Virus problems continue

Post by **gmattson** » Tue Oct 08, 2002 2:57 pm

Since my last computer virus problem, which destroyed my computer 3 months ago, I've been very careful about making sure both computer protection systems get updated on a daily basis. However, this morning I received the following message {bottom of this post}from nctimes.com, informing me I had sent them an infected e-mail! I went to Norton's site and got their fix for this specific virus, ran the program and discovered my computer is not infected! Hmmmmmm

Apparently, someone with my email address, who has an infected machine, is sending out virus e-mail, using my gmattson@uechi-ryu.com return address.

The problem with the new computer viruses, is that they allow you to use your machine in blissful ignorance, while going about its business of sending out infected messages to everyone in your email address book.

Please. . . get a reliable anti virus program and update it daily.

Any other suggestions from you experts? Is it possible for a viurs to cover-up it's presence. . . to both you and your anti virus software? What is the best program out there?

===================================
A good place to get a free "look" and "repair" program for the latest klez viruses:
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.e@mm.html
====================

The message I received this morning:
==============================
The Anti-Virus server detected a virus that YOU tried to send to
webmaster@nctimes.com. Please contact your Systems Administrator and take
corrective actions to remove the virus from your computer before sending
future emails.

The scanned document was QUARANTINED.

Virus Information:
The attachment the.exe contained the virus W32.Klez.H@mm and could NOT be
repaired.

---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.394 / Virus Database: 224 - Release Date: 10/3/2002

[This message has been edited by gmattson (edited October 08, 2002).]

Van Canna · Post by **Van Canna** » Tue Oct 08, 2002 3:12 pm

How do I find out what version IE I have?

------------------
Van Canna

Post by **gmattson** » Tue Oct 08, 2002 4:53 pm

While in IE, click on "help' at the top of your browser, then click "about". This will give you the version. I've been using version 6 for quite a while without a problem.

------------------
GEM

Van Canna · Post by **Van Canna** » Tue Oct 08, 2002 6:01 pm

5.50 version.

Anyone recommend upgrading? Why?

Tony-San · Post by **Tony-San** » Thu Oct 10, 2002 9:57 pm

I have just, in the past few days updated IE to 6, Outlook Express to 6, SR1 to Windows 98B and also SR1 for Office 2000. I did this because I needed all the latest security fixes to guard against the new Bug Bear virus. if you havn't done this, DO IT NOW!

Guest · Post by **Guest** » Thu Oct 10, 2002 11:05 pm

Hey if it isn't broke don't fix it.

or so I thought?

I've upgraded to explore 6 three times and gone back to 5.5 each time. Just to many problems that disapeared after I went back to 5.5

I'm running 98 SE with all the upgrages and patches.

What is this Bug Bear Virus Tony? Will Norton stop it?
Laird

Tony-San · Post by **Tony-San** » Fri Oct 11, 2002 1:41 am

Bug Bear is a trojan with a built in Keylogger. Not only can someone take over your machine, they can dupe your passwords, email, credit cards, all that crap!

This guy installs itself the same way everything does in Microsoft, through the security holes in scripting.

If you've got the Windows 98 Security update installed, you're probably ok. I reccomend doing the same for office apps and IE along with OUtlook Express because they're is new options to just exclude basically all attachments. Aside from basic media files, don't bother sending an attachment to me that isn't in a Zip, Arj or Rar file because it will just get blown away.

Norton is supposed to be able to catch bug bear but the problem is, Bug Bear disables Norton and everything else, so you don't know you've got it. I reccomend going to Nortons site and following their directions for looking for it and removing it.

If you drop to your command prompt and type C:>Netstat -a

you should not see anything connected on port 36794 , if you do, you probably have this virus.

For more information, see:
http://www.symantec.com/avcenter/venc/data/w32.bugbear@mm.html

Guest · Post by **Guest** » Fri Oct 11, 2002 4:01 am

Thanks Tony, clean so far and if I send you anything it will be in a zip file.

Laird

Guest · Post by **Guest** » Fri Oct 11, 2002 8:55 pm

Well this morning windows offered me explore 6 as a critical update. Took their advice an upgraded. I'll deal with the compatibility issues down the road.

It is unfortunate that the brilliant minds that create this troublesome code do not apply themselves to more productive endeavors. Many of them might be capable of great deeds.

Laird

Tony-San · Post by **Tony-San** » Sat Oct 12, 2002 2:13 am

I don't think you'll have to many problems. If I where you, I would keep the default security settings and change zones for websites you go to often, like this one for example to "trusted". This will lower security settings on sites you hang out on.