[vox-tech] [OT] Now I have a virus. Argh!!!!!

Jonathan Stickel jjstickel at sbcglobal.net
Sat Jul 17 17:20:26 PDT 2004 

Peter Jay Salzman wrote:
> Ever have the feeling that you shouldn't have gotten out of bed?
> 
> One of my systems, lucifer, is a dual boot (Debian/win2k).  The only
> thing I use win2k for is to play Serious Sam, Serious Sam Second
> Encounter, and Syberia.
> 
> My wife checks her school email, which is web based.  Apparently, Opera
> can't handle the Javascript, so when lucifer is in Linux, she uses
> Galeon and when lucifer is in win2k, she uses IE.
> 
<snip>
> I googled on one of my Linux boxes, and after a little searching, found
> that this is a worm called W32.HLLP.Kindal at MM.  I was able to verify
> some of the claimed changes the worm made to the registry, although I
> couldn't find the file that was supposed to contain the viral code.  I
> saw a mention of it in the registry, and saw the key that has it run on
> boot, but the file itself seems to be missing or isn't showing up.
> Wierd.
> 
> The only way this thing could've gotten onto my system that I can think
> of is by Internet Explorer.  This OS is used for gaming (non-online
> gaming), and checking school webmail with IE and absolutely nothing
> else.  I know that 4 "critical vulnerabilities" were announced for IE a
> couple of days ago, and another 3?  6?  a few days before that.
> 
> Anyway, that's neither here nor there.  I've never had a worm before,
> so I'm new to all this.  What's the standard procedure?  Reinstallation?
> Can "virus checkers" also erase viruses?   What is a good "virus
> checker" for this purpose?
> 

According to Symantec 
(http://securityresponse.symantec.com/avcenter/venc/data/w32.hllp.kindal@mm.html), 
this virus spreads by email and file-sharing software.  Maybe your wife 
got it by web-based email?  Anyway, Norton Antivirus would get rid of it 
for you.  You could probably use some other (free?) virus software also. 
  You may want to scan your whole machine to see if you got something 
else, too.  Do you keep up with all the windows patches?

Windows security is just awful these days.  I have some friends who use 
dialup internet with windows.  The windows updates take so long on 
dialup that they get frustrated and don't complete them.  About every 3 
months they get infected with something new.

Jonathan

More information about the vox-tech mailing list