Re: Wait for it?? Or switch.

From: Bullwinkel J. Moose (quincey.nyc_at_verizon.net)
Date: 06/29/04 

Date: Tue, 29 Jun 2004 04:06:47 GMT

nicely done. But you should also run ad-aware and spybot search and destroy
to get the best cleaning you can. 

-- 
Regards,
Werner
quincey.nyc@nospam.verizon.net
Remove "Nospam" when e-mailing
"Len Robbins" <lenrbush@earthlink.net> wrote in message
news:eJ9WBOXXEHA.212@TK2MSFTNGP12.phx.gbl...
> There seems to be a lot of secrecy about this but once you experience it,
> you want the word to get out. Saturday my wife called me from our store,
> saying that her computer, with all "the important information" was
freaking
> out. Of course, I've stood on my head trying to get her to backup
regularly,
> which she doesn't. Anyways, the computer was freaking out. New icons all
> over the desktop, homepage changed, programs installed, dial-up connection
> popping up,  and a black screen popping up every once in a while saying
hit
> enter. After seeing this mess I thought - REFORMAT. But I did the
following
> which I copied from an email that I sent to my brother:
>
> The first thing that this attack did, of course, was to make the infected
> site the homepage on IE. So I unplugged the phone line to the computer and
> was able to change the homepage to blank. If I would have cleaned the
> computer without doing this, it would have become immediately re-infected.
I
> was able to install the latest dat's that I burned at work after
downloading
> it from McAfee. Then I had to get rid of the programs that it installed.
> Some were on the desktop and some were shortcuts on the desktop that
spoofed
> to where the programs really were. I just shift/deleted the programs
> installed on the desktop (so they wouldn't go into the recycle bin) along
> with some website shortcuts that were put there. As for the other
programs,
> I just had to find them. I went into add/remove programs and deleted what
it
> would let me delete, the others wouldn't delete because they were running
in
> the background. So I hit control/alt/delete and ended their tasks then
> uninstalled them. Then I went into msconfig and unchecked all the stuff
that
> was put in at startup. Then I ran a full virus scan and deleted all the
> viruses. OS is Win98 2nd Edition by the way.
>
> This was my first experience with this sort of mess. I felt like a surgeon
> trying to save the live of a dying patient in the ER. I had to go have a
> cigarette afterwards.
>
> All I can say is everyone be careful and be prepared. They cut the cord on
> the Russian server responsible but I'm sure more can be expected.
>
> Good Luck,
> Len
>
> -- 
> TO REPLY REMOVE "bush" FROM MY EMAIL ADDRESS
>
> Folk Art from Around the World
> thefolkartgallery
>
> "henry baker" <holmes@sherlock.buz> wrote in message
> news:pan.2004.06.28.23.51.23.674000@sherlock.buz...
> > "I hope that Microsoft will come up with a patch soon," said Johannes
> > Ullrich, chief technology officer for the Internet Storm Center, a site
> > that monitors network threats. "Until they do, you basically have two
> > choices: Disable JavaScript in Internet Explorer or install another
> > browser."
> > Non-Microsoft browsers, such as the Opera browser and the Mozilla and
> > Firefox browsers made by the Mozilla Foundation, don't have many of the
> > vulnerable technologies and tend to focus more on just providing
Internet
> > browsing features,
> > The advisory noted that Internet Explorer has had a great many security
> > problems in several of its key technologies, such as Active X scripting,
> > its zone model for security and JavaScript. However, the group pointed
> > out that turning off certain features in IE increases the security.
> >
> > http://zdnet.com.com/2100-1105-5250697.html
> >
> > Don't shoot the messenger - shoot the programmer
> >
>
>
Loading