1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

I am being hit up to 4 times a day with viruses

Discussion in 'Virus & Other Malware Removal' started by puter hater, Nov 26, 2001.

Thread Status:
Not open for further replies.
Advertisement
  1. puter hater

    puter hater Thread Starter

    Joined:
    Nov 12, 2000
    Messages:
    2,023
    I am being hit up to 3 to 4 times a day with viruses . My program is getting them(Norton) but who knows in the future.
    I am up all day(cable) I shut down at down at nite. They are popping up all the time

    Date: 11/26/01, Time: 17:05:00,
    The file
    C:\WINDOWS\PWKSSO.EXE
    was infected with the W32.HLLW.Hai virus.
    The file was quarantined.

    This the last one..
    ..
    C:\WINDOWS\STARTM~1\PROGRAMS\STARTUP\network.vbs
    The file was quarantined.
    What do I need to do to get this to stop.

    Thanks in advance:confused:
     
  2. HKEd

    HKEd

    Joined:
    Jul 18, 2000
    Messages:
    221
    Hi Puter Hater...are you saying that the viruses are being blocked while you're online - i.e. not arriving as email attachments?

    You may already have a nasty on your system that is allowing others access. Also, depending on your networking setup, your NetBios ports may be wide open.

    Go to this site:

    http://home.earthlink.net/~rmbox/Reticulated/Toys.html

    Download Startup Log and PortLog. Post back with the contents of StartLog.log (copy & paste) and PortLog. You can ignore the StubPath.txt file that StartLog generates. Remember to xxxx.xxx.xxx.xx out your IP address from PortLog.

    This should give us a good idea of what the problem is.
     
  3. Styxx

    Styxx Banned

    Joined:
    Sep 8, 2001
    Messages:
    4,888
    You can print this out for future reference or copy and paste it to a Wordpad document you rename.

    Today, a worm or virus can arrive on anyone's machine through e-mail. Before you lose a day's work to the latest malicious virus, follow these precautions.

    There are about three (4) free Anti-virus Programs, downloads off the Internet. AVG, F-Prot, AntiVir and Aladdin. Most all are for Win98 and NT. The best I feel are one (1), AVG Antivirus and (2) AntiVir. AVG has e-mail scanning for Outlook Express and a Virus Vault Area (much like Norton AntiVirus) and is for Win9x users. AVG is not 'Tech' supported without a fee.

    Be sure to create and test the DOS Rescue/Reference Disk set that every anti-virus scanner is capable of generating. All anti-virus makers recommend each user create these sets. It can be 1-5 floppies depending on the company. These sets act like a second virus scanner as a backup in case you can't boot to Windows or your Windows scanner becomes inoperable.

    Symantec offers Customer support through 'e-mail' and a forum where your answers will be responded to by a Technical Support representative at:

    http://servicenews.symantec.com/cgi...symantec.customerservice.general&submit=Post&

    As with all AntiVirus scanners, you need to make sure that they are scanning All Files and not Program Files only, as many virus scanners default to.

    Don't open attachments One of the best ways to prevent virus infections is not to open attachments (click on paperclip icons (the lower larger one) or double-click the subject lines and choose 'Open'), especially when dangerous viruses are being actively circulated. Even if the e-mail is from a known source, be careful. A few viruses take the mailing lists from an infected computer and send out new messages with its destructive payload attached. Always scan the attached files first for viruses. Unless it's a file or an image you are expecting, delete it twice.

    The Right-Click Scan Method

    Always click the lower paperclip icon of any e-mail with a small or large paperclip icon indicating an attachment is present; choose 'save to disk'; Navigate to where the attachment was saved; Right-click the attachment and choose 'Scan with (your anti-virus). If the attachment is infected right-click it a choose Delete. Delete the asssociated e-mail from the Inbox and then the Deleted Items folder.

    Scan your system regularly If you're just loading antivirus software for the first time, it's a good idea to let it scan your entire system. It's better to start with your PC clean and free of virus problems. Often the antivirus program can be set to scan each time the computer is rebooted or on a periodic schedule. Some will scan in the background while you are connected to the Internet. Make it a regular habit to scan for viruses.

    Turn off Windows Scripting Host Recent virus outbreaks have exploited known vulnerabilities in Visual Basic Scripting under Windows. To limit your risk of infection, you should http://www.zdnet.com/zdhelp/stories/main/0,5594,2568111,00.html

    Get protected If you don't already have virus protection software on your machine, you should. If you're a home or individual user, it's as easy as downloading any of many top rated virus scanners then following the installation instructions. If you're on a network, check with your network administrator first.

    Virus like the dreaded WScript.KAKWorm do not require activation like most viruses. If it's received, it activates itself.
    Many viruses attach themselves, when activated as described above (they must be activated in most cases), to e-mail browsers' like Outlook Express' Address Book and send itself to all the contacts therein as soon as and every time you open your e-mail browser again or get on-line.

    Many viruses are planted on people's systems by Hackers accessing your hard drive using Trojan horses, or so-called 'Server Robots', that the 'wrongful intruder' can use to access your hard drive anytime your on-line and modify, delete or add to your hard drive contents in anyway they want. Even to plant viruses without your knowledge making e-mail borne bad code transmission unnecessary. Without a hardware or software firewall, software firewalls are most common for home users, in place then and 'hacked' by a Trojan Horse the computer is not yours while your on-line and any information on your hard drive can be accessed by the hacker, even your most personal data.

    Accept No Substitutes, handle your e-mail in this fashion and you will go a long way to stopping the unintelligent freaks of nature that start these Viruses, Trojans and Variants from being spread around by undeserving unknowing people who are unaware their outgoing e-mail is infected. Update your virus definitions weekly and get the free personal firewall Zone Alarm anti-hacker countermeasure for all internet uses and read why you need a firewall at http://www.grc.com. Test your ports and shields at the Shields Up site there. Hackers typically use both port scanning and other security vulnerability testing to find security weaknesses on a computer that a Firewall stops.

    There are services that scan your computer for Malicious code (Viruses, Trojans and Variants). Usually viruses won't prevent you from going to the below listed URL at Trend-Micro.

    Try using these links:

    On-Line Scans for Viruses, Trojans, and Variants

    1. Symantec (Norton Antivirus) Security Check - Free on-line scan
    http://security1.norton.com/us/home.asp?j=1&venid=sym&langid=us&plfid=20&pkj=MOMIKPPZHDHFQSGBXII
    Click the 'Run Virus Check' or 'Run Security Check' button.
    ***This scanner doen't clean or delete, the following do***

    2. Trend Micro (PC-cillin) - Free on-line Scan
    http://housecall.antivirus.com
    A small Download Required

    3. Panda's Active Scan
    http://www.pandasoftware.com

    4. Antivirus Expert - Online Virus Scanner
    http://www.centralcommand.com/scan.html

    **************************************************

    Free Antivirus Programs

    5. Download a AV Program with free updates.
    AVG Antivirus - http://www.grisoft.com
    Technical Support Is Fee-Based

    6. F-Prot AVP for DOS download page.
    Experienced Users Only
    http://www.complex.is/f-prot/

    7. AntiVir - Free updates
    http://www.free-av.com/

    **************************************************

    Free Firewall(s)

    8. Zone Alarm personal firewall - Anti-Hacker Countermeasure.
    http://www.zonelabs.com

    9. Learn about Internet security and why you need a firewall
    at Steve Gibson's Shields UP site.
    http://www.grc.com

    **************************************************

    10. Update your antivirus definitions weekly/monthly as updates come out.

    11. Scan your computer for malicious code each time after updating definitions.

    12. Create, then update your Rescue Disks for each anti-virus program after each update.

    http://www.zdnet.com/zdhelp/stories/main/0,5594,2248291,00.html
     
  4. hewee

    hewee

    Joined:
    Oct 26, 2001
    Messages:
    57,791
  5. puter hater

    puter hater Thread Starter

    Joined:
    Nov 12, 2000
    Messages:
    2,023
    Just got home from work and as soon as I feed the child and feed the horses and get him offf to school I will sit down and go thru it. But in the mean time...
    ....(are you saying that the viruses are being blocked while you're online - i.e. not arriving as email attachments)...
    They are not attachments. Norton will pop and state with an alert that I have the issue going on. This is the Norton log of what has been happening. Then I would quarantine it and delete it.. The only problem I have beside the open doors right now is at start up with a reference regarding one of the worms/ virus what ever they are. But thats the next post.
    Date: 11/11/01, Time: 20:54:24, on PURPLE PUTER
    The file
    C:\MY DOCUMENTS\2977\yosemite.eml
    was infected with the W32.Nimda.enc virus.
    The file was deleted.


    Date: 11/11/01, Time: 20:54:50, on PURPLE PUTER
    The file
    C:\MY DOCUMENTS\2976\desktop.eml
    is infected with the W32.Nimda.enc virus.
    Unable to repair this file.


    Date: 11/11/01, Time: 20:54:54, on PURPLE PUTER
    The file
    C:\MY DOCUMENTS\2976\desktop.eml
    was infected with the W32.Nimda.enc virus.
    The file was quarantined.


    Date: 11/11/01, Time: 21:08:16, on PURPLE PUTER
    Virus scanning started.

    Date: 11/11/01, Time: 21:30:18, on PURPLE PUTER
    Virus scanning completed.
    Items scanned: C:
    Date: 11/16/01, Time: 20:00:02, on PURPLE PUTER
    Virus scanning started.

    Date: 11/16/01, Time: 20:21:12, on PURPLE PUTER
    Virus scanning completed.
    Items scanned: C:

    Date: 11/23/01, Time: 19:59:54, on PURPLE PUTER
    Virus scanning started.

    Date: 11/23/01, Time: 20:15:22, on PURPLE PUTER
    Virus scanning completed.
    Items scanned: C:
    Master boot records:
    Date: 11/23/01, Time: 20:20:16, on PURPLE PUTER
    The file
    C:\MY DOCUMENTS\2977\anthro~7.eml
    was infected with the W32.Nimda.enc virus.
    The file was deleted.


    Date: 11/23/01, Time: 20:20:40, on PURPLE PUTER
    The file
    C:\MY DOCUMENTS\2976\anthropology survey.eml
    is infected with the W32.Nimda.enc virus.
    Unable to repair this file.


    Date: 11/23/01, Time: 20:20:54, on PURPLE PUTER
    The file
    C:\MY DOCUMENTS\2976\anthropology survey.eml
    was infected with the W32.Nimda.enc virus.
    The file was deleted.


    Date: 11/25/01, Time: 11:48:12, on PURPLE PUTER
    The file
    C:\WINDOWS\MVNQLK.EXE
    is infected with the W32.HLLW.Hai virus.
    Unable to repair this file.


    Date: 11/25/01, Time: 11:48:14, on PURPLE PUTER
    The file
    C:\WINDOWS\MVNQLK.EXE
    was infected with the W32.HLLW.Hai virus.
    The file was quarantined.


    Date: 11/26/01, Time: 9:32:30, on PURPLE PUTER
    The file
    C:\WINDOWS\HNNNY.EXE
    is infected with the W32.HLLW.Hai virus.
    Unable to repair this file.


    Date: 11/26/01, Time: 9:32:32, on PURPLE PUTER
    The file
    C:\WINDOWS\HNNNY.EXE
    was infected with the W32.HLLW.Hai virus.
    The file was quarantined.


    Date: 11/26/01, Time: 16:08:32, on PURPLE PUTER
    The file
    C:\WINDOWS\CHWDB.EXE
    is infected with the W32.HLLW.Hai virus.
    Unable to repair this file.


    Date: 11/26/01, Time: 16:08:32, on PURPLE PUTER
    The file
    C:\WINDOWS\CHWDB.EXE
    was infected with the W32.HLLW.Hai virus.
    The file was quarantined.


    Date: 11/26/01, Time: 17:05:00, on PURPLE PUTER
    The file
    C:\WINDOWS\PWKSSO.EXE
    is infected with the W32.HLLW.Hai virus.
    Unable to repair this file.


    Date: 11/26/01, Time: 17:05:00, on PURPLE PUTER
    The file
    C:\WINDOWS\PWKSSO.EXE
    was infected with the W32.HLLW.Hai virus.
    The file was quarantined.


    Date: 11/26/01, Time: 18:59:48, on PURPLE PUTER
    The file
    C:\WINDOWS\STARTM~1\PROGRAMS\STARTUP\network.vbs
    is infected with the VBS.Network virus.
    Unable to repair this file.


    Date: 11/26/01, Time: 18:59:50, on PURPLE PUTER
    The file
    C:\WINDOWS\STARTM~1\PROGRAMS\STARTUP\network.vbs
    was infected with the VBS.Network virus.
    The file was quarantined.
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/59765

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice