOC, *.VBP and other important files.

Sooner, I found that my project had been corrupt. Visual Basic would not start and everything was totally screwed.

I feel absolutly gutted having lost 6 months of design, development and coding of my wonderful open-source IDE which was to be released very soon. I had also sent an E-Mail to .NET Magazine (a magazine that also reviews various web development and internet applications). They were to review my product within their magazine sooner or later.

However, all hope is lost. I am very near to a break-down.

As a reminder my friends, ALWAYS BACKUP!

I am currently staring at my last memories of my IDE (the screenshots): http://www.geocities.com/visual_basic_developer/

Can you just believe it, 6 months of work, lost in a matter on minutes! :(, I hope this does not happen to anyone else.

And that virus (W32.Wierd) screwed everyone UP! You F%^$*** virus coders!!!

I tried to recover my work using Directory Snoop, however, is far to late as the virus had already done its work.

Now I am on my other system in my brothers room, and my system (Dell 1.7GHz 512MB RAM, 40GB) is being formatted and re-installed with Windows XP Pro, with NORTON SYSTEMWORKS 2002!) WHICH INCLUDES Norton ANTIVIRUS!!!

By the way,
Thanks for listening to my story (currently I am in tears looking at my screenshots (last memories))... :( :( :(
VD

:(

Geez thats harsh..... :-\
It attacked form, code module, and class files?
I had a virus a while back..... uninstalled almost all my devices, then completely muddled my Internet settings. Norton fixed the job. Luckily it didnt ruin any files. Still scary stuff, put my PC out of action for a week....

Its been a bad week for virii, trojans, and hackers... :(

To quote, The Hand, 'It makes me so mad that I want to crawl thru the cable to their PCs, grab them by the throat and choke the life out of them. '

Doesnt make anything any easier I guess..... :(

Sorry to hear that, VD. All I really can say is that you've had some bad luck and learned to make backups. I can't remember where I got it from, but there was some significant computer-related media book/magizine. It said something like: "Virus Writers: People (usually teens) that have computer ability that greatly exceeds their conscience." It's quite true.

I'll probably get flamed for saying this, but oh well.
<rant flamability="100%">
First:
This is why Windows is the worst thing ever to happen to computers. This is Microsoft's main problem. Yes, the virus writers are the ones to blame, but it's true that the courts tried to do a good thing by making MS less powerful. Linux users that program in C++ (compared to Windows users who program in VB) are at a much smaller risk of virus/hacker attacks because there are so few hackers/crackers/lamers/virus writers that actually have the knowledge and pacience to work with Linux. Not only that, but there are so few Unix users to attack.

Second: Now you're probably wondering why I have a love/hate relationship with Windows. Believe me, if I was brought up using Linux, I would despise VB and Windows. But since I've grown to love them so much, I can't let go. Switching to Linux completely would be like volunarily moving away from a city you love. It's hard. That's why I have two computers that I can switch between at leasure.

Third: Backing up data is extremely important. It can be frustrating since you don't gain anything by doing it, but just think of your losses if you don't do it.

</rant>

Not wishing to move the topic too much but I feel that I must come to Window's defence. Now, I'm not disagreeing with your comments on windows security (it sucks) but lets face it, how many people would have a home computer if Linux was the only option. None, ignoring us computer techies, that's how many. Linux, for all its recent progress in usability, is still very hard to use. Its fine as long as nothing goes wrong and you don't need to re-configure anything, but as soon as you do then it would be just as easy for a normal user to learn latin as it would for them to learn Linux. Windows has made computers available to so many more people. Whether this is a good or bad thing is, of course, another matter ;).

The other thing is that most users don't have anything worth protecting on their PCs and so don't need the huge protection of Linux. Those that do, are normally techies or businessmen. Either way, they ought to know about the importantance of data security.

You are attacked by some real old virus. :(

According to the Symantec virus info it will only damage *.exe and *.ini, but also installs a backdoor (do you run a firewall?)

W32.weird on the Symantic website (http://securityresponse.symantec.com/avcenter/venc/data/pf/w32.weird.html)

W32.weird on the Sophos website (http://www.sophos.com/virusinfo/analyses/w32weird10240.html)

You consider yourself as a well educated serious programmer, but you NEVER made a backup of your project, not even say once every 2 weeks???? :rolleyes:

very sad visual developer, i understand the shock u get for losing something u have been working for 6 months

ArnountV, u r right that this virus mostly effects *.exe, but it ahs a back door, (ill explain this with what knowledge i have, i was virus attacked once and from that day i decided to learn virus programming and know how they work and how to fight them, after all its just like vacination, once u know how the virus works u can monitor its activities and u can actually *see* it functioning) whenever u go online u open one port of ur computer, now since u are using net on a single pc, there is less possibilty that u will be using a firewall and u r vulnarable to hackers, now what i think has happened is, this virus opened ur second comm port as well and some hacker who had nuthing to do decided to take a tour of ur computer and planted his sever file in ur system folder and run it, this server file is mostly a trojan virus, this virus is bad, really BAD, not only does it effect ur *.exe, it goes for other common extensions, mostly *.doc, ur applications crushed as ur *.exe file that runs the program will not function normal again, the problem is, even if u install Norton Antivirus, beleive me it may not be able to track down the virus fast enough, by the time it tracks it, the virus will have done enough damage to ur files and sometimes these files are system files and norton will tell u that theses files cannot be repaired or quarantined and u will be prompted to delete them, and u all know once u delete systme files thats the end of ur system.....

U have lost ur data and u cannot retrieve it anymore, whats gone is gone, there is no use crying over spilt milk, but we do learn from experience.......

for safety i will advise this:

1. update ur explorer encryption ( i hope u know where to do this)
2. I use a proxy server on my pc and this proxy server acts as a firewall, u can get many online, example, www.analogx.com
3. If u can buy the orginal Norton Suite, install Norton Ghost, when u system crashes it makes a complete or partial backup of ur files ( i do use it and find it helpful)
4. Run Norton LiveUpdate every week to update on latest viruses
5. For safety purposes, break down ur harddisk into partitions ( preferably each parition should be less than 5 GB), dun save any of ur work or install softwares in Drive C, only ur OS files should be in Drive C, install all s/w in one drive and save all ur data in one drive ok?


well these are the precautions u should take, beleive me hackers are bad people who do it for fun, i will advise u people to learn basics on hacking so that u can fight back from others who will try to take advantage

Orufet u r right that its safe to use Linux as there are very little people who will think of hacking it but believe me UNIX is easier to hack then windows

a very long post this is, i din want things to happen to my buddies here, all those things that happened to me, so please take precautions, one day we will be able to fight these cyber robbers and theifs :(

Visual Developer, if u need any help please do give a shout and we will be there for u

That's terrible! It would have been so awsome. I can't even imagine how you mannaged to color all the text correctly. Did it compile programs? Maybe I'm not entirely sure what it did, but it looked great. Well if it's any consolation, I currently have about 63 viruses. Anyway, Norton Systemworks 2002 is great! You shouldn't have any more problems (although I got all these new viruses since I installed it, but then again, it might just mean that I alwayz had a lot of viruses and just didn't know it. But on the other hand, Norton has been unable to actually remove any of them; I had to quarenteen them all. On second thought, Norton sux).

(Also, I'm not sure you should be abreviating your name to VD).

first

Condolences for your data dude. They are sad, they do nothing but destroy. You create 'nuff said.

Wildwolf,

a handy bunch of tricks you suggest there. It would be great to get lots of tips like that. Could this be a possible subject area for this most illustrious forum? I am sure there many of the forums more experienced members with similar knowledge, and there are probably many less experienced members such as myself who could do with such knowledge. Any views?

Just my 2 cents worth.

I can't believe I just heard someone call Linux 'secure'. Linux has more holes than a chunk of swiss cheese. That's why it's always been the favorite child of the script kiddies. In the hands of a capable and knowledgable admin, these can be patched. But if you'll notice, virtually all the serious sites out there that run *nix run some real Unix flavor, BSD, FreeBSD, SVR4, Solaris.....

And I'm not trying to be mean, it pains me to hear of a loss like this, but anyone that doesn't backup regularly is just BEGGING to have this happen to them. :(

gallicus, virus programming is illegal and if ur caught in the act u can be prosecuted for cyber crime, so i think keeping this topic out of this part is advisable......dun mind, no hard feelings but thats my opinion :-\

I think you completely misunderstood what he said... or at least, I didn't read it like you did. I think he meant something like a sub-forum where people could share tips on protecting ones self from things like this and etc. But there are already lots of sites out there dedicated to this sort of thing...

Yes of course!:o it might give some people bad ideas! Duh!

oh iam really sorry if thats what he meant :rolleyes: , if thats what he means then it will be a great idea, iam sure there are many people out here who will like info on such things

WildWolf

Reboot knows what I orginally meant, but your point is very valid. By describing how to protect yourself I suppose you can still give people ideas how to hack.

Actually, I'm thinking the other way. I wish I was an extremely good hacker, only because it would enable me to take precaucions against hackers who intend to destroy my computer. And then I could destroy theirs instead. Besides, they deserve it anyway.

gallicus, just ask me if u have any problem, dun worry i know which parts to reveal and how much hehehe......:D

1 advice i have for everyone is whenever u r online and u norton detects a virus on ur pc, immidiately go off and restart ur system, coz the possibility is that some hacker has planted that virus in ur system and now that virus has started its activity of opening ur closed ports...watch out for such things, it might help. a fast action will save ur system

Wild Wolf

I'll keep that in mind, thanks! It is just that I want to go broadband via a cable modem soon, and I am a little scared of such file sharing software as morpheus. If I can ask you any questions when they arise that would be great!. :cool:

aha, morpheus, i use it also, but be careful man...just ask meor anyone here who can reply u :)

Maybe I shouldn't have said Linux is "secure", but you must admit that there are very few viruses that attack Unix systems compared to Windows. There may be lots of script kiddies out there who use it, but I feel much safer on Linux.

Well I'm curious how can you make your system absolutely unaccessable to hackers? I mean, nothing ever gets recieved (or at least translated) on to the computer unless it's requested. So why should it be so hard to just not let anything connect without permission? Firewalls attempt to do that, but people with firewalls can STILL get hacked!!! What gives?!

"The only safe computer is the one unplugged."

If a hacker is determined enough, he/she can do anything. There is no way to make a completely secure system, but you can get close. It's like reaching Absolute Zero; you can get really close, but you'll never quite get there.

Well I'm curious how can you make your system absolutely unaccessable to hackers? I mean, nothing ever gets recieved (or at least translated) on to the computer unless it's requested. So why should it be so hard to just not let anything connect without permission? Firewalls attempt to do that, but people with firewalls can STILL get hacked!!! What gives?!


there are malicious scripts which open up ur port, theses scripts run in a similar way to ur modem, when u connect ur opening a port, so these scripts also work like that, they open ur port (though it is open partially through which data is transferred), once the port is open, they access ur main drive where ur system files are, and implant a server file, this server file has two functions

1. it is a trojan virus and so affects all ur system files, its just like AIDS, ur body cannot resist to any disease even though if the disease is small, as far as i know none of my files infected with trojan have been cleaned from it, they r either quarantined or deleted.

2. This file contains scripts which keep track of the computers activity and the moment u open a port i.e go online, the hacker on whose name the file is running gets indication ur online and he can see all ur files, get screen shots of what ur doin and passwords.

In the case of VD, what i think is the virus attacked his sytem files and the moment he went online his ports were opened and trigger happy hacker found something to have fun with.

firewalls do help u but not completly, even firewalls that are 512 bit encrypted have been cracked.........its not a big deal but do install a firewall to be safe...

I have had several hack attempts on my machine, and this is just since I put a software firewall up. (Already had a harware firewall)

I probably had a lot more that I was unaware of before the software firewall...It might not help in every circumstance, but a firewall will help keep the 'Joe Blows' out of ur system.

And backing up...

"I have the skills to design and develop powerful business solutions using VB. I have also been working with SQL Server 7/2000. I am also studying C/C++ programming. "

I just find it extremely puzzling that someone with such computer literacy and capability in programming could... um... 'forget', or neglect, to backup in 6 months! My job is programming, and I have been programming for a couple years now. I KNOW the effects of not backing up, and I hope you have learned this too. I have not lost entire programs, because I had lost a lot of important data crashing my computer or to a virus BEFORE I started programming...so I knew firsthand the consequences of not backing up, somehwere... to external disk, another partition, or to a server.

If you want to claim that in your profile, I suggest you start using a firewall, good antivirus program, and get a CDRW/Zip etc and make frequent backups of your code. At minimum print out your source code (or just the changes) each week and file it away for safe keeping. If you do not, you will find that you will loose MUCH more important data than you have this time, in the future. Which will not look good to potential customers if they find out.

Well, anyways I think I've blabbered enough now.

BTW, I do feel for your loss... I would be devastated if I let that happen to me...

Oh man, real sorry to hear that VD. I've followed your progress
since you started talking about the IDE and was anxious to see. :(

Call me paranoid but I backup 2 or 3 times a day on a second
another PC and burn a CD every night.

I had a rude awakening a couple of years ago, 3 months of
personal stuff. Ouch, it does hurt.

Wolf -- if you suspect you are being probed/hacked/spiked then disconnection from the net is a good idea. However, rebooting is usually not the next step to take. There are many virii whose destructive payloads are activated by rebooting, so it is best to do your investigation of active processes (and service registrations) before rebooting.

Gestapo -- congratulations on your new software FW, a good step. Just a quick note, though, the alerts you receive aren't always illegitimate probes. There are several reasons you will receive a legitimate ping request, not the least common of which is an incorrect disconnection from a site you recently visited with that has timed updates on it. Just wanted to let you know, before you tried a ping-bounce-spike back to the IP which may be initiating legitimate ping requests.

Right Wolf, but you will only see those scripts if you view them or allow them to be uploaded to you. Suppose you have a computer that you don't want to get messed up, theoretically, if you never view any web-pages other than the homepage (when you log on), never accept any unauthorized transmisions from ANYONE or any type of file that doesn't meat a certain file type, then there should be no way of ever being infected, right?

Waxy, if you look at a page besides about:blank (whether it is set as your home page or not) you can be infected. However, if you only look at about:blank, why are you opening your browser in the first place? It sucks, but increasing usability increases the chances you take at being vulnerable. There are things you can do to greatly improve your chances at staying clean, but the only POSITIVE way of doing so is to not connect to the net and don't insert disks from anyone.

I believe this is a exagerration. you can only get hacked/cracked/whatever only if you have an exploit, or you run some malicious code.

for malicious code, just don't run any. peruse the contents of your .exe's, .scr's, .com's, .vbs, and the rest of the gang

as for the exploits, that's trickier, but if you stay current with the patches and don't run any new risky software *coughWinXP,IIS,andOutlookcough* you'll do just fine. Run a firewall if you're paranoid, but I find the most it does, is tell you when people try to mess with you. They shouldn't have gotten through anyways. I used to have DSL and had my computer on all day (well as much as you can be with windows :p) and no firewall, no problems.

I've heard much about web site viruses and such, where you get infected by visiting a web page. So far I haven't seen one that will actually do anything if you have activeX security set to "ask"

I'm pretty sure you'll be 100% safe. I don't see another way you can get trouble. The only thing they can do at most is disconnect ya if you're using certain modems, but that shouldn't be a big deal :)

Keltus, my response was a bit out there but it was in reply to a question of how to be POSITIVE you will not be infected. Fact is, the reason security patches are released is because holes have already been discovered and taken advantage of. You can have every current patch and be one of the unlucky early infections. (I'm sure you've read articles of individuals who contacted MS about security issues before they became a problem but were told there was no way that particular 'device' could be used, then a couple weeks later a specific piece of malware showed up to take advantage of said device? MS is reactionary as far as security is concerned, not proactive.)

There are ways of infecting an individual with an open port from a web page that seems innocuous, bottom line. Most of the time you don't need to worry about it because most attackers aren't concerned with most private citizen's information. However, the easier you make it the more likely you are to be the target. If you just rely on your internet settings in your browsing software with no additional software/hardware you really are setting yourself up.

Just because hackers are not generally interested in personal data does not mean you aren't likely to be hacked. Remember that the best way for a hacker to attack a large system is to use someone else's PC to do the dirty work. That way if it gets traced then you take to rap (unless you and your entire family have a rock solid alibi). And of course DoS attacks would not be possible without the utilisation of many innocent's PCs.

Keltus - I got infected with a mIRC worm by viewing a webpage recently, and made a few posts in the leaders board...
Here (http://www.guninski.com/javaea.html) is a link to a demo, and here (http://support.microsoft.com/support/kb/articles/Q275/6/09.ASP) is a link to a patch.

These things exist.

chief, yes I remember you told me about that. But there was a patch out for that already, and also you were running a quite new version of software, 5.5 which is known to be full of bugs

kesley, well there can be exploits found in software, but the chances that you will be infected before a patch is out, is unlikely. And if you're using some software that's been around for a while, any easy exploits will already have been dug clean. There are a finite number of holes a software can have, and if they are all fixed up, you won't have trouble.

Keltus - I'm using IE6.0 with ZoneAlarm Pro... no warnings, no nothing. Kabooom.....

And yes, there was a patch, the hole was discovered in October, but lets face it, how many home users will check the MS site daily for the five or so patches that are released for their buggy products?

kesley, well there can be exploits found in software, but the chances that you will be infected before a patch is out, is unlikely. And if you're using some software that's been around for a while, any easy exploits will already have been dug clean. There are a finite number of holes a software can have, and if they are all fixed up, you won't have trouble.IMHO... this is very naiive. You may well be infected after the patch is out, but you wont know about the patch unless you check daily as I said above...
There are a finite number of holes? True... but they will never all be found, so in theory, the number is infinite, because there could always be one more. To that effect, no software is ever secure.

To be completely secure, you would have to spend so much time searching for and downloading all the patches for your ten or so programs that you wouldn't get any time to use them...

IE 6 is quite new imho

and many patches have new update checking, so it shouldn't be a big problem

and how do you know not all the holes in a program can't be found? I doubt there are any bugs in Notepad.exe, I would hedge my bets there aren't any more holes in IE 5

How do you know? Because you can never be sure that all code is completely secure. I know for something like Notepad this might not apply, but there'll be a way to make it crash somehow... perhaps not giving over system control, but it is crashable.

Yes IE6 is new, but its the latest version!! They're supposed to be the most secure!!
As to no more holes in 5.5... I would't bet on it. Its not safe.. heh ;) (pun intended..)

Alright, perhaps some programs will be solid - ie Notepad, but theres enough holes in 5.5 to remove the need for any more.. loo here, at Gununski.com (http://www.guninski.com/browsers.html)