AssemblyBoard

there is a new virus on the loose, and some of you have it. i know this because your computers are pelting the rest of us with virus-laden emails behind your back. here are the details of the new virus:

click here for mcafee's info (http://us.mcafee.com/virusInfo/default.asp?id=helpCenter&hcName=mydoom&cid=9547)

this is symantec's listing of the virus. i can't link directly to their site due to the '@' character in the link.

so please update your virus protection and triple-check to make sure you do not have this virus. if you have questions or confusion about how to do this, don't be shy about posting them. there are several very capable friendly and helpful computer folk on these boards who would only be too glad to help stamp out another nasty virus.

brian

The link is broken, and I can't figure out how to quote it such that YaBBSE is happy.

Dave

oops! thanks for the heads up, david. i edited the link, and added a new one. putting it in as code was the only i could get it not to choke on that @ sign.  :-\

brian

Replacing the "@" with "%40" usually works:

http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a%40mm.html (http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a%40mm.html)

My Yahoo! account is getting pelted by emails from several board members with odd attachments. Most of whom have never emailed me before.

How does that work?

S

If they are anything like the one we had at work, just delete them without opening the attachement.  Then you should be ok.

Definitely deleted them. Wondering how the worm/virus pulled my email address off the board.

I would be surprised if my address was in the address book of any of the people whom I received email from.

$250,000 reward from Microsoft for MyDoom! Check out the Yahoo! headlines.

Do you really want an explanation? ;)

I'm still aghast that "run this executable attachement" is an option in any mail reader.  Just.  Blows.   My.   Mind.  :o

--
lucas

My two cents worth on Computer Viruses

Some worms (a nasty type of virus that works through your system) work through your email address in your local PC account. They start at the top of your address list and email everybody on the list. If you put the following as a dummy entry it stops there usually because it has trouble sending an email to a bogus account. Don't use it in any of your lists though or you will get an undeliverable mail notice on that one.

The name is : A, A A
The email address is : AAAAAAA@a.aaa


Another way to avoid problems is to email long lists with the BCC not CC which means the other names don't appear on others email. You have to have one in the To and usually that can be yourself. And of course I think you know that you never send or open an email with no subject because they often contain viruses. Also never open an attachment from a stranger just delete the email.

One innocent action is the preview pane that lets you read the beginning of the email without opening it. Well guess what many programs see that as opening it so the virus attacks your system. To prevent this stop using the preview feature.

Hugh
 :o

"Never use Outlook" comes to mind too....... :-\

--
lucas

Help!  I haven't opened any e-mails from people that didn't contain normal correspondence, haven't opened an attachment that wasn't expected, but I am getting the following message on my system:

uglmd.exe - Application Error

The application failed to initialize properly (0xc0000142).  Click on OK to terminate the application.

I can't "click on ok", it does nothing.  I right click on the box at the bottom of the screen and have to hit "close" three to four times and then it will "close", just to reappear 1-4 minutes later.  

I am also getting pop ups like crazy (much more than normal).

I have shut down my computer completely and restarted the computer just to have it restart all over again.

IS THIS THE VIRUS?????????   UGHHHHHHHHHH.  I am so computer illiterate, my husband is the computer geek and he's commuting right now (does anybody hear me whininggggggggggggg????????) :'( :'( :'( :'(

Can anybody help me???????

If this is a virus here is how to remove it.

·   You have to have a clean boot disk with the “tab locked” on it so it won’t get infected too. Or start from a CD.
·   If you have a clean boot disk then you can boot from it and scan the computer and remove the virus BUT only if you have a separate “clean locked disk or CD” with a virus remover and it has to have the latest virus scan signatures for that virus. You may need a friend to provide that because if your machine is infected anything in it is suspect and could infect the virus remover you have on your hard disk. This is the only way to recover without reinstalling everything.
·   The virus could have come from a diskette brought from another computer recently if so clean that disk as well immediately before sharing it with others.
·   A computer store can clean your system but that is such a hassle and does not prevent you getting another virus. Put the latest virus software on immediately with the newest virus signatures. It is hard I know I got my first computer virus from the school I was taking computer courses from. How unfair.

Kimberley,

If on a scale of 1-10, 10=computer geek, I am at about 5.

Maybe 4.

I got a virus a couple of years ago. The anti virus program that came with my computer didn't know how to handle it.

 I went down to Best Buy and bought the latest Norton Antivirus disk.  When I installed it it included one year of updates.  That means that when I go online it automatically calls up Norton and they send the latest updates to it.

I have never had any virus problems since.  So, I recently renewed it on line with a credit card purchase.  I intend to keep it up as I don't know how to handle this stuff on my own.

Once my daughter Joy used my computer.  She used a disk that she had used at CSUF at some computer center.  She gave my computer a virus.  I then carried the thing to work and infected two computers in classrooms.

I cleaned that mess up by getting a cleanup disk from McAfee, another antivirus company.

If you get an anti virus disk it will tell you how to install it, and how to check your computer for viruses.

Even I can do it.

God bless,

Thomas Maddux

sounds like spyware to me.

Get a program called Ad-Aware, from LavaSoft.  It's a free download and it will remove most of the spyware from your computer.  I run mine daily, and get about 10-20 spyware cookies everyday from surfing normal, safe websites.

Brent

If some of the pop-ups are Messenger pop-ups, here's a link to instructions for disabling Messenger pop-ups:

http://spybot.safer-networking.de/index.php?page=faq&detail=13 (http://spybot.safer-networking.de/index.php?page=faq&detail=13)

Kimberly,

Just got my drive checked.  No coodies here.
Still the message is "Unclean! Unclean!" where ever I turn.  Almost sounds like somebody hit rewind doesn't it?
Delila

Hugh,
Washing your hands doesn't hurt either.  I've worked in a lot of schools.  Really.
drh

the virus randomly matches up both the TO: and the FROM: email addresses, so the only thing you need is somone who has your address in their address book and all the other folk's addresses in their address book and the virus will mix n match. think of the address book like a hat full of email addresses. the virus randomly draws an email from the hat and puts that in the To: field, then draws another email from the hat and makes that the From: field. make sense?

kimberly: about the popups - do what stephen advices. i recently got cable internet and started getting all those popups as well, and shutting off that messenger service completely eliminated them. i can't believe windows still leaves that on by default!  ::)

brent's advice about spyware removal programs is a Good Idea for all users, just like everyone should have the best virus protection money can buy. if more users did those relatively simple tasks worms and spyware would not be nearly the issue they are today. actually, they would probably be just that much more cleverly designed, but whatever - its still a good idea.

re: email programs - i telnet onto my server using putty in secure mode, so i am actually viewing my email in a text-based unix environment, instead of windows. they make about as many worms for unix as they do for macs (ie none). i occasionally use eudora to download backups of my email onto my local harddrive, but i don't use the addressbook at all.

and btw, hugh, at risk of displaying some gross ignorance on my part, i have never heard of a single virus that can attack your system just because you view the email. you have to actually click on the attachment to try and open it or run it in order to release the virus.  i think this is universally correct (lucas? stephen? others?). i am only talking about an email-transmitted virus here, of course - a virus could copy itself through the network, etc, but reading or not reading your email won't affect that.

practice safe computing...

brian

I am assuming you use pine then (i use mutt)?  In my experience, it is hard to take down a machine via the properly setup shell account's email reader.....but you can still wreck amazing havok with their console :).    

I personally have an installation of spamAssassian running on my highschool's IRX boxes that I bounce all my other email accounts' mail to for virus checking / spam filtering purposes.  After filtering, they are sent back to the various accounts.  The only annoyance is when any of the given servers goes down  :P


Depends on how the system is setup. Some email readers have the functionality of automatically caching the attached files which could trigger execution (*cough* OUTLOOK*cough*).  

But no, this is not universal.....the main constraint would be the properties of the security hole being exploited.  Back in highschool, I wrote a nice script which would automatically shutdown any windows system  and imbedded it into a HTML page.  It was also able to be sent to people via email......quite a nice prank I thought ;)

--
lucas

Unless, of course, you are using a Microsoft product, which is riddled with so many bugs that people figure out how to run attachments in just the preview window.

Running on windows has two disadvantages: 1. since it is the majority platform, it is what people will generally make works/virii for, and 2. because it is the majority, Microsoft has little incentive to actually make software that works well.

Thank you one and all who contributed your ideas :-*.  I couldn't do a thing ::)!  But when my husband came home he spent 5 hours cleaning up the system (and yes, it was those nasty pop-ups :P)

These pop-ups were so insidious it wreaked more havoc than just having them "pop-up".  I can't even explain it, because I am not a computer geek :-[.

But, again, thank you, thank you, thank you!

Today, my husband will be installing a fire-wall and up-dating our virus software (DUH!!!)

Wish I had some of Luke's neeto emoticons.

Happy Sunday Guys!

P.S.  GREG GOT A JOB DOWN HERE FINALLY!  YEAH!!!!!!!!! ;D ;D ;D ;D  Only two more weeks of commuting and then he's down here for good.  Thank you to anyone who prayed for us during this difficult six months of being apart.

New Virus Alert!!

  You should be alert during the next days:
  Do not open any message with an attached filed called "Invitation"
  regardless of who sent it.
 
  It is a virus that opens an Olympic Torch which "burns" the whole
  hard disc C of your computer.
 
  This virus will be received from someone who has your e-mail
  address in his/her contact list, that is why you should send this e-
  mail to all your contacts.
 
  It is better to receive this message 25 times than to receive the
  virus and open it.
 
  If you receive a mail called "invitation", though sent by a friend,
  do not open it and shut down your computer immediately.
 
  This is the worst virus announced by CNN, it has been classified by
  Microsoft as the most destructive virus ever.
 
  This virus was discovered by McAfee yesterday, and there is no
  repair yet for this kind of virus.
 
  This virus simply destroys the Zero Sector of the Hard Disc, where
  the vital information is kept.
 
  SEND THIS E-MAIL TO EVERYONE YOU KNOW, COPY THIS E-MAIL AND SEND IT
  TO YOUR FRIENDS AND REMEMBER:
 
  IF YOU SEND IT TO THEM, YOU WILL BENEFIT ALL OF US

this particular virus threat is actually a hoax.

http://www.snopes.com/computer/virus/invitation.asp

but its always a good idea to be very suspicious of any attachments.

Sorry about that!  I received the notification from an attorney, so
i passed it on without checking it out.  My bad.