Author Topic: If you are running Windows, please read  (Read 2790 times)

Sanvean

  • Posts: 2720
    • My Website
If you are running Windows, please read
« on: February 17, 2003, 08:19:46 PM »
In the past week or so, I've been getting virus-caused emails at a rate of 4-5 a day. The spoofed return addresses include:

www.appiangraphics.com
b_vbosch@hotmail.com
alhowk@yahoo.com
admin@harshlands.net
rslelf@cs.com
Stardrops002@aol.com
nmehrzad@LVCM.COM
NFlood@genbrew.com
zein@rochester.rr.com
cendells_armor@hotmail.com

If you are running Windows and any of the above emails look vaguely familiar, please, for the love of God, run a virus checker. Your machine has been compromised. Even if they don't look familiar, running a virus checker is a -good- idea. Viruses can alter your machine settings, destroy information, allow others access to your machine without your knowledge, and do all manner of other nasty things.

Sephiroto

  • Posts: 2830
If you are running Windows, please read
« Reply #1 on: February 17, 2003, 08:44:09 PM »
I recomend PC-illin.  I run mine once daily.

John

  • Posts: 4240
If you are running Windows, please read
« Reply #2 on: February 18, 2003, 02:11:01 AM »
Would using a web-based e-mail (e.g. hotmail) HELP protect against this sort of thing? (I'm assuming so, but I'll just double check ;)).

ALSO for the love of god. DO NOT keep an address book. This is how A LOT of virus's propogate. Use a notepad file or something. ;)

  • Guest
If you are running Windows, please read
« Reply #3 on: February 18, 2003, 10:19:30 AM »
A good tip I saw for address books is this... put an entry, with a name aaaaaaaa, aaaaaaaaaa      aaaaaaa@aaaaaaa.com  That way, it's at the top of your address book, so you sometime -may- spare others, but if does send to your entire address book, it gets bounced back. I don't know where I picked this up, probably from Sanvean though, you know, with her useful virus tips.

Glowworm

  • Posts: 69
I'm infected!!!
« Reply #4 on: February 18, 2003, 11:22:03 AM »
Alright, so I ran the virus scan and it turns out I have 5 infected files.  When I looked them up on their virus encyclopedia, though, they weren't described as self-propagating ones - just ones that could allow someone to remotely access my computer.  Problem is, though, how the heck do I remove them?!@  I tried using the cleaner on the online scan, but all the files were "non cleanable", I downloaded pc-cillin and ran tsc.exe and it didn't get rid of them, and I downloaded systemclean from the website and ran it and that couldn't get rid of them.  Furthermore, I can't install pc-illin until they're off my system because it won't let me complete the install.  Any advice anyone can provide would be appreciated.

Meep

  • Posts: 135
If you are running Windows, please read
« Reply #5 on: February 18, 2003, 12:11:35 PM »
Try Fprot... also make sure your virus scan software is updated. Most virus scanners provide a function to update the virus files.
lt;Varak> "If my theory proves correct, weezers and dwarves, due to their similar evolutionary environment, should join in a symbiotic relationship in extended isolation."

  • Guest
If you are running Windows, please read
« Reply #6 on: February 18, 2003, 12:16:48 PM »
A friend of mine recently found like.. 1800 infected files on his computer. Now -that- sucks.

Glowworm

  • Posts: 69
If you are running Windows, please read
« Reply #7 on: February 18, 2003, 03:42:30 PM »
I downloaded FPROT and installed it.  It scanned faster than the other systems, but it still didn't remove the files (I tried using the manual "disinfection").  It suggested that I delete them directly, so I ended all programs running on my computer using taskmanager (except explorer) and tried to delete the infected file manually...without sucsess.  Either they're still being used in a running program, or they're write protected (ugh!).  Is there a chance that there are running programs that don't show up on taskmanager (like hidden filetypes)?  Any other suggestions?  

Thanks for the help!

Anonymous

  • Guest
If you are running Windows, please read
« Reply #8 on: February 18, 2003, 04:07:44 PM »
Quote from: "Glowworm"
I downloaded FPROT and installed it.  It scanned faster than the other systems, but it still didn't remove the files (I tried using the manual "disinfection").  It suggested that I delete them directly, so I ended all programs running on my computer using taskmanager (except explorer) and tried to delete the infected file manually...without sucsess.  Either they're still being used in a running program, or they're write protected (ugh!).  Is there a chance that there are running programs that don't show up on taskmanager (like hidden filetypes)?  Any other suggestions?  

Thanks for the help!


You should be able to change all read-only (write protected) files by either browsing to them in explorer and right clicking -> Properties and unchecking Read Only.  Or you could use attrib.exe from the commandline (help attrib)

I'm assuming you are running windows here....

If you are running Something other than NT, 2000 or XP you can write down the offending files, reboot into safe mode commandline only and delete them manually.

If you are running NT, 2000 or XP you can use the task manager to kill off all possible running processes and then try again.

EDIT - I should have been more clear.  There is, within NT, 2000 or XP, multiple task manager tabs, one is Applications, the other is processes.  You may have multiple running processes but nothing listed under Applications.

creeper386

  • Posts: 2583
If you are running Windows, please read
« Reply #9 on: February 18, 2003, 04:19:28 PM »
Oh, also. If you find you have a virus, know the name of it, can ussually do a search here and there and can more often then not find a way to manualy remove it with basically similar process as above. I've had to do that a few times because couldn't get a virus scan to clean them out. SHRUG.


Creeper who needs to get an up to date virus protection.
21sters Unite!

If you are running Windows, please read
« Reply #10 on: February 18, 2003, 10:09:32 PM »
I'm so sorry! One of those emails is mine, and three of those are friends of mine (which I infected). I'm trying to control it, it's the Klez. E virus or something, but I don't know what to do. Hopefully I'll get things under control during the week... My computer is evil, what can I say? Sorry Sanvean, and everyone else.
EvilRoeSlade wrote:
Quote
You find a bulbous root sac and pick it up.
You shout, in sirihish:
"I HAVE A BULBOUS SAC"
Quote
A staff member sends:
     "You are likely dead."

Angela Christine

  • Posts: 6595
If you are running Windows, please read
« Reply #11 on: February 18, 2003, 10:30:27 PM »
Assuming it is your home computer rather than one at school or work, try downloading the free virus scanner http://www.grisoft.com/html/us_downl.htm
It works for me.

Angela Christine
Treat the other man's faith gently; it is all he has to believe with."     Henry S. Haskins