PDA

View Full Version : Well I just pulled a good one



Captain Kidd
2004-Nov-05, 02:04 AM
A moment of inattention.

Both my work computer and home computer run XP. In Windows Explorer (I miss saying File Manager :) ) at work, the file extensions are shown, at home theyíre not. Itís been bugging me, but I hadnít gotten around to changing the settings on my home computer.

Well, it bit me on the rear tonight.

Iím weeding the email that hits the server of the website I manage, 95% of it is junk, and most of the rest is people not being able to type the address correct so the forwarder doesnít work and I have to pass it on. (Thatís the most annoying thing; amazing how computer/life illiterate some people are. ďDear Sir, on the Hours of Operation webpage, you say you are open every day. Weíre coming down on Sunday, will you be open?Ē Honest to God I get those. How these people remember to breathe or not to brush with at .45 is beyond me.) An amazing amount was in the webmaster bin, most of which were actually real emails, spam Assassin does a wonderful job of shifting out the spam. I open one up that is from a fellow organization and thereís a zipped file.

Buzzer One went off when it went to me, Iím just the webmaster and have zero to say in day-to-day operation but I though maybe their webmaster was wanting to pass something along to me.

Buzzer Two went off at the sight of a zipped file, but I figured it was something big.

Buzzer Three choked. The responsible party has subsequently been drug out into the street and shot.

So I opened it, so far so good, thereís a file there, canít remember the name but it ended with ".txt". So, I guess you figured out what happened next. I was at home, not work, I still hadnít turned off the ďhide common file extensionsĒ options for Explorer. It was actually something.txt.pif or some sort of executable. (The zipped file opened in icon format not Details so I didn't have the info column up to tell me it was an executable.)

Suddenly AVG is screaming that Netsky.Q has invaded my computer.

#-o ďOhÖ joyĒ (actually a non-family oriented word came to mind.)

So, the last hour has been involved in downloading a remover, learning how to boot up in Safe Mode (never needed to before in XP) and twiddle my thumbs.



Let that be a lesson to all. Sometime paronia can be a good thing.
I now have extensions showing for all files.

frogesque
2004-Nov-05, 02:33 AM
So, have you answered my e-mail yet? :lol:

Seriously, it just shows how easy it is to be caught out. I got a virus a while back (a Kleeze varient). I just want to keel haul the beep bleeps who's idea of 'fun' it is to write these scripts

Maksutov
2004-Nov-05, 02:52 AM
So, have you answered my e-mail yet? :lol: [edit]


LOL! Good one, frogesque! =D>

Now to see how quickly you can duck!

Good luck with the removal, Captain Kidd. Seeing the real extensions can make a difference. Also, scanning any downloaded files with AVG before opening/executing/unzipping can be a really good habit.

frogesque
2004-Nov-05, 02:55 AM
Ducking lower'n a duck with lead boots!

Captain Kidd
2004-Nov-05, 03:06 AM
Just you wait, I'll get you back when you least expect it! :D

Removal went fine, Grisoft had a handy-dandy remover ready to use. Still ticked though. Yeah, yeah, I got impatient and opened it too quickly. Iíve been operating under a kinda blasť attitude since Iíve yet to get hit by a virus and this is my first worm. Spyware out the rear until I got Zone Alarm up and running, but nothing worse until now. Oh well.

frogesque
2004-Nov-05, 03:21 AM
Mostly viri are just a pain in the potted plant and not life threatening (unless you get a real nasty boot sector) It's the time and frustration of removing them that's the problem, the key is not to panic and preserve data at all costs. Glad you got it sorted OK

SciFi Chick
2004-Nov-05, 04:43 AM
As long as someone has brought up the subject of viruses, do I need to be worried about the Ramel virus that has invaded my hard drive? I'm a little scared of the instructions I found for removing it, so I've just kinda been living with it and wondering if it's a time bomb waiting to go off. 8-[

Tranquility
2004-Nov-05, 10:07 AM
As long as someone has brought up the subject of viruses, do I need to be worried about the Ramel virus that has invaded my hard drive? I'm a little scared of the instructions I found for removing it, so I've just kinda been living with it and wondering if it's a time bomb waiting to go off. 8-[

Ramel virus? Couldn't find any info on it...

Captain Kidd
2004-Nov-05, 12:11 PM
As long as someone has brought up the subject of viruses, do I need to be worried about the Ramel virus that has invaded my hard drive? I'm a little scared of the instructions I found for removing it, so I've just kinda been living with it and wondering if it's a time bomb waiting to go off. 8-[The first set of instructions I came across was 5 printed pages and involved everything from deleting files to digging into the registry. Uh...no, did that once and had to reinstall the OS. Try looking a bit further, like on the Symantic site, there should be a remover tool somewhere. So much easier. :)

Wally
2004-Nov-05, 12:38 PM
don't most AV products scan email attachments automatically? I know Norton does. I use to get several viral emails a day (before I had filters set), and the attachments were always deleted and replaced with a text note stating Norton had detected such-and-such a virus in the attachment, and that it had been deleted. Always felt pretty safe that way.

Captain Kidd
2004-Nov-05, 01:46 PM
I don't download my emails, I figure one of the safest things to do is not use Outlook at home. I read them online, Comcast and Hotmail have AV scanners, the one I use to access the server email is a bit simpler (Horde, came with it and pretty handy), but doesn't scan the attachments. So It was my fault for blindly proceeding.