Computer ? (virus maybe??)

   / Computer ? (virus maybe??) #1  
Richard

Richard

Elite Member
Joined
Apr 6, 2000
Messages
4,993
Location
Knoxville, TN
Tractor
International 1066 Full sized JCB Loader/Backhoe and a John Deere 430 to mow with
Ok, computer guys do I have some form of virus?

ADSL line, 4 port router, no firewalls that I"m aware of /w3tcompact/icons/blush.gif

Went to turn off machine last night at work, had a "sharing" warning about killing machine might make files unavailable to "X". I shrugged & killed. ( I was only one here)

today, upon turn on, Outlook Express "kinda" starts with a message there & the opportunity to open it. What I mean by kind of starts, is, it comes up automatically, as though it was in my start up group (it isn't). Furthermore, it isn't "OE" that starts, just a message with attachments, readme.exe and ATT00008.txt

I didn't. It was a "readme.exe" file and I DO know that I do NOT like those.

I have deleted all temp files, where I found a BUNCH of "photo for you.nws" files all with nws extension. The files themselves ranged in name from readme, photos, silky ...just all kind of non related type names.

I have run my norton and so far, nothing found. Machine runs fine but again, on reboot, same issue with outlook express message trying to come up to be sent.

Does this truncated presentation show any concerns I may need to have?

Thanks
Richard
 
   / Computer ? (virus maybe??) #2  
Do you have any Cipro?? /w3tcompact/icons/wink.gif

When's the last time you updated to the lastest virus files?

Also, sounds like you do need to set up a firewall. There was a recent thread about a decent firewall software package. Dang, what was it. Computer geeks - help.

Terry

Think I found it - look at this thread.

http://www.tractorbynet.com/cgi-bin/compact/showthreaded.pl?Cat=&Board=off&Number=76461&Search=true&Forum=off&Words=firewall&Match=Entire%20Phrase&Searchpage=0&Limit=25&Old=1week&Main=76354



<P ID="edit"><FONT SIZE=-1>Edited by TerryinMD on 10/26/01 03:24 PM (server time).</FONT></P>
 
   / Computer ? (virus maybe??) #3  
ZoneAlarm is a good FREE firewall, can be downloaded from:http://download.cnet.com/downloads/0-10105-108-57636.html?tag=st.dl.10105.upd.10105-108-57636
and yes it sounds as if you do have a viral problem on your computer....try logging to:http://housecall.antivirus.com/ and running their online virus checker. Holler if it is identified and cannot be cleaned by them...I'll try to come up with the cleaning method for it.
Let me know your O/S and version, as well as version of OE if possible.
<P ID="edit"><FONT SIZE=-1>Edited by scruffy on 10/26/01 05:05 PM (server time).</FONT></P>
 
   / Computer ? (virus maybe??) #4  
Richard, another proggie to install is called Empty temp folders, it is great for keeping extraneous garbage from building up on your system. It can be found at: http:// http://www.danish-shareware.dk/soft/emptemp/ It is a very good program, and it also is free.

Be sure to keep your AV software updated regularly.
 
   / Computer ? (virus maybe??) #5  
Sounds like it could be the nimda virus. I just cleaned up and network that had it bad. Lots of .nws and .eml files that self replicated. Is you Norton up to date that you scanned it with?
The readme.txt file and the .nws files it what makes me think that is what is wrong. Have you tried to run MS Word and had problems with that program. When infected it was reporting system out of memery when you tried to open and work with a MS Word file.
Try symantec.com, get the nimda removal tool and check your system with that.
Another place to scan your hard drive online is www.trendmicro.com, try this link
http:// [url]http://housecall.antivirus.com/pc_housecall/ [/url]
Let me know what you find out
 
   / Computer ? (virus maybe??) #6  
It sounds like you have the Nimda Virus allright/w3tcompact/icons/frown.gif. If you update your virus definitions (you can do this in the newer versions of NAV by using the LiveUpdate function), you should be able to remove it. There is also a stand-alone tool for removal available from Symantec. This link has all of the information about the virus, as well as how to get rid of it. A firewall could really help you to prevent some of these types of attacks, but I think that keeping your virus definitions up to date is the best preventive medicine. This is due to the fact that most viruses come through either e-mail which your firewall just lets fly right on through, or via http downloads which are also open on almost all firewalls. If you can find a firewall with built in virus checking, that might do the trick, but you would need to update the virus definitions on the firewall anyways, so why not just keep those definitions up to date on your PC? Just my .02.

rf33
rf33_sig_better.gif
/w3tcompact/icons/wink.gif
 
   / Computer ? (virus maybe??) #7  
The readme.txt file leads me to believe it is nimda. I got it in our email server, a Windows 2000 Server machine running Mailsite by Rockcliffe. I went through various virus scans which found infected files but couldn't do anything about them. Finally I downloaded "fixit" scripts from both Symantec and House Call. I purchased Symanted Anti Virus Corporate Edition and set up real time scanning. After all of that the A/V software continued to find and quaranteen 10 or 12 files a day. Before that I had 6000 files infected. I just kept the A/V software running and suddenly it stopped finding anymore infected files. Our email server continues to send and receive mail just fine.

I have said on this board how much I hate A/V software, but nowadays I'd say its pretty much necessary. Symantec has one for PCs that you can disable the "real time" operation (which is very CPU intensive) but it still scans emails as the come in, and also scans outgoing emails.

Alan L., TX
 
   / Computer ? (virus maybe??) #8  
scruffy
The link you posted will work if you drop one of the http://'s
regards
Mutt
 
   / Computer ? (virus maybe??) #9  
Hey Mutt, glad you caught that, I didn't put that extra in there (know better than that), but it must of occurred in how I posted it. Not sure on that one. Sorry. But the proggie is a good free proggie, and small to boot.
 
   / Computer ? (virus maybe??)
  • Thread Starter
#10  
My sincere thanks.

I seem to have had the nimda virus I guess. I downloaded the fix for it, ran it, it said it found a bunch of infected files and either fixed or erased them.

I also downloaded the firewall and though it bugged me up for 1 1/2 hours trying to figure out how to make it work (I had no access to internet) I have since done so and must say, I feel much better about situation.

Again...
Thanks to all who thoughtfully spent time/energy to help.

Richard
 
You must log in or register to reply here.

Tractor & Equipment Auctions

2005 KOMATSU PC400LC-7L EXCAVATOR (A51242)
2005 KOMATSU...
  • Clicks: 36
  • Views: 18,963
2017 Ford Explorer SUV (A50324)
2017 Ford Explorer...
  • Clicks: 19
  • Views: 10,372
2013 John Deere 2210 Accudepth Field Cultivator (A52349)
2013 John Deere...
  • Clicks: 22
  • Views: 15,839
2012 FORD F-650 SUPER DUTY BOX TRUCK (A51243)
2012 FORD F-650...
  • Clicks: 34
  • Views: 42,988
2014 Ford Explorer AWD SUV (A50324)
2014 Ford Explorer...
  • Clicks: 40
  • Views: 23,012
2017 CATERPILLAR 299D2 XHP SKID STEER (A51242)
2017 CATERPILLAR...
  • Clicks: 26
  • Views: 22,599
 

Footer Links 1

Top