[AT] Way OT Computer Virus question

Sat Apr 14 07:41:48 PDT 2007

Thanks David and Stuart.  I've done pretty much what both of you suggest 
except that I have run a scan in Safe Mode as David advises.  I'll do that. 
I've used Housecall.  That was the first place I went when I realized I was 
infected.

I am scanning now with Panda.  It's found a "hacking tool kit".  When the 
scan is finished I'll figure out what that is and get rid of it.

Thanks again,

Charlie
----- Original Message ----- 
From: "David Bruce" <davidbruce at yadtel.net>
To: "Antique tractor email discussion group" <at at lists.antique-tractor.com>
Sent: Saturday, April 14, 2007 9:21 AM
Subject: Re: [AT] Way OT Computer Virus question

> When you scanned with the online scanner did you do that from safe mode
> with networking?  Many of the viruses and/or trojans can't be removed
> while in regular mode as they are "in use".  Safe mode prevents them
> from running most times.  Safe mode with networking also allows you to
> use the internet to get access to the on line scanners.  If you think
> you are compromised I would prefer the on line scanners as the local
> scanners might be disabled by the bad boys.  I like Trend Micro's on
> line scanner called Housecall.
> http://housecall.trendmicro.com/
> Hope this helps.
> David
> NW NC
>
> charlie hill wrote:
>> About a month ago I picked up a virus.  I know when it happened.
>> I hit a web site with a bunch of pop ups.  In the process of clearing 
>> them a
>> warning poped up on my screen warning me not to open a file. 
>> Unfortunately
>> I made an errant click (my fingers got ahead of my brain) and I opened 
>> the
>> virus file.  IMMEDIATELY I started to work clearing it.  After about 4 
>> hours
>> I thought I had it.  Then the next day it was back.  I went to work on it
>> again and got it cleared.
>> Since then I've run frequent checks with AVG free edition which was 
>> running
>> when I got the virus and with other online virus checkers.  My AVG is on
>> auto-update.  I also run Zone Alarm Pro firewall.  Somehow Zone Alarm got
>> corrupted.  I deleted it and downloaded a newer version.  Zone Alarm and 
>> AVG
>> say my system is clean.  One online virus checker found the virus again 
>> but
>> showed in a quaranteen file.  My system at this point is running fine BUT 
>> I
>> keep getting messages like the one below in my e-mail.
>> Some of them come from a site that claims to be my ISP.  Some of them 
>> come
>> from servers all over the world.  I was getting several of these messages 
>> a
>> day.  Then they went away.  Now this week I'm getting them again but in
>> lower numbers.
>>
>> See the message below.
>>
>> Anyone have any suggestions?
>>
>> Thanks
>>
>> Charlie
>>
>> We have detected that your e-mail account was used to send a huge amount 
>> of
>> spam during the recent week.
>> Probably, your computer had been infected by a recent virus and now runs 
>> a
>> trojaned proxy server.
>>
>> We recommend you to follow our instruction in order to keep your computer
>> safe.
>>
>> Best wishes,
>> suddenlink.net technical support team.
>>
>>
>>
>>
>> --------------------------------------------------------------------------------
>>
>>
>> --------  Virus Warning Message --------
>>
>> document.com is removed from here because it contains a virus
>> (W32/Mydoom.o at MM).
>>
>> ----------------------------------------
>>
>>
>>
>> --------------------------------------------------------------------------------
>>
>>
>> No virus found in this incoming message.
>> Checked by AVG Free Edition.
>> Version: 7.5.446 / Virus Database: 269.4.0/760 - Release Date: 4/13/2007
>> 8:04 PM
>>
>> _______________________________________________
>> AT mailing list
>> http://www.antique-tractor.com/mailman/listinfo/at
>>
>>
> _______________________________________________
> AT mailing list
> http://www.antique-tractor.com/mailman/listinfo/at
>
>
> -- 
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.5.446 / Virus Database: 269.4.0/760 - Release Date: 4/13/2007 
> 8:04 PM
> 