4 replies to this topic

[zanes]

Hi guys. Just running my new virus scanner and it looks like I have an infestation. Some of you guys are in my address book so please check for these:

W32/Parite B (this is infestation, but doesn't appear dangerous)
At least one trojan (these appear to have been contained)

I believe that these got into my system via ActiveX scripts.

1. Please raise you internet settings to High (or AT LEAST disable activeX)
2. Run a comprehensive virus scanner (somewhat worringly, NORTON picked up NONE of these.
3. Don't hate me too much

[burningbush]

Run a firewall if your not allready! virus programs do vary little since 300+ new viruses a day are created, no software can keep up w/ that updates or not,
Best protection is to be educated on file types"which ones are .exe etc."
also understanding your firewall.
Keeping your e-mail lists/adresses in a locked folder on your drive or disk saves other's a big pain in the *** if a virus or worm does get in your system.

Active x scripts are notorius for hacks ,You dont have to turn them off
I just would'nt update unless from a worthy download source,
w/ out a firewall this normally happens by itself without notice if your on line .

Thank Bill Gates and the clan for the nice tight code!!!java script:emoticon('')
A friend that works for MS told me there are something like 3 virus/messups
for every page of code for apps , that alone doesnt make life any better
for nortons etc. trying to isolate problems.

P.S. Zone alarm is free and works well for a firewall

[zanes]

Well... 2 days later and it looks like we're now sorted

Anyway.... it now appears that the worm got in through a one 2 one connection with my mates laptop (I am on a laptop.) I will be talking to him later, but it appears that the worm was not detected on his system either Neither does it appear to have jumped partitions (thank god!!!) so all my critical data is safe.

Still, it proves you can never be too careful these days. The only damage done appears to be wmp, which has stopped working (big loss there!)

[burningbush]

Well... 2 days later and it looks like we're now sorted

Anyway.... it now appears that the worm got in through a one 2 one connection with my mates laptop (I am on a laptop.) I will be talking to him later, but it appears that the worm was not detected on his system either Neither does it appear to have jumped partitions (thank god!!!) so all my critical data is safe.

Still, it proves you can never be too careful these days. The only damage done appears to be wmp, which has stopped working (big loss there!)

 

It might be a polymorphing worm "meaning it seperates it code so it cant be detected by virus software" then a week or so from now it seams its code together and raises havoc. It prob. got in through net bui if you were connected to a nother system via usb/lan cat5 etc. I'd dump all unneeded files and do a clean reformat if I were you! Then reload your necessary files keeping an eye out for corrupt files.
Also it could be hiding in your floppy cache or even boot strap file nortons and other never detect these,I promise you I learned this stuff the hard way back up important data then do a full "reformat!!"

good luck
P.

Edited by burningbush, 03 November 2004 - 11:12 PM.

[robfir]

Does anyone know which music, video and text formats (ie. MP3) can and cant carry harmfull things?