can anyone help me with security problems on my computer? (1 Viewer)

[Sam E. Torres]

okay, so one day i get on my computer, and i start seeing these little envelope icons all over the place. i dismissed them as something that was possibly placed there by someone else in my family because it had names like "tax and security" and such...so then i realize that these are some viruses or something, because they are all over the place, in every single folder. i went under find and deleted all of them, since they are all outlook express files...i unplug my connection, and i come back, and they're all back. i shut down my computer and it says that another user is logged on and it asks me if i want to disconnect them...it's some weird stuff, i don't know how to get it off my computer. it seems everywhere i go, people just tell me to get virus software-mcaffee won't work for some reason, i don't know why...if someone can give me some links to some virus software or any software that would disable these guys from logging on my computer and putting these files on here, it would be appreciated immensely. thank you.

 

[Bruce N]

You definitely have the Nimda virus on your computer. Read about it more at Link Removed .
I'd suggest going to the store and buying a copy of Norton Anti-Virus. I prefer it over Macaffee.
Bruce

 

[Kevin P]

I second the recommendation to get Norton AntiVirus. Better yet, get Norton Internet Security 2002--it bundles the anti-virus and a firewall into a single package. Nimda can enter through a vulnerable IIS web server, if you have one running on your system, and the firewall will close that avenue of entry. The anti-virus will help you clean Nimda off and prevent re-infection by it or other viruses in the future.

Also, if you have File and Print Sharing turned on and are on a broadband connection, it's possible that open shares are vulnerable to receiving infected files. Disable sharing, add password protection, or use a firewall to prevent this.

KJP

 

[Jeff Braddock]

I say get a firewall if you are going to continue to be online. There is a good freebee called ZoneAlarm that alot of people really like. Also, there is one called Tiny Personal Firewall. You can probably download both of these at www.zdnet.com

 

[BradK]

So sorry to here about your infection. I have been trying to rid myself of nimda for the last three days. I have over 300 files infected on one computer, and just as many on another here at home. Norton can not repair any of these files, ao I have a whack under quarantine.

PC repair guy just recommended to me to reformat drives and start anew. My question is, what is the best and easiest way to save my mp3's? I have a little over 3 gigs worth. Those, and my I.E. favorites are really all I am worried about saving. Everything else is already on disk, or backed up already. I do have a burner. Thx for help.

P.S. sonuvab#$*^@s who program this crap.........get a life.

 

[Parker Clack]

If you have a burner I would back up all of your mpg3 files to CD. You can also back up your favorites to CD or floppy. Then just format the whole drive and go on.

Parker

 

[Parker Clack]

Sam:

I just sent you an email.

Parker

 

[BradK]

Parker, I have never burned that amount of files on cds before. Does it work the same as making floppys? For example,it says insert disk 2, 3 etc. when you fill up a floppy, until all data downloaded. What about cds? I will need to use 4 or 5 cds for my mp3s. Or is there some way to compress them back as to use less space on cd?

Also, can you tell me how to strictly copy my favorites from I.E.? Can you do that, or do you have to make a back up whole IE? Thanks for help

 

[NickT]

BradK, you can't compress mp3s since they are already compressed. You should have some kind of software that will help you make backup cds of your mp3s. I have an Adaptec program that is simple, you just drag the file or folder and it tells you how much space you have left on the cd. When you've filled it up, it'll burn the disc for you.

You didn't say what your OS was, but in 98/ME, the favorites is located under C:Windows/Favorites. Just copy the folder to a floppy, and after you have reinstalled, just replace the new favorites with the one on your floppy.

 

[Jeff Braddock]

Bradk,

I don't know what burning program you have, but if you have I think you just have to turn off the disc at once option to keep it from converting the mp3's to wav's. Also, you might want to try making a data cd and putting the mp3's on that. I have never tried this method, but I don't know why it wouldn't work.

 

[Kevin P]

Symantec has Nimda repair tools on its website.



Nimda.A repair tool

Nimda.E repair tool



You shouldn't have to reformat your hard drive. Nimda is definitely repairable, just a pain in the butt if a lot of files are infected.



Nimda can exist in several forms--as a virus that infects executables--these can be cleaned by Norton, or as an encoded email or HTML file, these can't be repaired but you can safely delete them. It may also exist in the form of a "dropper" file, or worm file which can't be repaired, but once again that can be deleted.



The problem with Nimda is even if you eradicate it, you still have to close the "hole" that allowed it to enter in the first place. It's like getting bats out of your attic--you have to plug the hole that lets them get in, to avoid getting infected all over again. Unlike most viruses or worms that have only one means of entry (e.g. email), Nimda can enter through email, through a writable share, through an infected file, downloaded from an infected website or through a security hole in IIS, if you are running it.



Following these steps will help you avoid getting infected with Nimda:

1. Install all Microsoft security patches from windowsupdate.com ESPECIALLY if you run IIS, IE or Outlook Express.
2. Install current anti-virus software and keep its definitions up to date. (I recommend Norton Antivirus 2002)
3. Install a firewall, such as Zone Alarm or Norton Personal Firewall (Norton Internet Security gives you the firewall and anti-virus in a single package).
4. Disable file and print sharing, or at least password protect shares to prevent access from outside.
5. Follow standard anti-virus common sense (such as not opening unexpected attachments).[/list=1]
   
   
   
   I have a Linux based firewall on my network, and I get dozens of hits by Nimda infected machines every day. Nowadays a firewall is essential if you have a broadband or always-on internet connection.
   
   
   
   KJP

 

[Parker Clack]

As the others have stated you are going to be able to copy one disc at a time. A CDR can handle up to 650M worth of information so I would just highlight up to that amount on your hard drive and then drag them over to your burner (depending on the software that you use).

The favorites folder is going to be located differently depending on the version of Windows you are running.

Parker

 

[BradK]

Ok, thanks for help everyone. I tried nimda fix Kevin. It (fix tool) said nimda was clear of system, but norton says it is still here in different files which when i run tool , dont go away. I also have back door trojan. and w32.hllw.hai which is in a lot of files. Just by coincedence, they all arrived in a couple days. I am completely riddled with them, and with the small amount of reinstalling programs that I have to do, I think I will just be more comfortable reformatting. I have ME installed right now but have XP on disc, so good chance now to make the switch. Other PC has 98, so will likely leave that system on.

 

[Kevin P]

Wow, Brad, that backdoor trojan could be letting all kinds of nasties in.

Since you're planning on installing XP anyway, you probably should reformat. If the fix tool says you're clean, that means that Nimda isn't active on your system, you just have infected files on your hard drive. If they get in through a share, it's possible that it never became active, unless you double-clicked one of them in Explorer.

After you install XP, make sure to follow the steps I outlined in an earlier post, in order to prevent re-infection by not just Nimda but the backdoor trojans and whatever other nasty critters are lurking on your system. Use Windows Update after installation to get the latest patches, and then put up a firewall and anti-virus pronto.

I assume you have broadband internet access, right? That is, either cable or DSL? If you have this a firewall is a must. I'm amazed at how much junk my firewall keeps out (Nimda is at the top of the list!).

KJP

 

[Andre F]

I'd also vote for Norton Anti-Virus. I'd also say to get a software or even better a hardware firewall.

-Andre F

 

[Sam E. Torres]

really really bad news: i tried downloading anti virus software, and it will not even open up on the computer. it gives me error messages and such. i tried reinstalling microsoft office after deleting it, thinking that it would fix the outlook express situation...now that won't even reinstall. when my computer starts it gives me a message saying something along the lines of "one of the system files is corrupt"...and my sister did some research on this little bastard and apparently it is called a "goner" virus, not nimda. i did run nimda and it said it fixed it, but i still get the little files on my computer(by the way, what the hell do those things do anyway?)...if any of you were going to suggest reinstalling windows-i don't have the discs...so that might be a problem in itself. yeah, this really really really sucks.

 

[Kevin P]

If you're getting .eml files (envelope icons) all over the place, that's not Goner, it's Nimda. Did the Nimda fix tool find anything? You might have to run it several times before it completely cleans everything.
If it turns out you have Goner, Symantec has a removal tool here. For more information on Goner, click here.
You said you were planning on installing XP anyway, you might as well go ahead and do it. Once you do, reinstall Norton AntiVirus and run a full scan to make sure you didn't restore any infected files.
KJP

 

[BradK]

I tried for a week getting rid of Nimda, and a bunch of other germs, but it seems as though I got backdoor trojan, which was just letting in different virus after virus. Norton was simply unable to keep up. It could not fix, delete, or quarantine the majority. I ended up with thousands of infected files. I was flogging a dead horse. I did a complete reformat of hard drive and a fresh install of XP. Things are good now. That was my fix.

 

[Justin Lane]

I have had similar infections on my computers. A couple of suggestions for quick turn around times when redoing your system.

1. Burn all of the most up to date drivers for your hardware to a CD. Especially if you built your own system, this will save you much time searching for a floppy or CD-Rom or going online to download the drivers needed to get your system up and running.

2. In the case of large MP3 collections, either burn them to CD, or if you have multiple computers networked, store a copy of your collection on a couple systems for easy recovery.

3. If you have networked files, always have sharing options set for read only or password protected. Many virus will spread from computer to computer in your network if you have full access settings on shared folders.

J