Ford Scorpio Forum
        (https://www.fordscorpio.co.uk/cgi-bin/yabb/YaBB.pl)
      

        General >> Off Topic Subjects >> Killed by Virus
        
(Message started by: PiercedEllie on Mar 9th, 2005, 12:39pm)
Title: Killed by Virus
Post by PiercedEllie on Mar 9th, 2005, 12:39pm
Hi everyone,

Barry (waders) may well be offline for a while, as we have been killed by an extremely vicious virus that managed to evade our anti-virus stuff. He is currently trying to get it sorted, but might be a while

We have no computer at home connected to the world now :'(

Wish him well fixing it today

Ellie
Title: Re: Killed by Virus
Post by Paul_Boulden on Mar 9th, 2005, 1:13pm
Hi Ellie,
Sorry to hear of your problem, hope you sort it soon.
Any idea what the virus is called or where it came from ? If it can evade antivirus I would like to be on the lookout.
Forewarned is forearmed.
Paul Boulden
Title: Re: Killed by Virus
Post by Badboytunes on Mar 9th, 2005, 1:15pm
Hi  Ellie,
 Hope Baz manages to sort out the pc.....

          Keep us posted


Cheers Nick ;)
Title: Re: Killed by Virus
Post by Dave on Mar 9th, 2005, 1:51pm
Good luck Waders  ;D
Title: Re: Killed by Virus
Post by Mrs Phuturephantasy on Mar 9th, 2005, 2:59pm

poor b****r he must be well p....  off  try and find out what virus it is  :(  :(  :(
Title: Re: Killed by Virus
Post by Rod on Mar 9th, 2005, 4:30pm
Barry - Are you there?

Knock Knock. Can you hear us?

Sorry to hear of your virus problems mate.  Please let us know what it was.  As Paul says 'forwarned is forarmed.'
I'm running AVG Free.  It captured a nasty last week but any news of a mate getting hit makes me sick.
:-[
Title: Re: Killed by Virus
Post by Badboytunes on Mar 9th, 2005, 4:38pm
Rod, I  use AVG free as well ( d/loaded) along side norton . AVG is very good and i'd recommend. So far it has caught all of the virus's that i  have had


 Cheers Nick ;)
Title: Re: Killed by Virus
Post by Highlander on Mar 9th, 2005, 5:52pm
Condoms! Thats what I use!  ;)

Get well soon Barry
Title: Re: Killed by Virus
Post by johnv on Mar 9th, 2005, 7:15pm
my little bit. or it might be long. we will see.
On most computers you have some free versions. of anti virus.
The golden rule is never open any email or attachment that you don't know who it is. bin it without opening it. And I don't know anything about computers.

All I can say is that I got Spy-sweeper which you have to buy also Preventon firewall.

Both I find very good.

I never get popups and emails from junk emailers.
because of these systems.
That's about all I can say.
Title: Re: Killed by Virus
Post by Rod on Mar 9th, 2005, 7:25pm
Well I've got the MS firewall which comes with Windows XP but found that XP didn't recognise Norton, so I binned it and went to AVG Free download from Grisoft.com.

I was also troubled by spyware and have the free download Spybot which has cured my problems.

Now have I Murray Walker'd myself, I ask?  Hope not.

No sign of Waders yet then. :'(
Title: Re: Killed by Virus
Post by Vulcan on Mar 9th, 2005, 8:01pm
No one spyware download available on the internet will catch all spyware on your PC.
Spybot -Search and Destroy is good as is Adaware but some spyware doing the rounds is now intelligent enough to kill these processes by amending their registry HKEY's in order to stop them actually launching. Some spyware actually kills the win32 Explorer.exe and that effectively makes your PC a useless plastic box, meaning you need a full format and re-install of the Opsys.
Microsofts own antispyware is very good at the moment and I use this myself..

MSAntispy (http://www.microsoft.com/athome/security/spyware/software/default.mspx)

It has so far caught every last piece of spyware that has entered my machine. You also participate in the spynet antispyware community which flags new spyware found on your machine and sends the info back. This then means that when updates are sent regularly to users PC's all over the world that the spyware definitions are up to date.

Many people will use a firewall and think that they are adequately protected but the vast majority of users negate the firewall gradually over time. This happens because the firewall will pop up a box asking for you to make a decision on whether some exe file or other should access the internet.. the general reaction to most yes/no/cancel dialogs for the average user is to click yes to everything. You let out the probable nasty and that door is open forever. You carry on opening doors (ports) that are normally locked by default and eventually your firewall is still active but acting like a nice doorman and letting in and out all the nasties it should be stopping.

Microsofts new firewall which is beefed up in Service pack 2 asks different questions... it will say "such and such wants to access the internet, do you want to block or unblock" these type of dialogs are trying to make the user think more about their answer and get away from the "monkey" reaction to just say yes.

I am an IT professional and work in a large inner college, we have to deal with virus and spyware issues on a daily basis. I would say that I am protected as is possible in todays current internet climate but the internet is growing and expanding every day as are the threats it contains and even I would never say that I was totally protected and impervious to attack. It happens to the best of us.
Title: Re: Killed by Virus
Post by phuturephantasy on Mar 9th, 2005, 9:26pm
Well I use AVG, Zonealarm Pro version, I have Adaware and Spybot Search and Destroy which I run daily along with Spywareblaster. I used to get about a 6-7 things show up with Adaware or Spybot everyday until i ditched Internet Explorer and started using Mozilla Firefox, I still run a full test daily but never get anything. Just goes to show how easy it is for the hackers to hijack IE and hide viruses and suchlike.

Ok a few sites don't display 100% correctly but I would NEVER go back to IE, a few days getting used to Firefox and  I'm happy now.

Who are you calling Paranoid !

And for all you Highlanders out there try this -

http://tinypic.com/22fbz5
Title: Re: Killed by Virus
Post by Eddie on Mar 10th, 2005, 2:14am
It seems that these days one needs belt,braces and a bit of string! And then keep your hands in your pockets just an case they all snap at the same time.

I also run AVG,regularly updated. Also currently running a trial version of spybot.

As I am on Cable I also 'hide' behind a linksys router/firewall--Highly recommended,its like sitting in your house with the front door open otherwise.

Oh, by the way, WADERS,what web sites have you been visiting then? :-[


eddie
Title: Re: Killed by Virus
Post by Vulcan on Mar 10th, 2005, 8:04am
Eddie, I also run behind a Linksys router/hardware firewall but don't just assume you are adequately protected. Over the weekend I set up a Windows Server2003 PC on my network here at home and it too was behind the Linky, 25 seconds after I connected it up to the network and it got an IP from the DHCP server in the linky it went down with both Sasser and blaster virii. I didn't even get a chance to log onto windows Update to get the patches.

I am this morning taking it to work so that I can put it on the bench and properly eradicate all nasties before I set it up at home.
Twas quite a bummer for me, an IT pro, to get Blasted so easily. :(
Title: Re: Killed by Virus
Post by low_tom on Mar 10th, 2005, 9:59am
has anyone found any reasonable anti virus software for mac? I use safari in preference to IE,and...no i'm not gonna say about lack of trouble
Title: Re: Killed by Virus
Post by Nodge on Mar 10th, 2005, 10:27am
My son tells me there is new virus being spread by MSN Messenger. It seems you can be chatting to someone and a message will come up supposedly from the person you are chatting to (but in fact generated by the virus) asking you to click on a link in the message. Clicking on the link activates the virus. Not sure what it does to your computer but if you use MSN Messenger be on your guard.

Nodge
Title: Re: Killed by Virus
Post by Badboytunes on Mar 10th, 2005, 10:50am
Cheers Nodge.......... i'll keep my eyes open.

  Nick ;)
Title: Re: Killed by Virus
Post by Vulcan on Mar 10th, 2005, 12:16pm
There are quite a few viruses that spread via MSN messenger, the links below explain the Kelvir.B  you are talking about.

SITE (http://www.vnunet.com/news/1161784)

SITE2 (http://news.zdnet.com/2100-1009_22-5604060.html)

hth
Title: Re: Killed by Virus
Post by Badboytunes on Mar 10th, 2005, 1:58pm
Interesting reading, cheers Vulcan ;)
Title: Re: Killed by Virus
Post by PiercedEllie on Mar 10th, 2005, 3:25pm
Hello everyone,

Looks like the computer shop which Barry eventually took the computer to yesterday afternoon can ressurrect the old girl. They had to remove the hard drives, and connext them up to another computer to scan every file on them. Fingers crossed that they will be able to fix it.

I don't think you can ever fully protect yourself, as there are always new viruses, and until they have struck a number of people, the main anti-virus softwares will not have the fix. Obviously you can reduce the chances of it happening though...

Don't know what the virus was as it really decimated the PC very quickly. Maybe the computer shop will tell us once they are done.

Ellie ;D
Title: Re: Killed by Virus
Post by waders on Mar 10th, 2005, 3:45pm
Woah, what you dont want to get is TROJAN.STARTUP.

It's a self replicating, self restoring, multi page laying, multi sited, self defending, virulent, repugnant little virus that starts in the "dll" files of your antivirus software. The boffin who spent all yesterday afternoon and until 3pm today fixing my machine says he 'aint seen this sort of attack before, in fact he really wasn't sure it was fixable until 10.30 this morning, and then it took another 4 odd hours!

Looks like it was via a direct "port attack", or directed at my ISP address. By the time my antivirus sussed it, it was too late!!

I've got loads of work to catch up on, back later.

Update your software guys ;)

Boy, it's good to be here ;D

8) ;D 8) ;D 8)
Title: Re: Killed by Virus
Post by Badboytunes on Mar 10th, 2005, 3:57pm
Welcome back Barry.....
            I  have had that virus, along with with a few other trojan worms/bugs. Luckily my a/v seems to catch them in time. The worst was 160+ in under 10 mins.... that kept my AVG and Nortn busy for a bit .

   Anyhoo's welcome back M8
     Cheers Nick ;)
Title: Re: Killed by Virus
Post by Rod on Mar 10th, 2005, 4:04pm
Well, lookee here.  :o :o :o

Welcome back, Waders my mate.  Good to see you again.
:-*
Title: Re: Killed by Virus
Post by Eddie on Mar 10th, 2005, 6:44pm
I meant to warn about this earlier, Anyone here into (!) themeing thier XP installations with Wallpapers and fancy themes? BEWARE of the 'ThemeXP' website.
I dont know if they have deliberately changed thier policy or if they have been got at,but thier wallpaper and theme database is full of rubbish,trojans/virii and self installing toolbars etc.

I learned the hardway! >:(

eddie
Title: Re: Killed by Virus
Post by Rod on Mar 10th, 2005, 6:57pm
My AVG captured a virus (I only saw worms - plural) before I deleted it from the Virus Vault but I have got an IE Wallpaper in my list of Desktop backgrounds.

Eddie, thanks for the warning - but how do I delete it from my list?  I know that it is 'just on the list' but I have now decided that I don't like it and don't want it.

If you can say in simple IT duffer language, I would appreciate that.

Fanks  :)
Title: Re: Killed by Virus
Post by Vulcan on Mar 10th, 2005, 7:04pm
Barry, have you a bit more info at all on the attack?
Me and the Systems manager at work have spent the afternoon trying to find out what it could be as we need to stay appraised of new virii/trojans but we have drawn a blank.
Was it a virus or a Trojan?
You say it was a direct attack at your IP address this suggests you caught a trojan/dropper while surfing (sometimes referred to as "drive by downloads") and the trojan sat in your system activating when you went online. The h4xor who sent it out then comes online same time as you and gets a call from his trojan bot, he then proceeds to rummage with your pc in the background.
Often if these oiks find nothing of interest they may trash vital system files just out of badness or use your system to set of DDOS (Denial of service attacks) at unsuspecting websites and the trail leads back to you.

If it was a Virus that trashes the system it would be good if you could find out so that we can plan a defence at work. Staying ahead of these nasties is a full time job... :(

Thanks
Title: Re: Killed by Virus
Post by waders on Mar 10th, 2005, 7:23pm
Hi Vulcan,

The attack description you give is exactly what the computer guy said was the likely candidate, and yes, it is one that destroys your system. In my case, when the anti-virus software detected it, the anti-virus activating was the trigger (via a false Norton dialog box asking me if I wanted to delete the Trojan!).

As I said earlier, it got into the .dll files of whatever program was opened on the computer, which then opened perpetual windows of that program, eventually locking up the whole system.

The guy in the shop was most impressed at the depth the virus had got to and even he had to download some specialist tools from the net. Don't ask me what though ::)

Hope this helps

8) ;D 8) ;D 8)

Barry.
Title: Re: Killed by Virus
Post by Vulcan on Mar 10th, 2005, 7:51pm
Sounds like a bad 'un... cheers Barry we'll keep on the case, always need a vaccination for these infections. ;D


Ford Scorpio Forum » Powered by YaBB 1 Gold - SP 1.3.1!
YaBB © 2000-2003. All Rights Reserved.