Virus question

[waiting]

Can a Virus or worm completely destroy a hard drive---making the computer worthless?
Using Windows 98........

[Statica]

Yes it is highly possible.. PE_CIH (alias: CIH, Chernobyl, Win95.CIH, Win32.CIH, W95.CIH V1.2, W95.CIH V1.3, W95.CIH V1.4 ) is one such example.
It not only destroys the HDD but also overwrites the bios. Rendering the drive & system very very hard to recover from.

Along the same lines is the virus PE_CIH.1122, both of these would fall into the virus category

Then you've got PE_MAGISTR.A (Alias: Aliases: MAGISTR.A, W32.Magistr, MAGISTR, TROJ_ARF_JUDGE.A, JUDGE.A, ARF_JUDGE) that is not only polymorphic but also is a worm and/or a virus. It can even trash network drives, much worse in that it corrupts CMOS as well as BIOS.

TROJ_BOMBSIM (Alias: Happy2000) is along another lines. It uses the MBR, and wont let you boot from a clean floppy AT ALL. And every bootup will halt and ask for a subsequent reboot... and so forth.


There are LOADS of others, by the dozen that will render your current version of OS inoperable by trashing the drive / trashing the MBR etc. But all of these are easier to recover from after a repartitioning, formatting etc.

But kiss the data goodbye in all of the aforementioned cases.

HTH

[waiting]

Thats frightening news.

[Kento]

That's why it's important to have a good antivirus program that scans emails and runs in the background. Also read this page:

http://www.symantec.com/avcenter/ven...t.hosting.html

Download and click on the noscript.exe file. It'll disable windows scripting host so that vbs scripts won't run and will help protect you from being infected. That alone won't protect you from all viruses. You still need a good AV program. And if you find that you need windows scripting host just click on it again to re-enable it. It lets you toggle back and forth. But you'll probably never need WSH.

Another good thing to do is locate DELTREE.EXE and right click on it and rename it to DELTREE.OLD. Some if not all of the viruses that wipe your drive use that program to do it. So if deltree.exe is renamed then those viruses can't delete your drive. However if you have any deltree commands in your autoexec.bat then you won't want to do that as those commands use that program. If you find that you need to use a deltree command from dos then first rename deltree.old back to deltree.exe.

[Statica]

Not to contradict your opinion without basis, but Symantec Antivirus is just plain lousy. Its Mail scan is a huge system vulnerability, symantec is bloated, and is frequently the vause of system wide issues. In fact all of Symantec software is a pain to use, and nothing good has come out of them since Norton Disk Doctor for DOS.

On the other hand, good Antivirus software IMO comes from Trend Antivirus PC-Cillin, InoculateIT and to a lesser extent McAfee Associates (last option cos of its bloated code again).

But above all, no matter if you have the best antivirus in the world or if you have 7 of them installed, it ultimately is an issue of common sense.

[Kento]

Well where did I mention Norton antivirus? The Symantec file I referred to disables Windows Scripting Host. But since you brought it up, you're plain wrong about Norton. I and all my friends use it and have never had any problems with it. And I can get alot of testimonials about it from many members on the other boards I cruise. Norton is an excellent AV program in my opinion. You may have had a bad experience with it or know someone else who has but that doesn't mean everyone else will have problems with it. I can tell you for a fact that I have seen numerous people have problems with Pc-Cillin not to mention Inoculateit, Mcafee, and Tauscan. ALL AV programs cause problems for some people. That's a fact. But just because one person had a problem with it doesn't mean someone else will.

[HAL9000]

I've personally never had a problem with Norton and found McAfee to be more of a resource hog than Norton. You have to watch Norton though, on some releases, it's set to scan ALL files ALL the time, of course that's going to slow you down. I just like the fact that I can schedule the updates and it does that all automatically every night. I will agree, NEVER, EVER, install any of the system works package though.

[glc]

I personally use Norton 2001 and am very pleased with it. The e-mail scanner has saved my arse several times. However, you can keep all their other stuff. InoculateIT PE is an EXCELLENT free antivirus.

Even though I am only on a dialup, I stay connected almost 24/7 so I have 3 lines of defense - Zone Alarm, Norton Antivirus, and The Cleaner from Moosoft.

[mhayes]

I as well use Zone Alarm & Norton 2001 and have been quite happy with it. There have been a couple of incidents when I could no longer recieve my pop3 mail as mentioned in a previous thread, but the fix is quite simple and fast. The other thing that I do as a precaution is disable the preview pane which essentially opens your e-mails in Outlook Express.

[HAL9000]

Actually, that is one of the only reasons that I have ZA running along with my router is to provide that extra bit of e-mail security. I have had ZA catch something twice now that Norton did not. ZA renames the file extention making it inoperable.

[waiting]

If we disable or turn off "ActiveX" in Outlook Express-----will this prevent worms from invading our computer via e-mail? If so -- how do we disable it? Were using Windows 98........and by the way--what is ActiveX?

[audiyoda]

I've personally found AVP by Kaspersky Labs to be one of the best antivirus programs on the market. It's little know, but it's powerful -- catches virus before they are in a database -- how I don't care, I just know I was saved from the anna virus before Symantec or McAfee knew about it.

-Craig

[waiting]

Hal: You mentioned using your ZA along with your router. What is a ZA? Router? Never heard of either. Please inform....Thanks.

[Xayd]

ZA = ZoneAlarm, a freeware software firewall. It'll monitor outgoing traffic if your router doesn't. http://www.zonelabs.com

Xayd

[waiting]

Whats a "router"-------in non technical terms...Thanks

[waverider]

I am realitivly new to computers. I have windows 98, and aol. I have the Norton antivirus program and I update virus definations weekly. I do not open attachments from people I don't know. I have downloaded a "patch" to keep KAK worms from entering via outlook express. Is there anything else a non tech can do to prevent virus and worm attacks. Thank You

[glc]

Waverider: Yes, refer to my post above. Antivirus, The Cleaner, and Zone Alarm.

Waiting: A router is used with broadband connections and networked PC's to "route" IP packets to and from the correct machines without exposing your whole network to the Internet. It acts as a firewall. Also - on ActiveX, this is a Microsoft scripting creation to compete with Java. Open up your favorite search engine and search for it, you will find everything you need to know, want to know, and a lot of stuff you don't need or want to know.

[Statica]

If you are non-tech oriented, I would recommed you get yourself an EXCELLENT emailer in pegasus or eudora and use it without the IE viewer. There isnt anything OE can do that Eudora cant do, and there is a lot Eudora can do better with lesser load to your system that OE cant do.

[glc]

You got that right. I have been using Pegasus for about 6 years now and have absolutely no desire to switch to Outhouse Express just to be able to look at and send pretty HTML mail. Call me a dinosaur, but as far as I'm concerned, e-mail is a TEXT based communications avenue with the ability to *attach* files - which can of course be scanned for viruses BEFORE opening.

Question - WHY do you use Outlook Express? I would bet that 90% of users would answer - because it came with the machine/Windows?

[waiting]

I would like opinions on "Norton PersonalFirewall" from anyone who has used it. Thank you.

[HAL9000]

Quote:

Originally posted by waiting Hal: You mentioned using your ZA along with your router. What is a ZA? Router? Never heard of either. Please inform....Thanks.

Hmmm...lost track of this thread somewhere. I see Xayd answered the question already though. A while back I had picked up an ICQ password stealer trojan. The file must have been on my machine for at least 2 months before Norton had definitions to identify it and detected it on my system. I should have known something was up as I was constantly having a notice from ZoneAlarm that it was blocking an outgoing packet from ICQ.

Personally, I trust ZoneAlarm over Norton Personal Firewall, that and ZA is free.

[audiyoda]

Norton PFW can't hold a candle to ZA if only for ZA's ability to catch destructive attahments in e-mail. Norton PFW will take the attachment and run it through Norton AV -- pointless if Norton AV doesn't have definitions as HAL pointed out.

ZA will change the extension on an attachment without even blinking -- rendering teh attachment unusable. ZAPro does allow you to re-change the extension once you've determined it's okay. And ZAPro costs less than Nortion PFW if you feel you need to pay for something but ZA by itself is a great product.

-Craig

[waverider]

Is ZA compatible with Norton Antivirus ? How aboue Norton System Works ?

[HAL9000]

Yes, ZA works fine along with Norton. Norton System Works is a virus itself and I don't recommend installing the whole package. I have System Works, but I only install the antivirus and GHOST portions of the program. The rest can be run from CD if desired.

[waiting]

We have tightened up our internet security levels in OutlookExpress and Internet Explorer. Is there anywhere else in our computers (windows98) that we can do this??????????We are trying to eliminate Active-X Problems. Looking forward to your answers.

[glc]

Just set your security levels to always prompt before running anything ActiveX.

[Statica]

If u are really conscientious, you should get rid of OE and use Pegasus or Eudora and get rid of IE and use something like Opera or Mozilla. Also you need to be able to patch your OS, Win 9x, and stop things from autoinstalling .. for example Windows Media Player has a NASTY vulnerability whereby you can basically have rogue files come in masquerading as skins. Use alternative solutions. Try this, if you have M$N Me$$enger $ervice, go to hotmail and see how M$N starts itself, if IE can allow itself to start a program on your HDD it could be argued that anyone can code the same properties into their website to do the same. In addition monitor your downloaded cab & program files that IE uses.

[reboot]

If you're cautious to the point of paranoia, use Pegasus in text only mode (or Eudora, depending on how you like the "look". ( I still use Eudora Light 3.01 !)
Get ZA on your system, the PRO version has a few more bells and whistles, but the free version is just as good at actual protection. (I use ZAPro)
Go and get InoculateIt PE ( www.antivirus.cai.com ) free, and free updates for life.
Go get Lynx to browse the web, and you'll never get a malicious trojan/virus/script attack. (text only browser)
Don't load the Anti-virus prog when you start windows, only use it to scan EVERYTHING you download, and you'll never, ever, ever, EVER, get infected.

Outhouse Express (LOL!) is not only lousy for mail, it's got so many holes it seats 15. It's pretty to look at, a pig on resources, and both Eudora and Pegasus are free for personal use. Eudora for 1 computer, Pegasus for a LAN (or standalone) are soooooooo much better.
There are also any number of good, free Newsgroup (usenet) readers around (Free Agent, NewsXpress) that do a better job. Especially if a file you want is in multiple parts (you guys know what I'm talking about ), NX will dig up all the parts, download and join them automatically, so you don't have to hunt for part16 of 237.

OK, OK, OK, [/rant]