[vox-tech] [OT] Now I have a virus. Argh!!!!!

boombox boombox at cokeaholic.com
Sat Jul 17 23:05:31 PDT 2004


FYI, while on the topic of windoze


Time is not really an argument for not having antivirus on a windoze
system. These days you only have to be online for 5 minutes before a
vulnerable system will be infected with the Sasser virus. I have seen it
happen twice. Even with a firewall and http packets only, just one of the
bug reports says that IE will install malware it it’s on the page you are
on.

Tell your wife NOT to trust anyone sending her files, even if she knows
them. Since the virus you contracted spreads through email, it’s likely
that your wife downloaded the virus from her email and installed it
herself. This is, unfortunately, how a lot of viruses spread. Web mail
adds a layer of security over using one of the M$ mail clients since you
will actually have to download the virus and run it before being infected.
But ask you know now it is still possible to be infected, especially if
she doesn’t know.

Norton Internet Security has saved me a lot of time on the systems I
manage. It’s expensive, but so is my time.

Of course, if you don’t want to spring for antivirus, you could just make
sure only to boot up in windows when you are playing, since I don’t know
of any linux viruses. Makes you think


BTW while Opera is nice, it does have trouble with any kind of java.
Mozilla however, handles even complex java systems as my online banking.

-boombox


>> >My wife checks her school email, which is web based.  Apparently, Opera
>> >can't handle the Javascript, so when lucifer is in Linux, she uses
>> >Galeon and when lucifer is in win2k, she uses IE.
>> <snip>
>> >I googled on one of my Linux boxes, and after a little searching, found
>> >that this is a worm called W32.HLLP.Kindal at MM.  I was able to verify
>> >some of the claimed changes the worm made to the registry, although I
>> >couldn't find the file that was supposed to contain the viral code.  I
>> >saw a mention of it in the registry, and saw the key that has it run on
>> >boot, but the file itself seems to be missing or isn't showing up.
>> >Wierd.
>> >
>> >The only way this thing could've gotten onto my system that I can think
>> >of is by Internet Explorer.  This OS is used for gaming (non-online
>> >gaming), and checking school webmail with IE and absolutely nothing
>> >else.  I know that 4 "critical vulnerabilities" were announced for IE a
>> >couple of days ago, and another 3?  6?  a few days before that.
>> >
>> >Anyway, that's neither here nor there.  I've never had a worm before,
>> >so I'm new to all this.  What's the standard procedure?
>> Reinstallation?
>> >Can "virus checkers" also erase viruses?   What is a good "virus
>> >checker" for this purpose?
>> >
>>
>> According to Symantec
>> (http://securityresponse.symantec.com/avcenter/venc/data/w32.hllp.kindal@mm.html),
>> this virus spreads by email and file-sharing software.  Maybe your wife
>> got
>> it by web-based email?  Anyway, Norton Antivirus would get rid of it for
>> you.  You could probably use some other (free?) virus software also. You
>>  may want to scan your whole machine to see if you got something else,
>> too.

<snip>

> on the proactive side, i installed mozilla which she can use to check
> email.  in my defense, the only reason why i didn't install mozilla
> before was that i didn't figure the computer stays booted long enough in
> windows for something like this to happen.  we're talking only a couple
> of hours a day.   but apparently, it was enough!
>
<snip>


More information about the vox-tech mailing list