Author Topic: Virus & spyware issues  (Read 52435 times)

0 Members and 1 Guest are viewing this topic.

Offline Johnny Redd

  • Opinions on some things
  • **
  • Posts: 72
  • Gender: Male
  • Forum Member
Re: Virus & spyware issues
« Reply #30 on: April 28, 2004, 12:24:22 am »
Not as yet.

The latest diagnosis is possibly a dodgy hard drive although the symptoms (the pc intermittently and terminally freezes on start up at various points) are apparently not that conclusive.

We soldier on!!!
 

Offline supersonic

  • Opinions on many things
  • ***
  • Posts: 113
  • Yabba-dabba-doo
Re: Virus & spyware issues
« Reply #31 on: April 28, 2004, 01:59:40 am »
Hi Johnny Redd,

I've been running Ad-Aware every other day for the past 10 days on an Athlon 2400XP+, Windows XP, 512 RAM. So far I have (as far as I can tell) safely removed 63 of the intrusive little blighters and my computer has suffered no ill effects at all, either on startup, whilst running normally or whilst running Ad-Aware iteslf. Hope my positive feedback of the program is of some reasurance to you. Good luck and hope it's not your hard drive.

(BTW - have you backed up your data? Or are you making arrangements to now, in the hope that if your hard drive is stuffed your data may none the less still be recoverable?)

supersonic
 

Offline shads

  • Opinions on many things
  • ***
  • Posts: 173
  • Thanked: 1 times
  • Gender: Male
  • Forum Member
Re: Virus & spyware issues
« Reply #32 on: April 28, 2004, 10:59:13 am »
Thanks to the info on this thread i downloaded ad-aware and removed 159 of them,and i wondered why my pc was slowing down...................so far i've had no probs but as i only did this on Sat (i.e 4 days ago)i'll let you know in due course
 

Offline sasquartch

  • Forum Moderator
  • Opinions on everything
  • *****
  • Posts: 1412
  • Thanked: 20 times
  • Brookmans Park Forum Member
Re: Virus & spyware issues
« Reply #33 on: April 28, 2004, 12:16:58 pm »
Could I also add that you should always keep Windows itself up to date using Windows Update (Make sure all CRITICAL updates are applied) as well as using an antivirus program kept up to date.

Windows Update can sometimes pose a problem in that if you don't have broadband it takes ages to download all the fixes if it hasn't been run before, but it's still worth it.

For Antivirus there are many products available, some free, however my recommendation is Norton AntiVirus. However, it's only as good as the latest definitions so make sure you keep it up to date.

Lastly you should always ensure you have a firewall of some sort. This has been covered in the forum before.

 

Offline Swan

  • Opinions on some things
  • **
  • Posts: 76
  • Forum Member
Re: Virus & spyware issues
« Reply #34 on: April 28, 2004, 07:22:48 pm »
Quote
Could I also add that you should always keep Windows itself up to date using Windows Update (Make sure all CRITICAL updates are applied) as well as using an antivirus program kept up to date.

Windows Update can sometimes pose a problem in that if you don't have broadband it takes ages to download all the fixes if it hasn't been run before, but it's still worth it.

For Antivirus there are many products available, some free, however my recommendation is Norton AntiVirus. However, it's only as good as the latest definitions so make sure you keep it up to date.

Lastly you should always ensure you have a firewall of some sort. This has been covered in the forum before.



A couple of points on this:

1. If you have a slow link then you can always order the updates on a CD from micro$oft here
http://www.microsoft.com/security/protect/cd/order.asp

2. If you are really unsure about how secure your PC is, then you can download the baseline security analyser (also by micro$oft) from here
http://www.microsoft.com/technet/security/tools/mbsahome.mspx

it runs quite slowly but is fairly thorough and also advises on how to correct any perceived faults

Godwin's Law:

As an online discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one.
 

Offline Swan

  • Opinions on some things
  • **
  • Posts: 76
  • Forum Member
Re: Virus & spyware issues
« Reply #35 on: May 04, 2004, 06:20:45 pm »
Sorry folks but more bad news, the Sasser worm is taking over the world, and this one doesn't even need you to open the email its attached to

http://www.wired.com/news/infostructure/0,1377,63320,00.html?tw=wn_tophead_7

Its worth updating because this is a nasty one, the main symptom I am seeing in the wild is PCs constantly re-booting

If you are not sure do a search for these files, if you have them you are infected:

SKYNETAVE.EXE
AVSERVE.EXE
AVSERVE2.EXE

(Edited to add info)
« Last Edit: May 04, 2004, 06:44:55 pm by Swan »
Godwin's Law:

As an online discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one.
 

Offline Largey

  • Opinions on many things
  • ***
  • Posts: 102
Re: Virus & spyware issues
« Reply #36 on: May 04, 2004, 10:19:16 pm »
Good advice,

However for those of you who are still using Win95/98 or Millennium Edition, your systems will not be affected but may show signs of degraded service.
The advice is to go to Microsoft web site (below) where you can get all the info you require and you can even test your system to see if you are infected.

http://www.microsoft.com/security/incident/sasser.asp
 

Offline Swan

  • Opinions on some things
  • **
  • Posts: 76
  • Forum Member
Re: Virus & spyware issues
« Reply #37 on: May 05, 2004, 12:48:19 pm »
Quote
Good advice,

However for those of you who are still using Win95/98 or Millennium Edition, your systems will not be affected but may show signs of degraded service.
The advice is to go to Microsoft web site (below) where you can get all the info you require and you can even test your system to see if you are infected.

http://www.microsoft.com/security/incident/sasser.asp


Yes, my mistake, I wasn't entirely clear in my earlier post, It will only fully infect the NT branch of MS operating systems, however it would appear that it can replicate on the 9x branch and then infect any NT based device on that network

A link to the Sophos site below, for a free disinfection tool
http://www.sophos.com/virusinfo/articles/sasserattack.html#removal


Godwin's Law:

As an online discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one.
 

Online Editor

  • David Brewer
  • Administrator
  • Opinions on everything
  • *****
  • Posts: 8888
  • Thanked: 137 times
  • Gender: Male
    • Media Helping Media
  • Expertises:
  • Media consultant
  • Journalism trainer
  • Walking
  • Real ale
Re: Virus & spyware issues
« Reply #38 on: June 28, 2004, 03:55:14 pm »
Quote
My recommendation is AdAware, freely downloadable for personal use.
Go to www.lavasoft.de
Make sure you check for updates after installation.
Do a scan of the whole system and remove anything it finds.


BBC News Online is running another feature on this issue. It says that ...

Quote
The audit surveyed more than 1.5m PCs over the past year and found more than 41m instances of adware, tracking cookies, spyware, trojans and other malicious programs. Despite the different names, these do the same thing - watch what's done on a PC and steal information about the user's activities.


I tried the free Ad Aware and it found 36 spyware items, which it has now removed.
The Brookmans Park Newsletter has been supporting the village and our local community since 1998 by providing free, interactive tools for all to use.
 

Offline supersonic

  • Opinions on many things
  • ***
  • Posts: 113
  • Yabba-dabba-doo
Re: Virus & spyware issues
« Reply #39 on: June 29, 2004, 02:07:22 am »
I recently found myself stuck with a particularly resistant bit of adware/malware called Roings that I could not shift. AdAware removed its registry entries but every time I restarted my browser there it was back again. Arghhhhh.  I scanned with Norton Internet Security Professional, (in normal and safe modes). I tried AdAware, SpyBot Search and Destroy, SpyWareGuard, CW Shredder etc..... Nothing shifted it!  In the end I found something in small print at the bottom of an internet page that said this little sucker is hidden and protected in XP by windows system restore. Turned it off and wham - Norton found it immediately and deleted the little s*d.

Of course I've now lost a year's worth of restore points - but my computer is now clean again - and I've freed up 2Gb of disk space. (OK, I still had 65Gb free - but every little helps!).


supersonic
 

Offline Spurs fan

  • Opinions on some things
  • **
  • Posts: 71
  • Gender: Female
  • Forum Member
Re: Virus & spyware issues
« Reply #40 on: June 29, 2004, 05:59:44 pm »
Remember to run Ad Aware frequently as it always finds something!
 

Offline supersonic

  • Opinions on many things
  • ***
  • Posts: 113
  • Yabba-dabba-doo
Re: Virus & spyware issues
« Reply #41 on: June 29, 2004, 10:07:10 pm »
Quote
Remember to run Ad Aware frequently as it always finds something!


I now have AdAware 6 Professional - which means I've been able to set AdWatch 3 to run in the background as part of start-up when I fire up my computer. I've not found any adware on my computer since I installed this program.  :)


supersonic
 

John_fraser

  • Guest
Re: Virus & spyware issues
« Reply #42 on: July 06, 2004, 12:40:31 pm »
Another nasty doing the rounds at the moment (I’ve changed the original domain name to “domain”):


Hello user  of domain.com e-mail server,

Some of  our  clients complained about the  spam (negative e-mail content)
outgoing from your e-mail account. Probably, you have been  infected by
a proxy-relay trojan server. In  order to keep  your computer safe,
follow  the instructions.

Please, read the attach for further  details.

Best wishes,
  The domain.com team                           http://www. domain.com



The mail also had a pif file which our spam and virus filters blocked, but which would probably have infected the PC with a Trojan – probably the sort of torjan the mail pretends to warn you about.

This mail was obviously fake as it was received by the guy who owns (and runs) the mail server. So he knew that it hadn’t been sent by the “domain.com” team. If you use bt, MSN, hotmail or yahoo for your mails this mail would be very convincing. The only things protecting you from a tojan would be your virus scanner and your suspicious mind. Never open attachments unless you are 100% sure of the source.
 

Offline sasquartch

  • Forum Moderator
  • Opinions on everything
  • *****
  • Posts: 1412
  • Thanked: 20 times
  • Brookmans Park Forum Member
Re: Virus & spyware issues
« Reply #43 on: July 06, 2004, 01:44:04 pm »
Good advice John.

Worth pointing out that this is just one variant of the virus doing the rounds, the text may be different but the principle the same.

Check out http://hq.mcafeeasap.com/dispVirus.asp?virus_k=101071 for more details.

As always, keep your AV definitions up to date, use a firewall and keep Windows patched with all critical updates if possible.

SQ
 

Offline Bob Horrocks

  • Opinions on everything
  • *****
  • Posts: 1555
  • Gender: Male
  • Expertises:
  • Green Belt
  • Parish Council
Re: Virus & spyware issues
« Reply #44 on: July 19, 2004, 07:54:13 pm »
Beware of the latest scam.  I have just received e-mails saying this:-

'Have you noticed your computer running slower than ever?

The reason for that may have to do with online advertisers adding SpyWare or AdWare to your computer without your knowledge. "Spyware" is a common term for files that are installed on your system without your knowledge that allow companies to monitor your Internet activity. "AdWare" is software that will show you popup ads over and over. What they don't tell you, however, is how these files can be extremely dangerous to your PC and could cause major problems with your PC.

We are offering every computer owner, including yourself, the opportunity to scan your computer to see how many "SpyWare" infections your PC has free of charge. '  This is  followed by a couple of URLs for you to click on.

I do not intend to take up this offer.

Offline Alfred the Great

  • Opinions on many things
  • ***
  • Posts: 316
  • Gender: Male
Re: Virus & spyware issues
« Reply #45 on: July 20, 2004, 12:59:34 am »
I had a similar thing this very evening, when someone purporting to be from my ISP sent a very badly spelled (spelt?) email telling me that their server had detected a large "ammount" of viruses being sent by my account, and to click here to have my system looked at.

Like Bob, I deleted this one straight away.

ATG
Confucius he say "a dog is for life not just for Christmas Dinner"
 

strata

  • Guest
Re: Virus & spyware issues
« Reply #46 on: August 02, 2004, 12:09:04 pm »
Does anyone know any good Antivirus Software? I was going to buy Norton Antivirus but the reviews are less than great at amazon.com, and its be claimed there that people have had huge problems with XP.

Thanks
 

Offline Bob Horrocks

  • Opinions on everything
  • *****
  • Posts: 1555
  • Gender: Male
  • Expertises:
  • Green Belt
  • Parish Council
Re: Virus & spyware issues
« Reply #47 on: August 02, 2004, 01:36:54 pm »
I run XP and Norton and am not aware of problems, though I do not seem to get all my e-mails.  Whether it is Norton that is stopping them or something else is a conundrum that I have yet to resolve.

It is stopping several virus-laden e-mails almost every day at the moment.  Netsky and another seem to be doing the rounds in great numbers so anti-virus software is a must.

Offline sasquartch

  • Forum Moderator
  • Opinions on everything
  • *****
  • Posts: 1412
  • Thanked: 20 times
  • Brookmans Park Forum Member
Re: Virus & spyware issues
« Reply #48 on: August 02, 2004, 02:45:25 pm »
In the organisation I support I use Norton AntiVirus.

Although this is the corporate edition it uses the same technology and virus definitions as the home edition.

I would definitely recommend Norton, we have never had a virus that it has failed to detect to my knowledge. This is just one aspect of security used.

However, a few points worth bearing in mind:

All AV software is only effective if kept updated.

Not all malicious software is a virus - use spyware detection programs too.

AV software is not a substitute for a firewall, make sure you are protected !

Make sure you regularly run Windows Update and apply all critical updates.

Use common sense, don't open emails that you are suspicious of, run unknown programs or the like.

Just as a car may be fitted with airbags, antilock brakes, traction control etc, you can still drive it at 60mph into a tree !

So I'd go ahead with Norton.
 

strata

  • Guest
Re: Virus & spyware issues
« Reply #49 on: August 02, 2004, 03:05:29 pm »
I will probably go with Norton Antivirus, but does anyone know anything about McAfee Virus Scan?
« Last Edit: August 02, 2004, 03:06:08 pm by strata »
 

Offline MC

  • Opinions on many things
  • ***
  • Posts: 178
  • Gender: Male
  • Brookmans Park Forum Member
Re: Virus & spyware issues
« Reply #50 on: August 02, 2004, 04:18:15 pm »
I know Norton is better !

:-)
 

fredw

  • Guest
Re: Virus & spyware issues
« Reply #51 on: August 04, 2004, 04:36:01 pm »
I use AVG from grisoft.  Less of a payload than both Norton and Macafee.

Major benefit is that V7 updates it defintions daily and will check for updates the first time you boot up each day if your PC was not on at the scheduled check time.

Another benfit, it is cheaper than both of them.
 

Offline sasquartch

  • Forum Moderator
  • Opinions on everything
  • *****
  • Posts: 1412
  • Thanked: 20 times
  • Brookmans Park Forum Member
Re: Virus & spyware issues
« Reply #52 on: August 04, 2004, 07:26:45 pm »
Norton AV will also check for updates each day (or whenever scheduled) as well as checking after startup if the scheduld time is missed.

I would recommend Norton as it is one of the most popular products - for this reasons the quality and promptness of updated definitions are likely to be better than other, less well known products.

You pay your money and takes your choice....

 

Offline Bob Horrocks

  • Opinions on everything
  • *****
  • Posts: 1555
  • Gender: Male
  • Expertises:
  • Green Belt
  • Parish Council
Re: Virus & spyware issues
« Reply #53 on: August 07, 2004, 03:46:20 pm »
I am getting e-mails purporting to come from greenbelt.nm@tesco.net, which is the NM Green Belt Soc address.  Norton sotfware is stopping the Beagle virus attached to it.

Please be assured that my Norton software is up to date and kept up to date regularly.  I am not sending out these bogus e-mails.  ???  Sorry if anyone else is getting them but I do not know if, or how, to stop them since they do not come from my computer.

Offline Largey

  • Opinions on many things
  • ***
  • Posts: 102
Re: Virus & spyware issues
« Reply #54 on: August 08, 2004, 05:09:11 pm »
Bob,

You can't stop them. This is a result of "worm" activity on someone elses computer that just happens to have your e-mail address in their address book.
The worm mails itself to various people in an address book and uses other peoples addresses as its own.
Paul
 

Offline Bob Horrocks

  • Opinions on everything
  • *****
  • Posts: 1555
  • Gender: Male
  • Expertises:
  • Green Belt
  • Parish Council
Re: Virus & spyware issues
« Reply #55 on: August 10, 2004, 11:44:49 pm »
Thanks Paul.  You have put my mind at rest.

Bob

Offline supersonic

  • Opinions on many things
  • ***
  • Posts: 113
  • Yabba-dabba-doo
Re: Virus & spyware issues
« Reply #56 on: October 29, 2004, 11:13:03 pm »
I see it's time again to make sure our Anti-Virus software is up to date again! Browsing the BBC website I've seen a warning about a new version of the Bagle e-mail program virus that disguises itself as a joke, and which is apparently spreading rapidly

The BBC story says the new variant is called Bagle.AT, Bagle.BB and Bagle.AU and the attachment bearing the virus code is labelled as either "joke" or "price".

Examples given of Bagle subject lines are:
Re:,
Re: Hello
Re: Hi
Re: Thank you!
Re: Thanks :)
 
They say the body of the virus usually contains nothing but a smiley or emoticon and can affect computers running Windows 95, 98, ME, NT, 2000 and XP, that users will be infected if they open the attachment, and that as well as plundering Microsoft Outlook for e-mail addresses to send itself to, Bagle.AT also tries to turn off the firewall and security centre services on Windows XP machines.

Full story here http://news.bbc.co.uk/1/hi/technology/3965721.stm


supersonic
 

Online Editor

  • David Brewer
  • Administrator
  • Opinions on everything
  • *****
  • Posts: 8888
  • Thanked: 137 times
  • Gender: Male
    • Media Helping Media
  • Expertises:
  • Media consultant
  • Journalism trainer
  • Walking
  • Real ale
Re: Virus & spyware issues
« Reply #57 on: October 29, 2004, 11:15:28 pm »
Thanks for the warning. I clicked on my Norton, it went to check for an update and came back with one. Thanks again.
The Brookmans Park Newsletter has been supporting the village and our local community since 1998 by providing free, interactive tools for all to use.
 

Offline sasquartch

  • Forum Moderator
  • Opinions on everything
  • *****
  • Posts: 1412
  • Thanked: 20 times
  • Brookmans Park Forum Member
Re: Virus & spyware issues
« Reply #58 on: October 30, 2004, 02:03:03 am »
I would urge people NOT to wait for a warning that a virus is doing the rounds but to keep their antivirus software is updated at all times.

I'd recommend checking for updates daily, say the first time you go online each day. If on broadband or other always on connection make sure the AV software automatically checks for updates daily.

 

Offline James Bentall

  • Opinions on everything
  • *****
  • Posts: 1196
  • Thanked: 27 times
  • Gender: Male
  • Keep :-)
    • Brookmans Park Newsletter
Re: Virus & spyware issues
« Reply #59 on: March 21, 2005, 07:57:59 pm »
I know a lot of the younger people in the village and surrounding area received the 'serflog' virus via MSN (cos I spent a lot of time last week trying to remove it from people's computers  :icon_scratch:) . Symantec have now released a tool for getting rid of it from your computer - unfortunately as one of the side effects of receiving the virus is that you cannot access symantec's website, I have uploaded a copy of the removal tool here:

http://www.brookmans.com/virus/

I wouldn't normally do this for every virus that comes out, but do know that a LOT of people in the village got caught out by this one! If you're not sure if you got it or not (? do you remember clicking on any odd messages you received from Microsoft Messenger last week?), there's more information about the virus here:

http://securityresponse.symantec.com/avcenter/venc/data/w32.serflog.c.html

(Mind you, if you've got it you won't be able to load that page anyway.....)

James

James Bentall, Brookmans Park, Herts.
I post in a personal capacity and not on behalf of North Mymms Parish Council
 

Tags: