Virus getting around
  • Help
Results 1 to 23 of 23
  1. #1
    Local Tyrant gibgib's Avatar
    Join Date
    Mar 2000
    Location
    Sunshine Coast, Queensland
    Posts
    3,528

    Virus getting around

    Be careful & update your virus scanners.
    I picked up & stopped 2 viruses yesterday via email. They have the subject "RE:".
    I got one that was from "Support" & Another from "Jon".
    Our other PC here has got it now My g/f's mum & her sister have it also.

    Advertisement


    Scan type: Realtime Protection Scan
    Event: Virus Found!
    Virus name: W32.Badtrans.B@mm

  2. #2
    Fellow Frogger!
    Join Date
    Sep 2001
    Posts
    490
    yep, gibgib I hope you didn't get one from me...

    I had my protection off, and opened up a mail with attachment - it started up an auto script and tried to propagate itself to all of my friends and clientele. BAD TRANS is the one.

    Highly embarrassing, grossly infuriating! GRRRRRR!

    The bastards!



    Backed up and reformatted yesterday just to make sure.

  3. #3
    Local Tyrant gibgib's Avatar
    Join Date
    Mar 2000
    Location
    Sunshine Coast, Queensland
    Posts
    3,528
    This PC is OK. The other one on the LAN here is not healthy. Just working on it now.
    I hope I don't need to format it too

    Also, get the latest update for your virus scanner NOW!!!
    I did both of these PC's this morning but there was another update this arvo which I didn't get on the other PC & yes... the virus got through

  4. #4
    Real cars have hydraulics DoubleChevron's Avatar
    Join Date
    May 2000
    Location
    Ballarat,Vic,Aust.
    Posts
    16,751
    hmmm,

    yeah something going on lately. I received over 20 mails from one of our clients, all with viruses attached, and all with subject lines that would have you open them. (they were subject lines from previous emails I think).

    grrrrr.
    seeya,
    Shane L.
    'Cit' homepage:
    Citroen Workshop
    Proper cars--
    '85 Series II CX2500 GTi Turbo I
    '63 ID19 http://www.aussiefrogs.com/forum/citro%EBn-forum/90325-best-project-car-you-have-ever-seen.html
    '72 DS21 ie 5spd pallas (last looked at ... about 15years ago)
    '78 GS1220 pallas
    '92 Range Rover Classic ... 5spd manual.

    Yay ... No Slugomatics


    Modern Junk:
    '07 Poogoe 407 HDi 6spd manual

  5. #5
    Gone Fishin' Ray Bell's Avatar
    Join Date
    Jun 2001
    Location
    Burpengary and Murrumburrah, Qld and NSW
    Posts
    9,223
    There's a possibility I have it too, am unable to open attachments to e.mails or access URLs sent to me by ICQ...

    Went to www.symantec.com and checked, it has a description of that virus etc... anyone wants to know, they describe how it propogates.

    I've been trying to update my virus scanner (AVG 6.0) for the past fifteen hours but have had a TCP/IP error that's stopped it from completing the job... it's going now, I hope...

  6. #6
    1000+ Posts
    Join Date
    Jul 2001
    Location
    Perth, Western Australia
    Posts
    6,665
    Yep, I've just spent two hours sorting mine out. It seemed to pick random e-mail addresses that I'd contacted, but also ones I hadn't (and had never heard of), and many returned virus warnings to me. It started to propagate pretty quickly so that I had to shut down Outlook. And last week is the first week I'd missed the auto update (it's only set up to work if I'm logged in). Not any more...

    Stuey


    2003 PEUGEOT 206 GTi

  7. #7
    Administrator GreenBlood's Avatar
    Join Date
    Mar 2001
    Location
    Brisbane
    Posts
    8,257
    Don't know if this works but someone has come up with a way to deal with worm viruses (plural?) apparently in outlook if you make a new contact with the name !0000 and virus warning as the email address, if you are sent one of these nasties it goes to !0000 as it's first attempt to multiply, because the email address is bogus it stops it in it's tracks and you will get an undeliverable mail message as a warning that you have the virus? You can now deal with it knowing that it has not been passed on, like I said I don't know if it works, so the best protection is to keep your virus software up to date.

    Cheers
    Chris

    [ 29 November 2001: Message edited by: GreenBlood ]
    74 D(very Special) >>Rejuvenation Thread<<
    08 C5 X7 HDi very Noir



    "Déesse" Roland Barthes, 'Mythologies', 1957

    The Déesse has all the characteristics of one of those objects fallen from another universe that fed the mania for novelty in the eighteenth century and a similar mania expressed by modern science fiction: the Déesse is first and foremost the new Nautilus.

    (Umberto Eco [Ed], The History of Beauty, Rizzoli, NY, 2004)

  8. #8
    Local Tyrant gibgib's Avatar
    Join Date
    Mar 2000
    Location
    Sunshine Coast, Queensland
    Posts
    3,528
    Geez it's bad this virus
    I've never had so many people effected & have been getting tainted emails all day!
    GB, that is worth a try for sure, can't hurt doing it.
    One thing I know, when you open the attachment, that very split second...the bad stuff happens
    Your system is slow to respond (busy) while it's busy sending out it's evil.
    If you think you have just executed it, disconnect from the internet FAST!
    Could save some emails going out

  9. #9
    Moderator Alan S's Avatar
    Join Date
    Mar 2001
    Location
    Queensland, Australia
    Posts
    8,923
    Has anyone heard if the powers that be have got anywhere near the source of this one?
    I know they were saying a few eeks back that they thought the choccys that were topping themselves and anyone else that happened along were capable and possibly would get into this type of capers.
    The first I heard of it was when I had reason to contact a couple of cabinet ministers and was told that State Parliament had to close down its system due to the risk of this virus, which is a bit of a worry to think these bloody nutters are capable of that kind of thing.
    They soon seemed to get it under control though
    :p

    Alan S
    If it ain't broke, use a 12" shifter.....that usually does the trick!!

  10. #10
    Gone Fishin' Ray Bell's Avatar
    Join Date
    Jun 2001
    Location
    Burpengary and Murrumburrah, Qld and NSW
    Posts
    9,223
    The AVG website has had to close for a day or two because of demand for downloads...

    I got my update in time, it seems... and it worked.

  11. #11
    rek
    rek is offline
    1000+ Posts rek's Avatar
    Join Date
    Aug 2001
    Location
    Melbourne, Vic
    Posts
    1,388
    now that you guys have mentioned it, i've received a few messages with dodgy attachments recently.

    luckily, Mr Norton fixed everything up and saved me from looking stupid

    (being the only Outlook 2000 user in a place where everyone else uses either a Unix CLI mail-reader (ugh!) or Eudora for Macintosh, any, and i mean ANY outlook-worm outbreak, is going to point straight to me! :p )
    Peter
    2008 Saab 9-3 1.9 TiD Sportcombi
    2011 Volvo C30 DRIVe 1.6D

  12. #12
    Real cars have hydraulics DoubleChevron's Avatar
    Join Date
    May 2000
    Location
    Ballarat,Vic,Aust.
    Posts
    16,751
    Hi Guys,

    yeah really unbelieveable stuff. I ended up ringing the pathlab 4times. They disconnected the PC that was sending me the virus from there network, fixed it put it back on and I received another 40 email from them in the next hour with virus's attatched. In all I received over 75 emails with virus's attached in over 12hours (that's REALLY bad considering I'm probably 1 of 1000 people in there address book!).

    I just never open anything with .vbs, .scr, .exe, .bat, .com, etc... anything executable gets deleted!.

    Luckily I've not yet been infected. However about 2weeks ago I changed over to Microsux software ie: Outlook & Internet explorer. They work much better, but I have to put up with 1/2 the sites I visit changing my default homepage to there site. That's really starting to shit me! It's the sites that you get 'redirected' to that update your default homepage. eg. You type a wrong web address and get shot to some wierdo's page...

    And without Outlook we wouldn't have this virus problem.

    seeya,
    Shane L.
    'Cit' homepage:
    Citroen Workshop
    Proper cars--
    '85 Series II CX2500 GTi Turbo I
    '63 ID19 http://www.aussiefrogs.com/forum/showthread.php?t=90325
    '72 DS21 ie 5spd pallas (last looked at ... about 15years ago)
    '78 GS1220 pallas
    '92 Range Rover Classic ... 5spd manual.

    Yay ... No Slugomatics


    Modern Junk:
    '07 Poogoe 407 HDi 6spd manual

  13. #13
    1000+ Posts
    Join Date
    Jul 2001
    Location
    Perth, Western Australia
    Posts
    6,665
    You don't even have to open the attachment. It auto executes once it's in your inbox, so if you receive it, you've got it. I got home to 20 or so e-mails sent back to me about the virus, from places the virus had e-mailed automatically on my behalf - including some friends who were NOT happy!

    Bastards.

    Stuey


    2003 PEUGEOT 206 GTi

  14. #14
    Real cars have hydraulics DoubleChevron's Avatar
    Join Date
    May 2000
    Location
    Ballarat,Vic,Aust.
    Posts
    16,751
    Stuey,

    I have a later version of Outlook. It doesn't auto-open anything.... It only takes Microsux a few years to get around to fixing these 'little' holes in the programs!.

    seeya,
    Shane L.
    'Cit' homepage:
    Citroen Workshop
    Proper cars--
    '85 Series II CX2500 GTi Turbo I
    '63 ID19 http://www.aussiefrogs.com/forum/showthread.php?t=90325
    '72 DS21 ie 5spd pallas (last looked at ... about 15years ago)
    '78 GS1220 pallas
    '92 Range Rover Classic ... 5spd manual.

    Yay ... No Slugomatics


    Modern Junk:
    '07 Poogoe 407 HDi 6spd manual

  15. #15
    Local Tyrant gibgib's Avatar
    Join Date
    Mar 2000
    Location
    Sunshine Coast, Queensland
    Posts
    3,528
    Stuey (& everyone else),
    Go to windows update & get all the critical updates it says you haven't got.
    That is a problem with Outlook but has been patched in the latest update
    http://windowsupdate.microsoft.com/

  16. #16
    1000+ Posts
    Join Date
    Jul 2001
    Location
    Perth, Western Australia
    Posts
    6,665
    Guys,

    I've got a pretty recent version of Outlook Express, plus all of the relevant updates until about a month ago. You sure this makes a difference? There's no indication of this at Trend Micro's site (www.anti-virus.com).

    Stuey


    2003 PEUGEOT 206 GTi

  17. #17
    Fellow Frogger! Ralph's Avatar
    Join Date
    Jul 2001
    Location
    Wodonga
    Posts
    928
    Why don't you fellas run Linux? If you're not logged in as root when on the net it's virtually immune to virii. It's free (as an iso image download from the distribution i.e Red Hat, Mandrake etc) but it can be a bugger to set up! You can buy it from the newsagent for about $25. I'm running Red Hat Linux 7.1 at the moment. It has everything Windoze has and there is a lot of support on the net, just type linux into Google! See <a href="http://www.redhat.com/" target="_blank">http://www.redhat.com/</a> or
    <a href="http://www.linux-mandrake.com/" target="_blank">http://www.linux-mandrake.com/</a>
    On the internet, no one knows that you are only wearing a fez.

  18. #18
    1000+ Posts
    Join Date
    Jul 2001
    Location
    Perth, Western Australia
    Posts
    6,665
    In my case I use Windows at work, and am far too lazy to learn new tools that I don't see as completely necessary. To me, computers are a great tool, but not a hobby or interest.

    Stuey


    2003 PEUGEOT 206 GTi

  19. #19
    Member
    Join Date
    Apr 2001
    Location
    Sydney, Australia
    Posts
    64
    [quote]Originally posted by GreenBlood:
    [QB]Don't know if this works but someone has come up with a way to deal with worm viruses (plural?) <hr></blockquote>

    Alas it don't work . . . .

  20. #20
    Administrator GreenBlood's Avatar
    Join Date
    Mar 2001
    Location
    Brisbane
    Posts
    8,257
    G'day Byron,

    [quote]Alas it didn't work....<hr></blockquote>

    So sounds like you've been hit and the virus was able to pass itself on. Looks like you must have been on the ball in dealing with it just the same.

    What satisfaction do these jerks get from writing and releasing this crap. Just have to be vigilant and keep updating virus definitions, and like you say, anything that looks suspicious delete without opening Thanks for your warning in your other post).

    All the best
    Cheers
    Chris
    74 D(very Special) >>Rejuvenation Thread<<
    08 C5 X7 HDi very Noir



    "Déesse" Roland Barthes, 'Mythologies', 1957

    The Déesse has all the characteristics of one of those objects fallen from another universe that fed the mania for novelty in the eighteenth century and a similar mania expressed by modern science fiction: the Déesse is first and foremost the new Nautilus.

    (Umberto Eco [Ed], The History of Beauty, Rizzoli, NY, 2004)

  21. #21
    1000+ Posts
    Join Date
    Jul 2001
    Location
    Perth, Western Australia
    Posts
    6,665
    Have a look at a fascinating account of one company's battle against hackers here:

    <a href="http://grc.com/dos/grcdos.htm" target="_blank">http://grc.com/dos/grcdos.htm</a>

    Cheers

    Stuey


    2003 PEUGEOT 206 GTi

  22. #22
    Moderator Alan S's Avatar
    Join Date
    Mar 2001
    Location
    Queensland, Australia
    Posts
    8,923
    Oh dear; what have I done?
    We were copping some of the porno/paedo type scum bags on a mailing list I have through my start.com account when a discussion came up about ways of barring them off it. The moderator doesn't want to moderate and so on, so in typical fashion I gave them a squirt on the problems I can experience in particular from the point of view of time just to have some dodo peddling this weird crap and in the process I used our Spanish flea "hahaha" as an example of how a lot of viruses seem to come via types who frequent these weirdo's sites.
    Went to my Inbox just before to find a notice from the postmaster who had received the message and froze it because they scan their e-mail and "hahaha" was mentioned.
    Best part was; the one who reported it was "Irish Health"
    Gibgib!! Do you think perhaps I should post this message under the "Humour" heading? :p

    Alan S
    If it ain't broke, use a 12" shifter.....that usually does the trick!!

  23. #23
    Local Tyrant gibgib's Avatar
    Join Date
    Mar 2000
    Location
    Sunshine Coast, Queensland
    Posts
    3,528
    Is that the 7 dwarf virus?
    That one still pops up now & then.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •