Another Virus Alert

“I had a friend of mine e-mail me with some very strange e-mails. I asked her what they were about and she said that she has a virus that e-mails people all kinds of things from her files. I didnt think I had it until the presdent of my company informed me that I have been e-mailing a man in Ca. 50 to 60 times a day. He called him to tell him this. I saw a copy of the e-mail and it is a invite that I rec'd last christmas. company had to install a whole new Anti Virus to get read of this thing. If you rec. something like that do not open it because its not worth it.”

“A woman I know professionally had a computer virus. It sent me an attachement entitled "me_naked." Its a good thing it wasn't from someone I might expect to get something like that from, or I might not have been suspicious.”

“"me_naked" was a trojan.

I got it from my mom and opened it. What does that say about me?”

“That you are strange!

8)”

“The past three days, I have been getting a NAV alert on email before I even open it. When I scroll down to it (to delete the email before I ever open it), I get a message of a download and NAV kills it.

This is the first time I have seena anything try to download when I don't even open up the email.”

“"seen" without the "a"...”

“Does NAV have a log somewhere you can examine and figure out which virus it is?”

“yes, today's log shows: an.exe,,,6.bat,,,heig.exe,,,

the logs for the last two were heig.exe”

“A search of the Symantec site is coming up empty for those filenames...I wonder if they've heard of this one yet. Can you tell who the email is coming from?”

“have you talked to that bastard, Violin??

where's Dunadan?? "BAN VIOLIN!"”

“Actually, on my home computer, the live update is not working for NAV. I know, cuz I 've seen the live updates come in on one of my work computers.

I've seen various reasons that might happen on the Symantec website. All the fixes look like a pain.

Any other ideas?”

“Hmmmmmm.

No hits on "heig.exe" at CERT, F-Secure or SANS.”

“Have you updated? My 'auto-update' was today.”

“my wife said things are acting funny at home also. she said that our NAV keeps disabling itself. i'll have to check it tomorrow.”

“I keep getting about 60 virus infected emails per day (not kidding). I also receive emails telling me that my email send to them was infected with the W32.Sobig.F@mm virus.

Now, I run the scan, and I have no virus, I even run the removal tool (doesn't work, keep getting an error), but I tried to remove the virus that I thought I have manual by going into the regedit, but I can't find non of the virus entries. It really doesn't seam that I have the virus.

I know I had the virus about one week ago, but norton found it and removed it.

What to do? I am still getting emails telling me that my email was infected...”

“Throw out the computer and buy another? I will send you my computer, you can have it.”

“lol, why you too have a virus??
I wish I could just throw it out, but it's just not possible right now.”

“My compnay got hit big last week and they sent a lot of reading material around. I have\n't had a chance to digest a lot of this, but this one looked like it may help your situation. Read it over, Gem. Hopefully, you may find some good info or at least a link to something useful in it.

What To Do”

“It's a ploy by the anti-virus people so you'll buy their software!”

“That advice will work well for someone who has a Cisco router acting as their gateway to the Internet. If you have a router of some sort, you might be able to do something similar. It's more difficult if you are directly connected to the Internet via cable modem, DSL, or dialup. I don't know if Microsoft allows you to build a "deny list" similar to the one described in those instructions.

If you're using a cable modem or DSL, however, some sort of router or firewall between your computer and the Internet is a must. These worms couldn't propagate as well if home DSL and cable modem users had one, and had it set up properly.”

“I have my computers on a router, so I'll read over it. thanks.

Dang virus crap!!!”

“that happened to me gemini, I was on one infected list and got added to several others. My clue was that they all had one of two subjects, most were from Switzerland or Europe. Yahoo/Norton picked em up.”

“This is crazy... I am deleting and deleting. I am sure I miss some important biz email, but it's too much. I received over 2,000 over the weekend, last time I checked was friday night so I checked monday and about 1/2 of them were viruses, the other half looked like spam. nuts!!”

“Thank God for firewalls and Norton upgrades.”

“i am on a firewall, a router and updated norton virus program.

I guess it protects you mostly of a virus, but you still are getting all the crap! My spam program does not catch the virus emails, so it's easy to miss other important email.

It just plain and simple sucks! Burn the Hackers!! Or whoever has nothing better to do with their life then figuring out how to mess up a computer. burn em, tar them, feather them!!!!!!!!!!!”

“My home computer is a Compaq and it really sucks, Gemini. I will probably be buying another one soon, but I do not know what.

Any advice?”

“Dell. Don't fool around with anyone else.”

“I had them all, zeos, micron (my favorite so far) compaq, HP, ha! Even a packard bell way back then... then I bought a gateway. I hated all of them.

Since about 5 or 6 years I am a Dell Fan. Micron are too expensive, don't even know if they make them anymore.
Anyway, I never had a problem with my Dell's.”

“My compaq really bogs down with McAfee firewall, virus scan, pop up stopper and cybersitter running. Must be a memory problem.”

“I second the Dell suggestion. Mine has done well so far...

Gem, wasn't sure if that would be of help to you or not, so I linked it anyway...”

“Treebeard, I'll check it out. Not sure if it will help or not. Thanks for the link!!

Pathman: ha, memory problem...you probably have a virus somewerhe...”

“Nope, scanned and clean with up to date virus protection. Too many programs running in the background.

Unless you are talking about me, in which case you may be right. ;-)”

“Gemini - I have received two of those email messages. The symantec (Norton) site has a description here.

I have Norton anti-virus with automatic updates, the windows patch on my computer, and a firewall for DSL. It sounds like the messages are sent from a different computer's address book to make you think you have virus. This is what Symantec says:

Email routine details The email message has the following characteristics:

From: Spoofed address (which means that the sender in the "From" field is most likely not the real sender). The worm may also use the address, admin@internet.com, as the sender.

NOTES:
The spoofed addresses and the Send To addresses are both taken from the files found on the computer. Also, the worm may use the settings of the infected computer's settings to check for an SMTP server to contact.
The choice of the internet.com domain appears to be arbitrary and does not have any connection to the actual domain or its parent company.”

“Phil, I just read that a minute ago too. (yeah, I should read the whole symantec page,but I normally never do) LOL

Still sucks! When is it going to be over september 09?? I sure hope so. I have received 26 viruses in the last 30 minutes. I don't want to start counting today. Seams like it's getting more and more every day.”

“Just so everyone knows. I had absolutely nothing to do with this.”

“for some reason I thought about you while I yelled at my inbox. Hmm....”

“It's the mouse!







”

“LONDON (Reuters) - A new computer virus capable of harvesting millions of e-mail addresses from infected PCs was rapidly spreading across the Internet Monday, security experts said.

Related Links
• Security response: W32.Beagle.A@mm (Symantec)
• Vanquish PC Viruses (PC World)
• Virus History 101 (PC World)






Online Games Take Off
Match wits with anyone, anywhere--just get in the game. Plus, smart gaming tips and free retro game downloads.





The infection, known as "Bagle" or "Beagle," appears to be the handiwork of spammers keen to collect a batch of e-mail addresses they can then re-sell to other spam e-mail marketers or keep for their own use.


"Bagle" also contains code that could turn an infected computer into a veritable "spamming" machine.


Security experts said it is patterned after the recent "Sobig" and "Mimail" outbreaks, which also turned scores of computers into zombie machines that spammers can control remotely to send torrents of get-rich-quick and sex aid messages to other computer users.


"It seems perfectly possible that Bagle is yet another worm written by spammers. When they have enough infected computers, they could automatically install invisible e-mail proxy servers on each machine and start spamming through them," said Mikko Hypponen, research manager at Finnish anti-virus firm F-Secure.


A host of virus-detection firms had placed their most severe ratings on the e-mail, noting it was spreading quickly from Asia through Europe and now to the United States.


The e-mail infection, or worm, contains a familiar subject line of "Hi" and an executable file attachment identified by ".exe." The body of the e-mail contains random characters.


The virus is triggered once a computer user clicks on the attachment, setting in motion an aggressive e-mail harvesting program that scans all documents on the infected computer and throughout the network it is attached to.


Computer analysts said most corporate e-mail filters should be able to block the infected e-mail, but that home users were particularly vulnerable.




http://news.yahoo.com/news?tmpl=story&u=/nm/20040120/tc_nm/tech_internet_virus_dc_6”

“I saw it spelled "Bagel" and Bagle this morning. Sounds like it's going to be big.”

“So, is this Condition Orange again?”

“It will only be big, because stupid moron, undereducated, people who have to reason to be using a computer will open all the emails and anttachments they get and spread the damn thing around, then blame Dell, Microsoft, Gateway, AOL for putting out poor products, when the entire time, stupid mofos cause the problems.”

“I got an email from John Feeney (Adventurist?) this weekend about a spam alert. Had an attachment. I deleted it rather than open it since there was nothing being posted on Trail Talk that would cause Adventurist to email everyone.”

“Of course it could have been another John Feeney, too. Not that uncommon of a name.”

“Data security experts worldwide went into crisis mode as the first major computer worm outbreak of 2004 pummeled e-mail systems with millions of malignant messages.

The worm, codenamed Mydoom or Novarg, was first detected yesterday afternoon, but within hours had begun flooding the Internet. "It's the worst that we've ever seen," said Jimmy Kuo, a McAfee Fellow at Network Associates Inc., maker of McAfee antivirus software, "We have reports from four of the Fortune 500 companies that they are infected," Kuo said, adding that the Mydoom outbreak had forced a major company to shut down its e-mail service. He declined to name the affected company.

more...”

“my virus software caught two different emails that came in last night with a virus. One of them was from an "@comcast.com"

Comcast is a cable company. Looks like they're infected.”

“I suspected a virus when I say a bunch of wild email this morning. Unfortunately, two of my direct reports got bit.

Looks like we lose a half day of production cleaning up the mess.”

“I am not sure if I have it or if I am just getting hit by it. My Norton is supposed to update using "Liveupdate", but I can't tell if it did or not.

This sucks. I think it is a pain to get rid of.”

“Phil - To be sure - double click on your Norton icon and run LiveUpdate manually. There is an available AntiVirus definition.”

“Phil-

Open the Symantec icon in your system tray. The version should be 01/26/2004 rev. 24”

“Beat you!”