Earthborn
Terrestrial Intelligence
Is Info[1].zip an important file? If not, just delete it. With Shift+Del instead of Del, it won't go to your Recycle bin and you got rid of it.
If you are unsure it is important, just rename it to something like: "DontOpenHasVirus.!!!". Make sure you also change the file extension .zip to something else that isn't recognized by Windows, so it won't be opened accidentally. It should then be safe to keep it on your harddisk so you can wait to see whether you or your computer can do without it.
If you are unsure it is important, just rename it to something like: "DontOpenHasVirus.!!!". Make sure you also change the file extension .zip to something else that isn't recognized by Windows, so it won't be opened accidentally. It should then be safe to keep it on your harddisk so you can wait to see whether you or your computer can do without it.
ShowMe
Graduate Poster
- Joined
- Jul 25, 2001
- Messages
- 1,350
Beagle.j is the latest variant of the beagle virus.
It is a mass-mailing worm that opens a backdoor on TCP port 2745 & sends your IP to the attacker.
It has its own SMTP engine to spread through email.
It also attempts to replicate through file-sharing networks, such as Kazaa, by dropping itself into the folders that contain "shar" in their names.
Delete it and move on. And be thankful you're running virus protection.
Edited to add:
Info(1).zip is probably a password-protected zip file, and the password would be located in the body of the email message. Antivirus scanners usually can't remove viruses inisde of password protected zip files, since they're encrypted.
It is a mass-mailing worm that opens a backdoor on TCP port 2745 & sends your IP to the attacker.
It has its own SMTP engine to spread through email.
It also attempts to replicate through file-sharing networks, such as Kazaa, by dropping itself into the folders that contain "shar" in their names.
Delete it and move on. And be thankful you're running virus protection.
Edited to add:
Info(1).zip is probably a password-protected zip file, and the password would be located in the body of the email message. Antivirus scanners usually can't remove viruses inisde of password protected zip files, since they're encrypted.
Removal tools for The Beagle viruses.
It's already on your system, and - like many worms - your anti-virus programme can't remove it. It's worth removing because it allows unauthorised remote access to your PC and compromises some security functions.
It's already on your system, and - like many worms - your anti-virus programme can't remove it. It's worth removing because it allows unauthorised remote access to your PC and compromises some security functions.
Earthborn said:
Info[1].zip is the file that came with the e-mail attachment I couldn't find it on my computer I should have known better then to open it used info@myemailsever@.com to trick me into thinking it was just a update.
I used the program from reprise's link it seems to have removed it I'm doing a complete scan just to make sure my thanks to all of the help provided.
I love the Symantec tools because they'll find the little blighters, wherever they're hiding, you don't have to know where they are to remove them. They're also small enough to tuck away in a file for future use.
It isn't just Norton which can't remove them. I use AVG and that couldn't remove the worm I got the other day.
It isn't just Norton which can't remove them. I use AVG and that couldn't remove the worm I got the other day.
michaellee
Muse
- Joined
- Feb 22, 2002
- Messages
- 633
Thankful that Norton was able to do what? Baker has the latest, greatest updated version of Norton Anti-Virus on his machine, and wala, it notifies him his computer is infected with a mass mailing worm. How awesome!. Did Norton prevent this from happening? NO. Can Norton remove the virus? NO.
As long as users insist on blaming Bill Gates for developing Windows with too many exploitable vulnerabilities, and continue to use excuses like "I shouldn't have too worry about that" and "Well I have to read my mail, don't I?", and blindly open up executable Emails or executable Email attachments, purchasing all the "Anti-Virus" programs in the universe is not going to prevent a thing.
1. Norton, McAfee, and the host of other Anti-Virus software programs out there ARE NOT "PROTECTION" or removal programs, they are but virus and worm DETECTION programs.
2. For the users who will forever blindly open email, infect their computers, blame someone else, and spend $$$$ on useless programs, there is only one possible helpful suggestion I can make.
Most of the virus writers executable files are scripts, either VB or Java or Windows script files. The average user NEVER has the need or the occasion to run the Windows Based Scripting Host program, or directly run any script in such a manner.
Change the associated program that opens up these types of files to use NOTEPAD. Then, when you run one of these naughty email script files, it will simply open up in edit format in NOTEPAD.
But, if like Baker, you open up files with .COM, ..EXE, etc.. extensions blindly, you are the only one to blame, and nothing EVER will prevent your system from being infected.
DangerousBeliefs
Graduate Poster
- Joined
- Aug 25, 2003
- Messages
- 1,299
michaellee said:
You don't have kids or a spouse, do you?
Seriously, the levels any kind of file would have to go through to get to me to click on....
Well, Outlook will block most extensions... the SpamPal flags them as spam and throws them in the spam folder... finally, if Norton properly detects, it will delete them.
bignickel
Mad Mod Poet God
All you folks out there who just say 'well, they opened up an email and ran attachment, they deserve it', let me tell you a story:
One night a few weeks, I was surfing the internet, and happened upon a website. Immediately, McAfee thru up a warning about some file in my internet temp folder: infected with suchandsuch virus. I tried deleting it: I wasn't allowed to. I couldn't quarantine it. I wasn't allowed in any way to get rid of it.
I got off the web site. And then found the next day, that my browser had been hijacked. How? Yep, my computer had been infected.
And there it was in the windows folder: a file that was being run by regedit everytime I rebooted. How did the command to add the file's contents to the registery get written to my system files? No idea, since I never clicked 'yes' to anything, or opened up any email.
Evidently: Uncle Bill left a few back doors open when he WED my internet browser to my operating system...
One night a few weeks, I was surfing the internet, and happened upon a website. Immediately, McAfee thru up a warning about some file in my internet temp folder: infected with suchandsuch virus. I tried deleting it: I wasn't allowed to. I couldn't quarantine it. I wasn't allowed in any way to get rid of it.
I got off the web site. And then found the next day, that my browser had been hijacked. How? Yep, my computer had been infected.
And there it was in the windows folder: a file that was being run by regedit everytime I rebooted. How did the command to add the file's contents to the registery get written to my system files? No idea, since I never clicked 'yes' to anything, or opened up any email.
Evidently: Uncle Bill left a few back doors open when he WED my internet browser to my operating system...
ShowMe
Graduate Poster
- Joined
- Jul 25, 2001
- Messages
- 1,350
michaellee said:
If you read the first post there is nothing there about being infected, nor about him opening up the file and running it. There is a virus warning that Norton has detected the virus in the file info(1).zip.
Since this particular virus utilizes a password protected zip file it's understandable that Norton can't remove it.
Given the above information then deleting the file & moving on was the correct way to go.
If someone opens an unexpected executable that has been sent to them then they will get infected. That much we are 100% in agreement on.
However, it is irrefutable the Microsoft has the most vulnerabilities of any operating system. While an arguement can be made that these vulnerabilities exist because of its popularity the fact is: they do exist. Running an antivirus program is essential for the average user since there are many ways a virus can get into your machine. Email is just the most common.
Yes an no. Properly configured they will offer some degree of protection, but if one is depending entirely upon an antivirus program for all of their protection then it's akin to depending upon your airbag when you drive 80 mph, and not buckling your seat belt.
Antivirus programs are hardly "useless". Perhaps for the more technically competent, but there are millions of users out there that don't have that level of skill. To further the car anaology I shouldn't need to know how a combustion engine works to be able to drive.
As for blindly opening email, there is no argument against that. If a user blindly opens attachments then there's not much you can do. Make a ghost image of a clean install so it doesn't take you long to reformat afterwards, I suppose. But that's more cleanup than prevention.
One of the reasons ALL executables are scrubbed at my gateway.
Great idea, for a single computer. I like it.
You can also download noscript.exe from Symantec & put it in your startup folder. This prevent s such programs from being run; also much easier if you are in charge of many machines & can set it up in the login script.
Again, agreed. An educated user is by far the best "antivirus" tool out there.
And this was quite the education, I'll wager.
michaellee
Muse
- Joined
- Feb 22, 2002
- Messages
- 633
posted by ShowMe
I help, over the phone and on-site, in my local area and all over the U.S., almost every possible type of Windows user one could imagine. Just like in all fields, some can be described as dumb, others as competent, and fewer as expert users.
At what level any one of my particular "clients" may be at does not matter to me whatsoever, as I am being paid well to solve the problems and educate and train these users. However, the number one issue that takes and wastes more of my time and the companies that hire me time, is the blatant disregard of certain users to accept any responsibility whatsoever for their actions. No matter what precautions I initially take; hardware/software firewalls, anti-virus programs, keyboard stroke monitoring; death threats, and promises of buckets of hundred dollar bills to those who comply; inevitably I receive the call from an angry company owner who blames me for his workers lack of productivity and repeated computer related problems.
Therefore, sometimes I rant a bit here. I promise to do it again.
Correct. The first post does not say that but...
But now I am knitpicking...My earlier post contained a harsh tone but if I may explain why.
I help, over the phone and on-site, in my local area and all over the U.S., almost every possible type of Windows user one could imagine. Just like in all fields, some can be described as dumb, others as competent, and fewer as expert users.
At what level any one of my particular "clients" may be at does not matter to me whatsoever, as I am being paid well to solve the problems and educate and train these users. However, the number one issue that takes and wastes more of my time and the companies that hire me time, is the blatant disregard of certain users to accept any responsibility whatsoever for their actions. No matter what precautions I initially take; hardware/software firewalls, anti-virus programs, keyboard stroke monitoring; death threats, and promises of buckets of hundred dollar bills to those who comply; inevitably I receive the call from an angry company owner who blames me for his workers lack of productivity and repeated computer related problems.
Therefore, sometimes I rant a bit here. I promise to do it again.
Yes, and thanks for noting and liking my tip.
I believe all education is quite something, be it mine or yours or the upset company owner calling me at 7:30 p.m. on a Sunday night demanding instant satisfaction because his accountant once again opened that email attachment thinking it was a new porn picture....
jimlintott
Master Poster
- Joined
- Jun 9, 2002
- Messages
- 2,893
I have to throw my two cents in here. Any brain dead moron should be able to use a computer with minimal knowledge. That same user should be able to browse any web site and click on any file. The OS should provide the protection.
Maybe if a certain popular OS wouldn't allow software to be installed anonymously or try to run things simply based on the file's name the help desk people could spend their time training their users on using their company's software and getting work done.
Instead we have thousands of lost man hours trying to deal with this stuff. In fact an entire industry was born and thrives because of it. Users think that having their machine 'owned' is normal. They think that crashes are normal. They think that the system getting slower and less reliable over time is normal.
Users should be able to rely on their OS to not allow silly things. I suppose this could make the machine less 'convenient' but it would be more useful than a machine that is running everyone's software but your own. Remember that some machines get infected simply by connecting them to the Internet. That is not the user's fault. It's time we stopped blaming users and put the blame where it belongs.
Underemployed
Muse
- Joined
- Jan 7, 2003
- Messages
- 764
Just as an aside, I often come across .ZIP files that are infected but the anti-virus program claims it cannot do anything to it. This seems to be an inherent feature of all antivirus programs I've seen. Just note the location of the zipped file and delete it like any other.
I guarantee it won't be a desparately needed system file!
I guarantee it won't be a desparately needed system file!
bignickel
Mad Mod Poet God
Tell me about it.
Problem is: I play WWIIOnline, and it's launched from a webpage by some activeX thing or other. If I switch to Opera: will it still work?
Still, that experience was one of many that make me wanna d/l Opera anyway...
Problem is: I play WWIIOnline, and it's launched from a webpage by some activeX thing or other. If I switch to Opera: will it still work?
Still, that experience was one of many that make me wanna d/l Opera anyway...
Cheesy Bagle...
Beagle(Bagle) is being spread by way of ENCRYPTED (password protected) zip files. The password is included in the text of the email and the recipient is lured into opening the zip with the provided password and executing the file contained within. The zip file will have absolutely NO EFFECT on the target system. The exe file contained in the zip is the worm. This exe is also completely innocuous UNTIL the curious user decides to dbl-click it or execute it in some other way.
Long and short...if you receive a password protected zip file, it is perfectly safe to look at its contents...just dont extract or execute the contents.
Also, most virus scanners are capable of un-packing zip files and detecting virii contained within. The prob in the above case is that most virus scanners cannot decrypt a password protected zip file. Therefore the scanner just passes it on through.
(ClamAV is a freeware scanner that CAN scan passowrd protected zips)
M
Underemployed said:
Beagle(Bagle) is being spread by way of ENCRYPTED (password protected) zip files. The password is included in the text of the email and the recipient is lured into opening the zip with the provided password and executing the file contained within. The zip file will have absolutely NO EFFECT on the target system. The exe file contained in the zip is the worm. This exe is also completely innocuous UNTIL the curious user decides to dbl-click it or execute it in some other way.
Long and short...if you receive a password protected zip file, it is perfectly safe to look at its contents...just dont extract or execute the contents.
Also, most virus scanners are capable of un-packing zip files and detecting virii contained within. The prob in the above case is that most virus scanners cannot decrypt a password protected zip file. Therefore the scanner just passes it on through.
(ClamAV is a freeware scanner that CAN scan passowrd protected zips)
M