NOTICE: Check your a/v?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Two viruses found their way into my a/v protected computer this morning or
yesterday despite my running AVG and Spybot immunisation etc

Luckily AVG found them and claims to have neutralised at least one on its
scan this morning (test results says it deleted both AND mentions a third,
also in the _restore position which it moved to the vault) so hopefully
there will have been no damage done but I thought I should let people know

IRC/BackDoor.flood and Win32.Parite

I wonder if one of these is responsible for my receiving a flood of junk
email which Outlook sends straight to my deleted items bin recently? I
wonder if my computer was  being used as an e-mail client to flood the
internet with these?



Re: NOTICE: Check your a/v?

From: "news.rcn.com" <news.rnc.com>

| Two viruses found their way into my a/v protected computer this morning or
| yesterday despite my running AVG and Spybot immunisation etc
|
| Luckily AVG found them and claims to have neutralised at least one on its
| scan this morning (test results says it deleted both AND mentions a third,
| also in the _restore position which it moved to the vault) so hopefully
| there will have been no damage done but I thought I should let people know
|
| IRC/BackDoor.flood and Win32.Parite
|
| I wonder if one of these is responsible for my receiving a flood of junk
| email which Outlook sends straight to my deleted items bin recently? I
| wonder if my computer was  being used as an e-mail client to flood the
| internet with these?
|

Chances are that you downloaded the IRC Trojan that was infected by the Parite
virus.

I have seen IRC Trojans infected infected with the Parite before and I even
mentioned it in
this News Group within the last fortnite.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: NOTICE: Check your a/v?


Quoted text here. Click to load it

I hate to admit it, and under different circumstances I wouldn't but in the
last fortnight I have received some suspicious looking Postcards which I
just downloaded to my desktop and ran a.v scan on.  I was suspicious as it
was an .exe file. I thought that a real postcard should be a URL.  They
reported them as being infected so I deleted them immediately and deleted
them from my recycle bin.  One came in again (a different one) so I thought
that it was probably safe INSTEAD to go to the site to see if it was bona
fide, on the basis that if it wasn't my SpybotS&D would immunise me from the
DNS?
Quoted text here. Click to load it



Re: NOTICE: Check your a/v?

From: "news.rcn.com" <news.rnc.com>


|
| I hate to admit it, and under different circumstances I wouldn't but in the
| last fortnight I have received some suspicious looking Postcards which I
| just downloaded to my desktop and ran a.v scan on.  I was suspicious as it
| was an .exe file. I thought that a real postcard should be a URL.  They
| reported them as being infected so I deleted them immediately and deleted
| them from my recycle bin.  One came in again (a different one) so I thought
| that it was probably safe INSTEAD to go to the site to see if it was bona
| fide, on the basis that if it wasn't my SpybotS&D would immunise me from the
| DNS?

BINGO !  That's it !

It was a psuedo greeting Card in a SFX EXE file.

I don't understand this question... "...my SpybotS&D would immunise me from the
DNS? "

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: NOTICE: Check your a/v?

Quoted text here. Click to load it
I thought so but I am baffled that one can infect a computer simply by
extracting an exe file from an email message: I thought that this was an
urban myth and that you had to run the exe file to self-infect.   I think
the urban myth was that you can selfiinfect by putting your cursor above the
infected e-mail.
Quoted text here. Click to load it
What exactly does immunisation do? I thought it blocked access to
potentially dangerous URLs?
Quoted text here. Click to load it



Re: NOTICE: Check your a/v?

From: "news.rcn.com" <news.rnc.com>

Quoted text here. Click to load it
| I thought so but I am baffled that one can infect a computer simply by
| extracting an exe file from an email message: I thought that this was an
| urban myth and that you had to run the exe file to self-infect.   I think
| the urban myth was that you can selfiinfect by putting your cursor above the
| infected e-mail.


I don't know what actions were taken nor if vulnerabilities were exploited but
apparently
the EXE file was executed and you were hit by the payload.



Quoted text here. Click to load it
| What exactly does immunisation do? I thought it blocked access to
| potentially dangerous URLs?


The DLL in SpyBot S&D only blocks IE from known sites and is ONLY for IE.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: NOTICE: Check your a/v?


Quoted text here. Click to load it
I thought that this immunisation was what TeaTimer was for? I almost never
use IE. FF is so much better nowadays?
Quoted text here. Click to load it



Re: NOTICE: Check your a/v?

From: "news.rcn.com" <news.rnc.com>


| I thought that this immunisation was what TeaTimer was for? I almost never
| use IE. FF is so much better nowadays?


To get specific information, I suggest posting a query in the SpyBot Forums.
http://forums.spybot.info /

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: NOTICE: Check your a/v?

David H. Lipman wrote:

Quoted text here. Click to load it

On those rare times when I receive a "postcard" or a "greeting card"
notice, I will write back to the sending person and request they stop
having them sent to me. If there is a file instead of a link, it goes
directly to the bit bucket. And I never visit the link either.

There was a time (maybe still is) when some of the greeting card sites
were email address harvesters for spammers. They would sell both the
sender's and the recipient's address.

--
   -bts
   -Motorcycles defy gravity; cars just suck

Re: NOTICE: Check your a/v?


Quoted text here. Click to load it

Well.....there goes your Xmas present!!  And I was including a cheque
too.....LOL!!

So I will just wish you a Merry Christmas right now and forget sending
the card!!

XX  Figgs



Re: NOTICE: Check your a/v?

Heather wrote:

Quoted text here. Click to load it

Well hey!  Merry Christmas to you too, Figgs.  If I give you a snailmail
address, will you still send the cheque?

--
   -bts
   -Motorcycles defy gravity; cars just suck

Re: NOTICE: Check your a/v?


Quoted text here. Click to load it
Shoot, won't the card do?  Besides, our dollar isn't worth all that much
in Yankee Land.

XX  Figgs
--
Cigarettes are killers that travel in packs.



Site Timeline