Hey guys.. just a head's up. I updated my charter f-secure virus program today, and doing a routine scan, it picked up 23 virus files picked up in the last 3 days. One appears to be a japanese trojan downloader, and all 3 were found in my internet explorer cache folder. The only japanese websites I visited in the last 3 days, were on a google search, to find the definition of Namihei, and then I only visited 2 sites before giving up. (It appears to refer to humorous images) It is possible someone else dumped these on the sites we got our namihei files from, or it is also possible that I got these from the 2 other sites I visited, but either way, do a virus check of your internet explorer chance, just to be safe. (If you are not sure, the scan c:documents and settings.) Clearing your internet cache from explorer may also delete them if they are present. Anyway, here is the report with the file names that were uncovered. C:Documents and SettingsGareeeLocal SettingsTemporary Internet FilesContent.IE5SFTZQQRDA571A97A[1].0S Infection: Trojan-Downloader.JS.Small.af Action: Deleted. C:Documents and SettingsGareeeLocal SettingsTemporary Internet FilesContent.IE5OHENGP2BCRACK22A[1].0XE Infection: Trojan-Dropper.Win32.ExeBundle.286 Action: Deleted. C:Documents and SettingsGareeeLocal SettingsTemporary Internet FilesContent.IE5MLNKP8VYysb_regular[1].cabysbactivex.dll Infection: Trojan-Downloader.Win32.IstBar.gen

As a followup, it appears the last one did not get activated, and did not infest my system (it may have been my virus protection), however if you do discover it, and it has been activated, here is the cleanup proceedure: http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453087805

I downloaded the Namihei files, and the WW package. No viruses here. I just went to PCPitstop and ran a virus scan, and it came up clean. (Don't have an antivirus program of my own. I've never really needed one. Though if I had kids downloading who knows what off the net, it would be a different story.)

I think Namihei is what that hair is called. Bald on top, except one hair. At least, that what Google Images suggests.

IE has the ability of collect virus, spies and all kind of crap from any possible place. Don't use it!

It's not the 3 Japanese sites where we downloaded Namihei stuff or WonderWoman because my cache is all clean. And I visited lots of Japanese sites in the last few days following links on the 3 main sites. I also have Norton Internet security that works all the time but it didn't alert me on any of those sites. France

I should think that with all the crap that's online if you even have an internet connection, you need an anti virus program. My favorite is AVG Free. Easy to use, takes up little room and does not screw up most installations or other stuff the way Norton Antivirus and other programs often do. No fees for updates either, unless you need to buy the professional version. You can get it here: http://www.grisoft.com And thanks for the heads up, I'm scanning my system right now.

Cool. I wasn;t sure if I got it from the googling and browsing unknown japanese websites, or if someone had plopped something on one of the namihei websites. Ya never know these days, but it pays to play it safe. Kaweci: It remains that IE is the most popular and used browser on PC platforms. And many virus authors are now targetting Firefox and other optional browsers as well, so none are safe. Best best is to run a virus program at all times with connected (and since I have a cable connect, that's all the time.)

There is a big difference between IE and Firefox/Mozilla/Netscape. The structure of IE make it very easy to be attacked by virus, spies and hijacked by hackers, Microsoft and other companies and sites. Firefox/Netscape/Mozilla on the other side are autonomous, don't use the Windows structure/active X/Java for running, so is very diificult to be attacked and if you turn of Java (which cannot be done with IE) these browser become 100% inmune. I have a DSL conection, no firewall installed, use P2P, rarely use IE and haven't any active antivirus. Only run the antivirus once a month or use it to test a specific file that I have doubts about. I have no reports of virus for some years. Spies are very much common and are only installed if you use IE or install some comercial programs.

I should think that with all the crap that's online if you even have an internet connection, you need an anti virus program.

Not me. But don't do what I do. Unless you know what you're doing. :-)

Admittedly, I'm not typical. No one else uses my computer. And I'm reasonably computer savvy. I have Windows set to show me the file extensions, so I won't be fooled by those filename.jpg.exe type of spoofs. I don't use Outlook, which is, IMO, the single easiest way to avoid viruses. I use Firefox now, but even when I used IE, I never got hijacked or anything. My security settings were pretty high, and I don't generally visit risky sites. For a long time, I used Netscape 3 to web surf, because it has no Java and therefore automatically blocked popups and disabled those "no right click" scripts.

I do have a firewall installed; wouldn't be without one. And I run Ad-Aware and Spybot regularly. No antivirus software, though, and I've never needed it.

When Blaster hit, my entire office computer system when down, and so did many of my coworkers' home computers. But I had a firewall. So I ended up downloading the fix for them, and passing it out on floppy disks. (And no, I'm not a network admin or anything. But somehow, I always end up telling the actual network admins where to download patches, that Good Times isn't real virus, etc.)

Anyway, I've been using computers for almost 25 years, and online for over 10 years, and I've never gotten a virus. For me, antivirus programs are more trouble than they're worth. They eat up system resources. They give a lot of false positives. They cause glitches with a lot of other programs. And they don't do anything terribly useful, at least for me. YMMV. I would certainly have one if there were kids in the house, especially if they were bringing home disks from school. But for just me...they're like child-proof caps on a medicine bottle. Nothing but a pain.

If you run some antivirus you get the report of virus found in some old DOS programs made by me!

Oh, BTW edit the first post.. it was 2-3 not 23.. ;)

Gareee I picked up all the goodies and surf a lot of Japanesse sites and no alarm from Norton or Ad-Aware. Both are continually updated and running when I am online.

What makes you say it is a Japanesse trojan virus anyway? Did it orginate there and then spread? That bottom one is really old, over a year, if you just got it your protection should have sounded an alarm before you updated it is not a new trojan. Protection should have already been there, assuming you had protection on of course.

For those worried, of course run a full scan, I do them once a week anyway, even though I only surf with protection on. Last night in fact, no virus's.

I personally have no doubt in my mind that I DID NOT get a virus from the files or site visits that I made in my participation in the Namihei April Fool.

Appreciate that you were trying to give everyone a heads up but perhaps your heading was a bit alarming, based on your suspicion and no proof, even if it did have the word possible in it. :-) Just MHO :-)

My scan showed no viruses either and I have those files, tho' I haven't used them yet. (Too lazy, I guess. ;-) Could the bugs you found have been lurking somewhere on your system all along but you just didn't notice them until recently? I've had that happen to me a couple of times thanks to IE. A Trojan downloaded but the folder was hidden, I had to hunt for & root it out manually -- thank goodness it hadn't activated before I found it.

8-)

Why would I apologize for a possible virus alert? For all we know, I'm not the only one who will find this, and I'm MUCH rather be wrong, and err with caution, then NOT report this, and suddenly find that 10 people have system issues because I did NOT report this! And I never accused anyone of maliciously attempting to spread a virus, I suggested that checking might be a good idea, Magoo.

you directly suggested that 3 fine upstanding members of the poser community might have passed a virus. without any proff that they did. enough said!

So I guess you totally skimmed over this sentence? "It is possible someone else dumped these on the sites we got our namihei files from, or it is also possible that I got these from the 2 other sites I visited, but either way, do a virus check of your internet explorer chance, just to be safe."

znd the use of NAMIHEI in the heading makes me think of betty boop... yeah right. hehe ;-)

MMMMmmmmm...... Betty Boop... Mmmmmmmmm!!!

also... i'd like to add, that i meant "proof & and"
hehe ;-)

Message edited on: 04/03/2005 15:23

Gareee, I didn't think you were accusing anyone and I appreciate the fact that you alerted us to a POSSIBLE threat. I am French speaking so I checked in the dictionary to make sure the word means the same thing in English as it does in French... It does:

Webster's New Collegiate Dictionary

possible = being something that MAY or MAY NOT occur

Don't worry about people whose only goal in life is trying to find faults in others.

France

Brydie, can't find a AVG Free at that url...

Oh, I dismissed him after my last post.... you can either try to be a positive contributor to the community, or be a trouble maker...

Sorry about that. The Free AVG page is here: http://free.grisoft.com/freeweb.php Other URL goes to the company site and the link's pretty much buried by all the commercial stuff there.

Attached Link: http://www.mozilla.org/products/firefox/

**My Mantra... Use Firefox..use Firefox...use Firefox.... Dump IE, it's crap and I've picked up more garbage on my computer in the past from it that had cause me massive migraines and sleepless nights straigthening it all out. I've not had a problem one since I switched to Firefox. Any time I "have" to use IE to access a site I get in trouble. I also run Norton, Zone Alarm Pro and Pest Patrol actively and do a double-check scan for spyware with Ad-aware and Spybot. Seriously..you won't regret switching!

I use AVG and I only downloaded one of the Namihei files, the hair and AVG found the same three items in my IE cookies area. Thanks for the Alert Gareee. Some people appreciate warnings and don't shoot messengers.

I've been using computers for almost 25 years, and online for over 10 years, and I've never gotten a virus. Me too, on the first part of that sentence. On the latter, I HAVE occasionally picked up nasty things now and then, which is why I do run a virus scanner (and a personal firewall, and a couple of spyware thingies because spyware is FAR too common!). I used to be very casual about all of it, la la, I know what I'm doing, nothing can affect me... until I downloaded a (legal) file that had a little problem and half my files got infected... I will admit it didn't do anything to the computer, especially, but it kept replicating and it was a big pain in the arse to get rid of. My personal advice to nobody in particular and based on experience and having been a support tech is to do whatever you can to keep these bastards off your system. They're getting more and more sneaky all the time. And DON'T USE IE. Not only are there BETTER browsers, it's the worst thing you can use if you want to keep your system clean. bonni

I've had a virus on 2 separate occasions. Ironically both were acquired the same day I switched operating systems. 1. Windows 98SE to Windows 2000 and hooked up to the net to get my virus signatures updated. Bam, virus immediately upon connecting to the net. 2. New laptop with Windows XP Home. No internet connection on it for 6 months, and immediately upon logging onto the net to get Virus Scan updates I get a virus just from logging to the net. I cleaned it and tried again, bam, same virus. Rinse and repeat. Finally I just carried on with the virus on my computer until I had downloaded my MS updates and Virus Scan signatures and then cleaned it. Have been virus free ever since.

Oh, I had that "hit with a virus immediately upon logging on" thing when I reformatted one of my computers. I had installed the OS and was just on my way to M$ to get the updates and before I could get there WHAM. VERY irritating, to say the least. bonni

LOL, I don't take any chances now. I run a firewall, an up-to-date virus scanner, as well as connect through a router. It seems that both my OS are extremely vulnerable to being on the net and are virus magnets. I found out that adware can cause your computer to behave as though it has a virus. Last year my ISP cut off my email ability because apparently my computer was sending out hundreds of emails without my knowing about it. I did a virus scan with my eTrust Anti Virus scanner, and did an online one through my ISP and one through another site. I also did an online Trojan scan, and all of that showed my computer clean. I next downloaded the newest versions of Spybot and Adware and got new signatures for those and found almost 300 spyware files on my one computer. After I reported back my findings, they gave me back email ability and had no further problems. I'm extremely cautious about emails. I NEVER open email attachments from anyone, even friends, without first saving it to my hard drive and scanning it. I also don't preview my emails in Outlook. So it's a good idea to use tried and proven anti-spyware programs. I have a Dell and in one of their notices to me provided a link to yet another spyware scanner. I did the online one and found that it picked out files from 5 of my graphic applications. Had I deleted them my programs would have been nonfunctional. So all spyware programs are not built the same.

The stupidity is just endless on this forum lately. ::eyerolls::

Quote - The stupidity is just endless on this forum lately. ::eyerolls::

Gosh, it's a discussion board. Why do you allow yourself to get so stressed over it? Maybe you need to take a break from them if everything is rubbing you the wrong way?

Can someone explain to me how you can get hit with a virus alert just by logging on to the internet? I've had that happen several times (Yahoo is my homepage) and it's always been blocked by Norton but I don't understand how it happens. Where does it come from?

There are a few virii out there that actually spew forth from an infected machine. They just randomly follow the network, and then attach themselves to any computer they find that has the right vulnerability, where they settle in and start spewing more...

bonni

Message edited on: 04/04/2005 07:55

Wow that simple huh? Makes you wonder about people's computers that have no firewall or antivirus protection. No wonder these things spew out like poison.

There are also programs that run from websites, called trojans (like the trojan horse). They are downloaded along with website content, and when activated, dpwnload the real virus program(s). If the webpage you happen to log onto gets "hacked" (In other words, somene else manages to get into their website setup, and changes it), then just by logging on, you get get infected.

The only way and is the only way that a computer can get infected by a virus is to download the virus and execute the code. Downloading is not enough you must execute it!
For example, if you receive an email with a virus attachment and execute the attachment you get infected.
This is common to all browsers, but here is the big difference between them:
With IE/Outlook if you click on attachedvirus.exe it executes and install the virus.
With other browsers clicking on attachedvirus.exe opens dialog box for "save as" the attachedvirus.exe in some folder.
So you must save the virus first and you must execute the saved file to be infected. This is a two pass routine that eliminate any possible infection by an accidental clicking.

Part II
Again, the only way to get infected is to download a virus and execute it.
Microsoft has created the ways and opened the gates of hell for IE downloading a file and authomaticaly execute it without your knowledge, so going to a malicious site or Microsoft "secure" site that is hacked, you got infected by virus. Virus are not very common in sites, but any kind of spies, popups installers, browser redirectors, etc are very common and incentived by Micro$oft and partners as compulsory propaganda in your computer. The goal is for every five minutes that you are working on something in your computer, opens a windows with some advertising selling you something! Buy, Buy, Buy, Buy!
With browsers like Mozilla/Firefox/Netscape this is not possible.

Message edited on: 04/04/2005 12:58

Yeah, even sites you think safe often aren't. The MS page itself gave me a virus when I went there to get an update. And a couple more got downloaded from RDNA. Which was NOT at all to blame, the damn Trojan hitched a ride by way of spyware I hadn't even known was on my computer (it somehow missed the last sweep but Spy Subtract rooted it out quite nicely). And yes, IE was the browser I had on at the time. I never use the damn thing now unless absolutely necessary and you can be sure I clean up my cache & temp files as well as run a virus scan afterwards.

Message edited on: 04/04/2005 13:22