[AT] Way OT Computer Virus question

Sat Apr 14 06:48:10 PDT 2007

Charlie,

Without knowing what virus you did have, it is kind of hard to know what is going 
on now.

However, here is a scenario based on past experience:

The bug you caught managed to get your email (and possibly others from your 
address book) and sent it to someone.  That someone has either passed it on for 
payment from spammers or is using it himself for evil doing.  The emails you are 
getting are nothing more than spam, trying to get you to either buy something, or 
worse yet, follow the instructions they send, which will either re-infect your PC 
or open some ports, and expose your PC to more evil doing.

I would bet that if you spent some time (a waste in my opinion) tracking down the 
source of these emails, they are not legitimate ISPs.

In any case, keep doing what you are doing and ignore the emails, unless you get 
one from your ISP, in that case, call them, don't reply.

I use trendmicro.com for HouseCall online virus scan when I get a system that has 
a bad virus.  Some viruses disable your onboard virus scanner and firewall.  Some 
are even tricky enough to make it look like they are running.  I have also seen 
viruses that prevent the installation of a new anti-virus or firewall program. 
There is some nasty stuff out there.

If you run a resident (up to date) virus scan, an online virus scan, adware, and 
spybot type programs and they all come up clean, you are probably virus free. 
Just ignore the spam.

If you know the name of the specific virus you think you have, check out some 
anti-virus sites, they will probably have specific removal instructions posted. 
Follow them carefully, especially if you have to edit the registry.

Let us know how it goes.

Stuart

----- Original Message ----- 
From: "charlie hill" <chill8 at suddenlink.net>
To: "Antique tractor email discussion group" <at at lists.antique-tractor.com>
Sent: Saturday, April 14, 2007 7:50 AM
Subject: [atis] [AT] Way OT Computer Virus question

> About a month ago I picked up a virus.  I know when it happened.
> I hit a web site with a bunch of pop ups.  In the process of clearing them a
> warning poped up on my screen warning me not to open a file.  Unfortunately
> I made an errant click (my fingers got ahead of my brain) and I opened the
> virus file.  IMMEDIATELY I started to work clearing it.  After about 4 hours
> I thought I had it.  Then the next day it was back.  I went to work on it
> again and got it cleared.
> Since then I've run frequent checks with AVG free edition which was running
> when I got the virus and with other online virus checkers.  My AVG is on
> auto-update.  I also run Zone Alarm Pro firewall.  Somehow Zone Alarm got
> corrupted.  I deleted it and downloaded a newer version.  Zone Alarm and AVG
> say my system is clean.  One online virus checker found the virus again but
> showed in a quaranteen file.  My system at this point is running fine BUT  I
> keep getting messages like the one below in my e-mail.
> Some of them come from a site that claims to be my ISP.  Some of them come
> from servers all over the world.  I was getting several of these messages a
> day.  Then they went away.  Now this week I'm getting them again but in
> lower numbers.
>
> See the message below.
>
> Anyone have any suggestions?
>
> Thanks
>
> Charlie
>
> We have detected that your e-mail account was used to send a huge amount of
> spam during the recent week.
> Probably, your computer had been infected by a recent virus and now runs a
> trojaned proxy server.
>
> We recommend you to follow our instruction in order to keep your computer
> safe.
>
> Best wishes,
> suddenlink.net technical support team.
>
>
>
>
> --------------------------------------------------------------------------------
>
>
> --------  Virus Warning Message --------
>
> document.com is removed from here because it contains a virus
> (W32/Mydoom.o at MM).
>
> ----------------------------------------
>
>
>
> --------------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.446 / Virus Database: 269.4.0/760 - Release Date: 4/13/2007
> 8:04 PM
>
> _______________________________________________
> AT mailing list
> http://www.antique-tractor.com/mailman/listinfo/at
>
> 