l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2004 Jul 17 23:09

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] [OT] Now I have a virus. Argh!!!!!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] [OT] Now I have a virus. Argh!!!!!

On Sat 17 Jul 04,  5:20 PM, Jonathan Stickel <jjstickel@sbcglobal.net> said:
> Peter Jay Salzman wrote:
> >Ever have the feeling that you shouldn't have gotten out of bed?
> >
> >One of my systems, lucifer, is a dual boot (Debian/win2k).  The only
> >thing I use win2k for is to play Serious Sam, Serious Sam Second
> >Encounter, and Syberia.
> >
> >My wife checks her school email, which is web based.  Apparently, Opera
> >can't handle the Javascript, so when lucifer is in Linux, she uses
> >Galeon and when lucifer is in win2k, she uses IE.
> >
> <snip>
> >I googled on one of my Linux boxes, and after a little searching, found
> >that this is a worm called W32.HLLP.Kindal@MM.  I was able to verify
> >some of the claimed changes the worm made to the registry, although I
> >couldn't find the file that was supposed to contain the viral code.  I
> >saw a mention of it in the registry, and saw the key that has it run on
> >boot, but the file itself seems to be missing or isn't showing up.
> >Wierd.
> >
> >The only way this thing could've gotten onto my system that I can think
> >of is by Internet Explorer.  This OS is used for gaming (non-online
> >gaming), and checking school webmail with IE and absolutely nothing
> >else.  I know that 4 "critical vulnerabilities" were announced for IE a
> >couple of days ago, and another 3?  6?  a few days before that.
> >
> >Anyway, that's neither here nor there.  I've never had a worm before,
> >so I'm new to all this.  What's the standard procedure?  Reinstallation?
> >Can "virus checkers" also erase viruses?   What is a good "virus
> >checker" for this purpose?
> >
> According to Symantec 
> (http://securityresponse.symantec.com/avcenter/venc/data/w32.hllp.kindal@mm.html), 
> this virus spreads by email and file-sharing software.  Maybe your wife got 
> it by web-based email?  Anyway, Norton Antivirus would get rid of it for 
> you.  You could probably use some other (free?) virus software also. You 
>  may want to scan your whole machine to see if you got something else, too.  
> Do you keep up with all the windows patches?
yeah, i actually do.   i see there was a free anti-virus suggestion
made.  i'll give that a whirl first.

from info i found on the web, i've disabled the virus from starting on
boot, but there's probably dormant copies of it laying around, so i
definitely need to scan the system.

on the proactive side, i installed mozilla which she can use to check
email.  in my defense, the only reason why i didn't install mozilla
before was that i didn't figure the computer stays booted long enough in
windows for something like this to happen.  we're talking only a couple
of hours a day.   but apparently, it was enough!

> Windows security is just awful these days.  I have some friends who use 
> dialup internet with windows.  The windows updates take so long on 
> dialup that they get frustrated and don't complete them.  About every 3 
> months they get infected with something new.

i know a woman from work whose win XP system was trahsed by windows
update.  she swore to never use the win update again.   very


In theory, theory and practise are the same.  In practise, they aren't.
GPG Instructions: http://www.dirac.org/linux/gpg
GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.