Last night a friend of mine got his computer infected with a virus. He
opened an email from a trusted source, it had attachments, pictures of
his friends dogs. AVG put up the notice that a virus threat was
detected and asked if it should it be moved to the vault. So my friend
clicks yes and then instantly he gets the message across the bottom of
the screen "HARD DRIVE FAILURE". So he shut the computer down and
called his friend from whom he recieved the email. This guy knows
computers pretty well and even though his email contained the virus
none of his computers were infected. Anyway, he told my friend to
restart his computer and press the F2 key. He does that and the BIOS
recognized his hard drive. So he thinks that the drive is probably OK
but is taking it to a local computer repair place to have them fix the
drive. I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus
is bad enough that I'm leery of opening any emails even from trusted
sources. Comments anyone?
Eric

wrote:
Last night a friend of mine got his computer infected with a virus. He
opened an email from a trusted source, it had attachments, pictures of
his friends dogs. AVG put up the notice that a virus threat was
detected and asked if it should it be moved to the vault. So my friend
clicks yes and then instantly he gets the message across the bottom of
the screen "HARD DRIVE FAILURE". So he shut the computer down and
called his friend from whom he recieved the email. This guy knows
computers pretty well and even though his email contained the virus
none of his computers were infected. Anyway, he told my friend to
restart his computer and press the F2 key. He does that and the BIOS
recognized his hard drive. So he thinks that the drive is probably OK
but is taking it to a local computer repair place to have them fix the
drive. I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus
is bad enough that I'm leery of opening any emails even from trusted
sources. Comments anyone?
Eric

Hi Eric,

Most likely explanation is that this email did not really come from
your friend. It probably came from someone else who DOES have the
virus and has your friend's email address in his address book.

That's often how these things work.

But for better protection, dump AVG immediately and get a subscription
to Vipre.

When I got hit a few weeks back (an Earthlink security issue actually)
Vipre was the only one that could identify the culprit.
I'm very happy with it and it's not expensive at all.

http://www.vipreantivirus.com/Software/VIPRE-Antivirus/

Oh, lastly, your hard drive is probably just fine, but getting
that crud scraped off may be a challenge.


--

Richard Lamb
http://www.home.earthlink.net/~cavelamb
http://www.home.earthlink.net/~sv_temptress

"CaveLamb" wrote in message
m...
wrote:
Last night a friend of mine got his computer infected with a virus. He
opened an email from a trusted source, it had attachments, pictures of
his friends dogs. AVG put up the notice that a virus threat was
detected and asked if it should it be moved to the vault. So my friend
clicks yes and then instantly he gets the message across the bottom of
the screen "HARD DRIVE FAILURE". So he shut the computer down and
called his friend from whom he recieved the email. This guy knows
computers pretty well and even though his email contained the virus
none of his computers were infected. Anyway, he told my friend to
restart his computer and press the F2 key. He does that and the BIOS
recognized his hard drive. So he thinks that the drive is probably OK
but is taking it to a local computer repair place to have them fix the
drive. I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus
is bad enough that I'm leery of opening any emails even from trusted
sources. Comments anyone?
Eric

Hi Eric,

Most likely explanation is that this email did not really come from
your friend. It probably came from someone else who DOES have the
virus and has your friend's email address in his address book.

That's often how these things work.

But for better protection, dump AVG immediately and get a subscription
to Vipre.

When I got hit a few weeks back (an Earthlink security issue actually)
Vipre was the only one that could identify the culprit.
I'm very happy with it and it's not expensive at all.

http://www.vipreantivirus.com/Software/VIPRE-Antivirus/

Oh, lastly, your hard drive is probably just fine, but getting
that crud scraped off may be a challenge.

That vipre looks pretty good, $50 for apparently unlimited pyooters -- which
almost seems too good to be true....
The tech help, if true and useful, is a big plus, as well.

I use TrendMicro, and just recently got a trojan in a windows dll that can't
be eradicated by the program, and of course they won't tell you what to do.

Trend is better than the virus we know as Symantec Norton -- a ****ty ripoff
company if there ever was one -- but I think Trend is getting too big for
its britches as well.
--
EA




--

Richard Lamb
http://www.home.earthlink.net/~cavelamb
http://www.home.earthlink.net/~sv_temptress

On Wed, 25 May 2011 15:47:49 +0000 (UTC), wrote:

Last night a friend of mine got his computer infected with a virus. He
opened an email from a trusted source, it had attachments, pictures of
his friends dogs. AVG put up the notice that a virus threat was
detected and asked if it should it be moved to the vault. So my friend
clicks yes and then instantly he gets the message across the bottom of
the screen "HARD DRIVE FAILURE". So he shut the computer down and
called his friend from whom he recieved the email. This guy knows
computers pretty well and even though his email contained the virus
none of his computers were infected. Anyway, he told my friend to
restart his computer and press the F2 key. He does that and the BIOS
recognized his hard drive. So he thinks that the drive is probably OK
but is taking it to a local computer repair place to have them fix the
drive.

They'll probably use a high-dollar viruscanner and find a few dozen
virii the others missed.


I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus
is bad enough that I'm leery of opening any emails even from trusted
sources. Comments anyone?

Update your virus definitions daily (at minimum) and use a backup
check at least weekly to catch those the first one missed.

I use Microsoft Security Essentials (Norton -is- a virus, McAffee has
been totally unreachable in an emergency (for a client), AVG and Avast
missed some data logging virii in the past) along with Advanced System
Care.

And usually, when I'm downloading something, I keep a copy of Task
Manager open to close virus installers without using the keys in that
affected program.

--
Education should provide the tools for a widening and deepening
of life, for increased appreciation of all one sees or experiences.
It should equip a person to live life well, to understand what is
happening around him, for to live life well one must live life with
awareness. -- Louis L'Amour

Virus scanners do not detect webpages with fake scanners on them. When you
hot "OK" you have installed it.

--------------

"Larry Jaques" wrote in message
...
Update your virus definitions daily (at minimum) and use a backup
check at least weekly to catch those the first one missed.

I use Microsoft Security Essentials (Norton -is- a virus, McAffee has
been totally unreachable in an emergency (for a client), AVG and Avast
missed some data logging virii in the past) along with Advanced System
Care.

And usually, when I'm downloading something, I keep a copy of Task
Manager open to close virus installers without using the keys in that
affected program.

--
Education should provide the tools for a widening and deepening
of life, for increased appreciation of all one sees or experiences.
It should equip a person to live life well, to understand what is
happening around him, for to live life well one must live life with
awareness. -- Louis L'Amour

On 5/25/2011 10:47 AM, wrote:
Last night a friend of mine got his computer infected with a virus. He
opened an email from a trusted source, it had attachments, pictures of
his friends dogs. AVG put up the notice that a virus threat was
detected and asked if it should it be moved to the vault. So my friend
clicks yes and then instantly he gets the message across the bottom of
the screen "HARD DRIVE FAILURE". So he shut the computer down and
called his friend from whom he recieved the email. This guy knows
computers pretty well and even though his email contained the virus
none of his computers were infected. Anyway, he told my friend to
restart his computer and press the F2 key. He does that and the BIOS
recognized his hard drive. So he thinks that the drive is probably OK
but is taking it to a local computer repair place to have them fix the
drive. I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus
is bad enough that I'm leery of opening any emails even from trusted
sources. Comments anyone?
Eric

The best defense for viruses I have heard of (and what I use) is as
follows:

1) to put in a second slave drive (of a different size than the main
drive) to the computer, store all your important files on that. The
reason is that many destructive viruses will scramble the file system
index, but only of the main hard drive (that the OS is running off of).
When you reformat an infected system, the reformatting software will
show the hard drive sizes, so you can tell from that which one is which.
.....
Also, just making a separate partition on the same drive, is not the
same thing as adding another physical hard drive. You need to get a
second hard drive installed, so that it resides on another disk controller.

2) run an antivirus, anything that is current (I use the Microsoft free
one) but do not expect it will save you every time. No antivirus program
catches everything all the time. Go to any support forum for any
antivirus program and you will see plenty of people outraged about the
one virus the program did not stop.

3) use Firefox with the NoScript plugin, which will block a large number
of javascript attacks. Only give actual websites permanent NoScript
permissions, and look through the NoScript whitelist every now and then
to make sure nothing is in there that shouldn't be. Don't use Internet
Explorer at all. For email, don't use Outlook, Thunderbird is a safer
alternative.

4) install the Adobe and the Foxit PDF readers, but DO NOT set either
Foxit or Adobe reader as the default PDF plugin. The reason for this is
that then whenever the browser gets a PDF file, it will stop and ask you
which one to use. If you know the file source is trusted, use Adobe to
view it--otherwise, use Foxit. Foxit does not have all the features that
Adobe has, but Foxit also doesn't have the virus vulnerabilities that
the Adobe plugin has either.

5) lastly, expect failure. Have the OS system disk and all your siftware
CD's/registration info in one place, so you can easily reinstall
everything when you need to. You can easily spend 2-3+ hours chasing
down a virus, trying to figure out exactly what it is and how to remove
it, and even then you cannot be sure that it is 100% removed or that it
didn't let something else in,,,,,,,, or you can reformat the MAIN hard
drive and reinstall everything in ~1 hour, and then you can be certain
that the virus is 100% gone. Which makes more sense?

On 05/25/2011 10:47 AM, wrote:
Last night a friend of mine got his computer infected with a virus.

Comments anyone?
Well, so far the best virus protection I know of is to run Linux instead
of Windows. I have had my server hacked a few times, but never had
event the slightest problem on my desktop machines. part of the problem
is that Microsoft assumes it should run any program that is sent to you,
whereas Linux assumes you DON'T want to run a program unless you
specifically say to. Of course, the second thing is that a MS
OS-executable virus won't run on Linux, but even the Java scripts
usually try to do something that is not permitted under Linux.

Jon

wrote:

Last night a friend of mine got his computer infected with a virus. He
opened an email from a trusted source, it had attachments, pictures of
his friends dogs. AVG put up the notice that a virus threat was
detected and asked if it should it be moved to the vault. So my friend
clicks yes and then instantly he gets the message across the bottom of
the screen "HARD DRIVE FAILURE". So he shut the computer down and
called his friend from whom he recieved the email. This guy knows
computers pretty well and even though his email contained the virus
none of his computers were infected. Anyway, he told my friend to
restart his computer and press the F2 key. He does that and the BIOS
recognized his hard drive. So he thinks that the drive is probably OK
but is taking it to a local computer repair place to have them fix the
drive. I use AVG and Agent. He uses Yahoo and Outlook AVG. This virus
is bad enough that I'm leery of opening any emails even from trusted
sources. Comments anyone?
Eric

Never, ever log in as ADMINISTRATOR when doing anything but administrative
tasks, and when logging in as ADMINISTRATOR (to install new software or
change settings or add normal users, like yourself), unplug the network
first.

Then log on as an ordinary user, with no privileges.

Good Luck!
Rich

On May 25, 2:40*pm, DougC wrote:
...
The best defense for viruses I have heard of (and what I use) is as
follows:

1) to put in a second slave drive (of a different size than the main
drive) to the computer, store all your important files on that. The
reason is that many destructive viruses will scramble the file system
index, but only of the main hard drive (that the OS is running off of).
When you reformat an infected system, the reformatting software will
show the hard drive sizes, so you can tell from that which one is which.
....
Also, just making a separate partition on the same drive, is not the
same thing as adding another physical hard drive. You need to get a
second hard drive installed, so that it resides on another disk controller.

On May 25, 5:40*pm, Rich Grise wrote:
...
Never, ever log in as ADMINISTRATOR when doing anything but administrative
tasks, and when logging in as ADMINISTRATOR (to install new software or
change settings or add normal users, like yourself), unplug the network
first.

Then log on as an ordinary user, with no privileges.
Rich-

I have a restricted user account to surf, an administrator account to
update or install programs, and another administrator account that
never goes online to manually explore and clean out the \Cookies,
\Temp, \Recent and \Temporary Internet Files folders of the other two.
In XP an administrator can't completely examine its own \Local
Settings.

You need to turn off Simpleminded File Sharing to fine-tune account
priviledges, and enable viewing Hidden and System files to clean out
the trash.

jsw

On 2011-05-25, Jon Elson wrote:
On 05/25/2011 10:47 AM, wrote:
Last night a friend of mine got his computer infected with a virus.

Comments anyone?
Well, so far the best virus protection I know of is to run Linux instead
of Windows. I have had my server hacked a few times, but never had
event the slightest problem on my desktop machines. part of the problem
is that Microsoft assumes it should run any program that is sent to you,
whereas Linux assumes you DON'T want to run a program unless you
specifically say to. Of course, the second thing is that a MS
OS-executable virus won't run on Linux, but even the Java scripts
usually try to do something that is not permitted under Linux.

Jon

I run Linux on desktops and servers, and I was never hacked.

i

On May 25, 6:51*pm, Ignoramus23924 ignoramus23...@NOSPAM.
23924.invalid wrote:
...
I run Linux on desktops and servers, and I was never hacked.
i

I need to stay in practice to administer clients' lab computers,
generally former front-office machines.

The last time I used a Linux system at work I was yelled at for
knowing and using more of it than its owner did.

jsw

Ignoramus23924 wrote:
On 2011-05-25, Jon Elson wrote:
On 05/25/2011 10:47 AM, wrote:
Last night a friend of mine got his computer infected with a virus.
Comments anyone?
Well, so far the best virus protection I know of is to run Linux instead
of Windows. I have had my server hacked a few times, but never had
event the slightest problem on my desktop machines. part of the problem
is that Microsoft assumes it should run any program that is sent to you,
whereas Linux assumes you DON'T want to run a program unless you
specifically say to. Of course, the second thing is that a MS
OS-executable virus won't run on Linux, but even the Java scripts
usually try to do something that is not permitted under Linux.

Jon

I run Linux on desktops and servers, and I was never hacked.

i


I run CAD and video software that won't run under Nix...

So there!

--

Richard Lamb
http://www.home.earthlink.net/~cavelamb
http://www.home.earthlink.net/~sv_temptress

Josepi wrote:
You haven't experienced Win 7. Nothing runs unless you have OKed it now
or before as a rule.

HTML code and Java run and that is what these viruses are written in
until you install the meat and potatoes of it by clicking to "SCAN" or
"clean" then out. These viruses emulate and look exactly like your
installed scanner and fool the user.

Linux and other rare O/Ses are only behind in development of nasties as
their isn't a large enough audience to warrant grandstanding to them.

----------

"Jon Elson" wrote in message


Or large enough base to warrant useful applications, for that matter...


--

Richard Lamb
http://www.home.earthlink.net/~cavelamb
http://www.home.earthlink.net/~sv_temptress

Ignoramus23924 wrote:


I run Linux on desktops and servers, and I was never hacked.

There were a few weaknesses in earlier linux versions. One of the
hacks allowed alterations of the scripts that would be called to run
a remote print job. Apache also had a vulnerability.

There were also a few other unsuccessful attempts that scared me, but
nobody was able to do much except use my system to store files for
nefarious uses. I had a wiki here for a while, but shut it down when
it was used that way.

Anyway, I installed denyhosts and set very tight limits on failed login
attempts, and it has been enormously successful in keeping the hacker
botnets locked out. Each IP in a botnet only gets two login failures
every 2 weeks, if they exceed that then that IP gets locked out for months.
The botnets actually probe to find the limits of my security, I can see
them limiting their probing to stay off the hosts.deny list, but at that
rate they will NEVER crack my passwords. Active accounts are EXTREMELY
limited on the server.

But, a desktop behind a firewall with bare minimum servers and no IP access
to the WAN should NEVER be able to be compromised. If it is, then it is
due to appallingly stupid OS security. It is totally incomprehensible why
MicroSoft is STILL having vulnerabilities discovered in their OS after all
the publicity of their weaknesses.

Jon

CaveLamb wrote:

Ignoramus23924 wrote:

I run Linux on desktops and servers, and I was never hacked.

i


I run CAD and video software that won't run under Nix...
Yup, I have a number of CAD applications that need some kind of
Windows. So, I run Win 2K Pro as a guest OS under Linux via VMware, and
never do web surfing using the Windows system. Win 2K runs reliably for
months in this environment, much better than it does on real hardware.

Jon

Josepi wrote:



Linux and other rare O/Ses are only behind in development of nasties as
their isn't a large enough audience to warrant grandstanding to them.

Right there is a good reason to run Linux. Reducing the size of my "target"
is a perfectly good strategy!

Jon

Ran the "oddball" O/Ses back in the 80s and fought the sheeple. The support
was very poor and the apps were very low in quantity. Had enough.

Now I stick with the massive support base O/S and the crowd. Done fighting
only to be obsolete every year and replacing worn out wallets..

--------------

"Jon Elson" wrote in message
...
Right there is a good reason to run Linux. Reducing the size of my "target"
is a perfectly good strategy!

Jon

On Wed, 25 May 2011 15:10:51 -0500, Jon Elson
wrote:

On 05/25/2011 10:47 AM, wrote:
Last night a friend of mine got his computer infected with a virus.

Comments anyone?
Well, so far the best virus protection I know of is to run Linux instead
of Windows. I have had my server hacked a few times, but never had
event the slightest problem on my desktop machines. part of the problem
is that Microsoft assumes it should run any program that is sent to you,
whereas Linux assumes you DON'T want to run a program unless you
specifically say to. Of course, the second thing is that a MS
OS-executable virus won't run on Linux, but even the Java scripts
usually try to do something that is not permitted under Linux.

Jon
I just wanted to say thanks to everyone who posted comments about the
virus I posted about. It turns out that my friend did indeed recieve a
hijacked email. Even though it looked like it came from his friend
with pictures of his dogs his friend had not sent my friend that
email, instead, he had sent it to someone else and somewhere along the
line the email was hijacked. And also, when my friend clicked on the
message about whether to put the virus in a vault that was when the
virus did its dirty work. It's nice to be able to get some good info
from several folks about things which I don't know so much about.
Niether does my friend. When I told him what I read in the posts he
confirmed it all because that's what the computer repair place told
him.
Eric

On 2011-05-26, Josepi J.R.M wrote:
You haven't experienced Win 7. Nothing runs unless you have OKed it now or
before as a rule.

HTML code and Java run and that is what these viruses are written in until
you install the meat and potatoes of it by clicking to "SCAN" or "clean"
then out. These viruses emulate and look exactly like your installed scanner
and fool the user.

Linux and other rare O/Ses are only behind in development of nasties as
their isn't a large enough audience to warrant grandstanding to them.

There also isn't as much of the "If this is executable, let's
run it and *then* ask the user whether he *wants* it to run."
philosophy. And things which are executable, but don't *look*
executable, such as ".scr" (screensaver) files. And, based on some
virus e-mails which I have received, also you can have something with an
extension for something like an image (e.g. ".jpg", which actually is a
".exe" file (as determined by the "magic numbers" embedded, and
apparently, the e-mail program does not pay attention to the extension
and pass it to the proper program, but instead tries to execute it,
depending on the system to pass it to the proper program -- thus
cheerfully running the virus for you. :-) (Yes, I have seen these, but I
don't use Windows to read e-mail -- or do much of anything else. :-)

Enjoy,
DoN.

--
Remove oil spill source from e-mail
Email: | Voice (all times): (703) 938-4564
(too) near Washington D.C. | http://www.d-and-d.com/dnichols/DoN.html
--- Black Holes are where God is dividing by zero ---