Author Topic: Okay i could be fucked i need some info  (Read 5396 times)

Crunchy(Cracked)Butter

  • Member
  • **
  • Posts: 329
  • Kudos: 125
Okay i could be fucked i need some info
« on: 1 January 2003, 02:53 »
I have a dual boot on my laptops system, WinME and SuSE 8.1, i also have 7GB's of stuff that needs saving and i have justed purchased a firewire CD RW for writing everything to it.  Problem is, while waiting for the firewire card i rebooted the machine and a warning came up saying i was in breach of the DMCA (which i was, its my fault yeah i know).  Anyway lucky me is outside the US but i am not taking chances, some fucker took me out over the net. helpfully the warning sugests i go to www.bsa.org for info, well i *would* if my system would boot.

Anyway, i cannot access my system anymore, not even if i boot up SuSE, it seems the MBR or something has been wiped and now i have a HD full of everything that i need, this has EVERYTHING, college work, mp3's, TV shows downloaded off the net and other stuff.

Now i am most concerned about the shit i need back from the drive and trust me Void Main i'm not touching another MS OS again, its totally linux now, the MS OS cannot be trusted, i wasn't even surfing, i was on kazaa lite!

Anyway i have ordered a cable from a supplier that will allow me to fit the Laptop HD into another system (my gf's pc) so that i can get my data and copy it across and thus back it up.

Anybody see any problems with this?

If i use my legit copy of win98, it asks if i want this data removed, the installer is detecting another non DOS os and i am hopefull about this, anyway the installer won't install when i select "don't remove data", i think the cd is buggered personally because of its age.

Anyway should i have problems with it when connected up as slave on my other system, can i copy everything across?  I also have Drive Image 4 if thats any use.

Suggestions?  Yes i am a bad boy and should be spanked but i *was* going to get rid of winME once the firewire card arrived.
More importantly i don't want to lose my college work.

rtgwbmsr

  • VIP
  • Member
  • ***
  • Posts: 1,257
  • Kudos: 0
    • http://www.akgames.net
Okay i could be fucked i need some info
« Reply #1 on: 1 January 2003, 03:23 »
Sorry to have to be the one to say it, but you are fucked, that message is one of a virus.
More information:
http://vil.nai.com/vil/content/v_99924.htm

Be very fucking cautious when copying the files over, or you'll just spread it to the other PC.

Crunchy(Cracked)Butter

  • Member
  • **
  • Posts: 329
  • Kudos: 125
Okay i could be fucked i need some info
« Reply #2 on: 1 January 2003, 03:36 »
if i could get linux running then i could delete it from linux.  However my GF's pc is also dual boot so what can i do.  I take it my data is possibly safe then?

rtgwbmsr

  • VIP
  • Member
  • ***
  • Posts: 1,257
  • Kudos: 0
    • http://www.akgames.net
Okay i could be fucked i need some info
« Reply #3 on: 1 January 2003, 10:24 »
Get Knoppix on a CD, and boot your laptop. If I am not mistaken, you can burn from Knoppix. Search for the offending (infected) file, and get rid of it. Then, burn your shtuff to CD from Knoppix.

-OR-

You could just copy the files over to your GF's PC, but the virus may spread. You should copy, burn your stuff, and delete everything all in on session in Linux.

After you back up everything, you need to:
1) Clear your CMOS (If you want more info, I need to know what kind of laptop you have)
2) Do a reformat, and reinstall your OS.

-BY THE WAY-

Don't be suprised if the hard drive is blank. The virus may have erased the hard drive. The only way to know is Knoppix or hooking the HD up to another comp...

     
quote:
Yes i am a bad boy and should be spanked


I'm sure your GF would take care of that if it was necessary       ;)

[ January 01, 2003: Message edited by: The Muffin Man ]


preacher

  • VIP
  • Member
  • ***
  • Posts: 858
  • Kudos: 107
    • http://kansascity.cjb.net
Okay i could be fucked i need some info
« Reply #4 on: 1 January 2003, 14:50 »
quote:
Originally posted by Crunchy(Cracked)Butter:
I have a dual boot on my laptops system, WinME and SuSE 8.1, i also have 7GB's of stuff that needs saving and i have justed purchased a firewire CD RW for writing everything to it.  Problem is, while waiting for the firewire card i rebooted the machine and a warning came up saying i was in breach of the DMCA (which i was, its my fault yeah i know).  Anyway lucky me is outside the US but i am not taking chances, some fucker took me out over the net. helpfully the warning sugests i go to www.bsa.org for info, well i *would* if my system would boot.

Anyway, i cannot access my system anymore, not even if i boot up SuSE, it seems the MBR or something has been wiped and now i have a HD full of everything that i need, this has EVERYTHING, college work, mp3's, TV shows downloaded off the net and other stuff.

Now i am most concerned about the shit i need back from the drive and trust me Void Main i'm not touching another MS OS again, its totally linux now, the MS OS cannot be trusted, i wasn't even surfing, i was on kazaa lite!

Anyway i have ordered a cable from a supplier that will allow me to fit the Laptop HD into another system (my gf's pc) so that i can get my data and copy it across and thus back it up.

Anybody see any problems with this?

If i use my legit copy of win98, it asks if i want this data removed, the installer is detecting another non DOS os and i am hopefull about this, anyway the installer won't install when i select "don't remove data", i think the cd is buggered personally because of its age.

Anyway should i have problems with it when connected up as slave on my other system, can i copy everything across?  I also have Drive Image 4 if thats any use.

Suggestions?  Yes i am a bad boy and should be spanked but i *was* going to get rid of winME once the firewire card arrived.
More importantly i don't want to lose my college work.




This is the funniest thing Ive read in a long time. Looks like the virus writers have a good sense of humor.  The stuff about the DMCA, and the fact that you fell for it is hilarious(no offense). Im gonna spread this around a bit. It will give my friends a few laughs.
Kansas City Hustle
http://kansascity.cjb.net

Crunchy(Cracked)Butter

  • Member
  • **
  • Posts: 329
  • Kudos: 125
Okay i could be fucked i need some info
« Reply #5 on: 1 January 2003, 16:50 »
yeah shit happens i'm afraid.  Void Main did say my fingers would get burned, my fault for using a shit OS.

Knoppix is going to be a problem as i cannot get hold of it, so i will have to use SuSE.  How come this worm will spread through linux onto my GF's Windows partition?

Does this worm infect the CMOS as well?  The laptop is a NEC versa Premuim from NEC.

[ January 01, 2003: Message edited by: Crunchy(Cracked)Butter ]


rtgwbmsr

  • VIP
  • Member
  • ***
  • Posts: 1,257
  • Kudos: 0
    • http://www.akgames.net
Okay i could be fucked i need some info
« Reply #6 on: 1 January 2003, 17:18 »
About the worm:

 
quote:
which can overwrite the boot sector, delete the CMOS, and delete the contents of the hard disk


It could spread through Linux theoretically, and fuxx0r her Winblows partition and her Linux partition.

I'm assuming you're in the UK here...

If you can get into the BIOS, find an option that says "Set to Default Values" or something like that.   The key to get into the BIOS should be F1.

If it gives you any other errors, tell me, I have a list of them and what to do.

Master of Reality

  • VIP
  • Member
  • ***
  • Posts: 4,249
  • Kudos: 177
    • http://www.bobhub.tk
Okay i could be fucked i need some info
« Reply #7 on: 2 January 2003, 00:35 »
i dont think it could spread if it was in Linux.
Disorder | Rating
Paranoid: Moderate
Schizoid: Moderate
Linux User #283518
'It takes more than a self-inflicted gunshot wound to the head to stop Bob'

Crunchy(Cracked)Butter

  • Member
  • **
  • Posts: 329
  • Kudos: 125
Okay i could be fucked i need some info
« Reply #8 on: 2 January 2003, 01:37 »
I wouldn't of thought it would of spread through linux easier but i had to ask.

Muffin man:  I loaded the setup defaults and i got no errors, it doesn't look like it has touched the CMOS, i did have anti virus software on the system at the time and i did move some viruses off my system so i think it has only managed to take out my MBR.  Like i said the win98 installation did report pre existing files so i am assuming they are intact as well.  It's not as though it would read the linux partition would it?  

But it did report that it detected a non DOS OS on the HD.  Just have to see when i get this cable.

choasforages

  • VIP
  • Member
  • ***
  • Posts: 1,729
  • Kudos: 7
    • http://it died
Okay i could be fucked i need some info
« Reply #9 on: 2 January 2003, 07:21 »
just because the virus doesn't do anything to linux/*tux knows when to use protection  ;)  */ it can still infect windows machins
x86: a hack on a hack of a hackway
alpha, hewlett packed it A-way
ppc: the fruity way
mips: the graphical way
sparc: the sunny way
4:20.....forget the DMCA for a while!!!

Lindy

  • Newbie
  • *
  • Posts: 2
  • Kudos: 0
Okay i could be fucked i need some info
« Reply #10 on: 3 January 2003, 11:29 »
" i think it has only managed to take out my MBR. "


If your sure that only your MBR has been hosed you might try the fdisk /mbr trick with a windows boot disk. I'm just guessing here, but the DOS fdisk HAS to be good for something!

rtgwbmsr

  • VIP
  • Member
  • ***
  • Posts: 1,257
  • Kudos: 0
    • http://www.akgames.net
Okay i could be fucked i need some info
« Reply #11 on: 3 January 2003, 14:30 »
quote:
Originally posted by char X[11]:
KNoppix is teh wai!!!


Yeah, I suggested that, but he said he couldn't get a hold of it. See Crunchy's third post.

choasforages

  • VIP
  • Member
  • ***
  • Posts: 1,729
  • Kudos: 7
    • http://it died
Okay i could be fucked i need some info
« Reply #12 on: 3 January 2003, 15:21 »
anyway to get linux boot disks?
x86: a hack on a hack of a hackway
alpha, hewlett packed it A-way
ppc: the fruity way
mips: the graphical way
sparc: the sunny way
4:20.....forget the DMCA for a while!!!

Crunchy(Cracked)Butter

  • Member
  • **
  • Posts: 329
  • Kudos: 125
Okay i could be fucked i need some info
« Reply #13 on: 3 January 2003, 20:20 »
It doesn't matter anymore, i am totally fucked behond all fucking reprive.  I've lost everything!  How the fuck does a worm format a linux partition as well?  I've lost my linux partition as you can see.

Its not ideal but i have got a backup of my college work from a few weeks before...

Still not happy though and i am totally depressed at the rest of what i have lost.

2000 mp3's, 5 CD's worth of Simpsons and Futurama episodes all downloaded with 56k modem.  The mp3's are mine from my collection but i got to copy them all over again.

FUCKING HELL!!!

[ January 03, 2003: Message edited by: Crunchy(Cracked)Butter ]


rtgwbmsr

  • VIP
  • Member
  • ***
  • Posts: 1,257
  • Kudos: 0
    • http://www.akgames.net
Okay i could be fucked i need some info
« Reply #14 on: 3 January 2003, 20:52 »
Dood that sucks. Sorry I couldn't do much more...what kindof MP3's were they? (bands I mean) Maybe I have some of them.

Do you still have 56k? Or do you have something faster now?

When a worm goes after the base-level stuff (MBR, CMOS), anything on the computer can get fucked real quick.

Things to avoid to protect against virii:
1) Windows (duh)
2) Anything having to do with MS Office, especially Word and Outlook.
3) File sharing (especially Kazaa), and warez over file sharing.
4) Warez in general.
5) Having 1 partition with everything on it (made this mistake a while back)
6) Open ports (especially 80 nowadays)