Virus Alerts June 2004

New month..new thread.

If you know about a new virus, or are having issues post here for the benfit of everyone.

 

How about some tips for those of who are ill informed?

1. Have some anti-virus software on your computer. A great piece of software is AVG at www.grisoft.com. It's free and it updates frequently meaning current virus definitions. Also, if there is a virus file in the directory your exploring on the hard-drive, it will tell you(I don't know if other anti-virus software does this).

2. Have a firewall. Some viruses don't come through e-mail or executables. They just come through the internet(Sasser, blaster).
http://www.zonelabs.com/store/content/home.jsp
Zone Alarm is a superb firewall, that stops intrusions to your system and blocks malicious software from accessing the internet.

3. Keep your OS up to date. I don't know what all to do for Mac or Linux, but you need to download all the latest patches for your OS. They resolve security issues and many other things.

4. Don't use IE. Active X controls are exploited so often, it' insanity. Go for an alternative browser. For those of you on dial-up, Slim browser is small.
http://www.flashpeak.com/sbrowser/
It's only a little over one megabyte.
For those of you who have faster connections and don't mind larger files, Mozilla http://www.mozilla.org/ has two good browsers. I use firefox personaly.
Another good browser is Opera http://www.opera.com/ . It's shareware, but it still does a good job.

 

Ah! Thank you so much, Maverick!

Especially for providing alternative browsers. I loathe IE. It's been nothing but a royal pain since I've started using it.

Thanks, XaosMod, for keeping this going!

 

Virus Alert!!! It's called "Dropper". It's a Trojan that fouls up "Notepad.exe" in windows. Your best hope to get rid of it, is to Quarantine it, Delete it, and copy it back over from your Windows CD. Then you have to go into "Folder Options" and reset the extentions settings for ".txt" files.

Otherwise the threat is there.

 

I download everything to a slave drive. I scanned it, it's not there. If it's not in the executables, I'm not infected.
By the way, people, if you have a virus in an execuatble file(exe, msi, etc), you're not "infected", unless you've run the executable. You have to run the executable to get infected. Just delete the executable file.

 

Exactly, Mav. I use notepad for it's intended purpose. Notes. Doing a quick "Copy & Paste", things like that.

 

You're lacking some new-school advice.

I'll start from the basics. Virii were ONCE used by single people deeming a demise to a certain webserver, to disallow updates whilst they infected even MORE machines via their newer code. This...was done for the pure fucking fun of it.

However, now-a-days, things are a tad more complicated. Instead of a few, attention-seeking pre-teens with nothing but a box and a dream, most virii are spawned via, you guessed it...SPAMMERS. With recent implications of malware, spammers are now able to, not only advertise their promotions, but SPREAD them via OTHER'S BANDWIDTH (e.g, YOUR'S). This allows the spammer to (A)get free bandwidth (B) cause the infection-victim to repeatedly view the ads themselves and (C) cause a ruckus in the "underground" of PC'ing in the first place, drawing even more attention.

The main problem is that virii no longer spread themselves across one system, but, in fact, only infect a file at a time. This allows for the infection to be secrete from scanners. Virii now-a-days actually only infect one file for a PC, however, infect networks of 50-100 PC's over standard Internet protocols to create "Spam-Factories."

If you can't afford one of the big 3 (Norton, McAfee, Microtrend), I suggest atleast using AVG. It's a freeware scanner that offers real-time scanning and healings...the only problem is that the virii are still stored on your hard drive, but they are contained...you'll just end up with a tad bit of lost space.

The reason I bring this up is because, countless times in the past few months or so, I've actually downloaded virii, unaware, from legit, commercial websites...due to spammers literally slipping malicious code into ad banners, Flash, CGI, etc...which resulted in my removal of a HDD.

Just remember to run a "residential" or "real-time" scanner to stop virii before they spread on your comp .

 

There is a new mass-mailing virus on the loose...It often claims to be a VOICE MESSAGE or a WILD TANGENT UPDATE. It has a file extension along the lines of

link.message.file.php386.pif or something else, but it almsot always attempts to be a .pif (will appear as MS-DOS Short-Cut). I have recieved over 5000 of these in the last day at work (I'm a mail admin) McAfee and Norton are NOT up to date on it yet (you have to load their beta definitions to detect it) they may release an update early this week,otherwise it will be until thursday that they get updated.

Beware!

 

yeah, it's gettin pretty ugly out there. some viruses come in email that you don't even have to dl the attachment anymore, just open the mail and you got it.

the zonalarm definitly helps, esp. the blocking the what can get out to the internet part.

"may xvdownload.exe access the internet?"

HELL NO!