l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 5: Social gathering
Next Installfest:
TBD
Latest News:
Jul. 4: July, August and September: Security, Photography and Programming for Kids
Page last updated:
2004 Jul 17 23:09

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] [OT] Now I have a virus. Argh!!!!!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] [OT] Now I have a virus. Argh!!!!!



On Sat 17 Jul 04,  5:20 PM, Jonathan Stickel <jjstickel@sbcglobal.net> said:
> Peter Jay Salzman wrote:
> >Ever have the feeling that you shouldn't have gotten out of bed?
> >
> >One of my systems, lucifer, is a dual boot (Debian/win2k).  The only
> >thing I use win2k for is to play Serious Sam, Serious Sam Second
> >Encounter, and Syberia.
> >
> >My wife checks her school email, which is web based.  Apparently, Opera
> >can't handle the Javascript, so when lucifer is in Linux, she uses
> >Galeon and when lucifer is in win2k, she uses IE.
> >
> <snip>
> >I googled on one of my Linux boxes, and after a little searching, found
> >that this is a worm called W32.HLLP.Kindal@MM.  I was able to verify
> >some of the claimed changes the worm made to the registry, although I
> >couldn't find the file that was supposed to contain the viral code.  I
> >saw a mention of it in the registry, and saw the key that has it run on
> >boot, but the file itself seems to be missing or isn't showing up.
> >Wierd.
> >
> >The only way this thing could've gotten onto my system that I can think
> >of is by Internet Explorer.  This OS is used for gaming (non-online
> >gaming), and checking school webmail with IE and absolutely nothing
> >else.  I know that 4 "critical vulnerabilities" were announced for IE a
> >couple of days ago, and another 3?  6?  a few days before that.
> >
> >Anyway, that's neither here nor there.  I've never had a worm before,
> >so I'm new to all this.  What's the standard procedure?  Reinstallation?
> >Can "virus checkers" also erase viruses?   What is a good "virus
> >checker" for this purpose?
> >
> 
> According to Symantec 
> (http://securityresponse.symantec.com/avcenter/venc/data/w32.hllp.kindal@mm.html), 
> this virus spreads by email and file-sharing software.  Maybe your wife got 
> it by web-based email?  Anyway, Norton Antivirus would get rid of it for 
> you.  You could probably use some other (free?) virus software also. You 
>  may want to scan your whole machine to see if you got something else, too.  
> Do you keep up with all the windows patches?
 
yeah, i actually do.   i see there was a free anti-virus suggestion
made.  i'll give that a whirl first.

from info i found on the web, i've disabled the virus from starting on
boot, but there's probably dormant copies of it laying around, so i
definitely need to scan the system.

on the proactive side, i installed mozilla which she can use to check
email.  in my defense, the only reason why i didn't install mozilla
before was that i didn't figure the computer stays booted long enough in
windows for something like this to happen.  we're talking only a couple
of hours a day.   but apparently, it was enough!

> Windows security is just awful these days.  I have some friends who use 
> dialup internet with windows.  The windows updates take so long on 
> dialup that they get frustrated and don't complete them.  About every 3 
> months they get infected with something new.

i know a woman from work whose win XP system was trahsed by windows
update.  she swore to never use the win update again.   very
unfortunate....

pete

-- 
In theory, theory and practise are the same.  In practise, they aren't.
GPG Instructions: http://www.dirac.org/linux/gpg
GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.