Persistent virus problem

Discussion in 'Computer Support' started by MaryL, Jan 21, 2007.

  1. MaryL

    MaryL Guest

    I use AVG for anti-virus. Over the last few days, it has consistently
    located viruses. Most have been associated with Eudora but some have been
    associated with System Volume Information. There have usually been 3 to
    5 -- some viruses, some trojan horses, some worms. Each time, AVG moves the
    offending files to the vault. If I re-scan, everything is clear, but I will
    have the same (or similar) problem in another day or so. I can't tell
    exactly *which* messages have the virus because AVG gives me a path but not
    the filename. For example, it will show: c:\Program
    Files\Qualcomm\Eudora\Myname\Embedded\Full Clip.exe. Another one is:
    c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Video.exe.

    I never open files from unknown sources. I always delete them without
    reviewing. However, I can't really tell *which* files are the offenders
    (whether from scam, which I receive frequently but delete) or from friends
    who may be unknowingly sending the problem files.

    Virus names have been: I-Worm/Stration; Trojan horse Downloader.Agent.ICB;
    Virus Downloader.Tibs. Filename examples (which are not the names I can see
    in Eurora but are apparently the embedded files) are: Update-KB2524-x86.exe;
    A0004087.exe; Read More.exe; Full Video.exe; Full Text.exe.

    Can anyone provide some help? This first occurred on Nov. 22, 1006, then
    there were no further problems until a 3 or 4 days ago but the problem has
    popped up persistently since that time.

    I am using Win XP-Home Edition. I have AVG free (which runs daily and also
    scans email), and I run both Ad-Aware and SpyBot several times a week. I am
    connected to the Internet via cable and use a wireless router (LinkSys
    Wireless-G Broadband Router, 2.4GHz, 802-11g). I also have a wireless
    laptop that I can use to access the Internet through the same router, but it
    is *very rarely* used because I use it primarily when I travel, and then
    mostly for spreadsheet and word processing (not Internet connection).

    Thanks for any help. This is annoying -- but, more important, I am
    concerned about security.

    MaryL


    Thanks,
    MaryL
     
    MaryL, Jan 21, 2007
    #1
    1. Advertising

  2. MaryL

    1932 Guest

    "MaryL" <-OUT-THE-LITTER> wrote in message
    news:KTLsh.40510$...
    >I use AVG for anti-virus. Over the last few days, it has consistently
    >located viruses. Most have been associated with Eudora but some have been
    >associated with System Volume Information. There have usually been 3 to
    >5 -- some viruses, some trojan horses, some worms. Each time, AVG moves
    >the offending files to the vault. If I re-scan, everything is clear, but I
    >will have the same (or similar) problem in another day or so. I can't tell
    >exactly *which* messages have the virus because AVG gives me a path but not
    >the filename. For example, it will show: c:\Program
    >Files\Qualcomm\Eudora\Myname\Embedded\Full Clip.exe. Another one is:
    >c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Video.exe.
    >
    > I never open files from unknown sources. I always delete them without
    > reviewing. However, I can't really tell *which* files are the offenders
    > (whether from scam, which I receive frequently but delete) or from friends
    > who may be unknowingly sending the problem files.
    >
    > Virus names have been: I-Worm/Stration; Trojan horse Downloader.Agent.ICB;
    > Virus Downloader.Tibs. Filename examples (which are not the names I can
    > see in Eurora but are apparently the embedded files) are:
    > Update-KB2524-x86.exe; A0004087.exe; Read More.exe; Full Video.exe; Full
    > Text.exe.
    >

    snipped some.

    Hi M. go have a read of this security article.
    http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1239899,00.html

    It seems to be linked to this.
    http://www.f-secure.com/v-descs/small_dam.shtml
    The world is getting infected.
     
    1932, Jan 21, 2007
    #2
    1. Advertising

  3. MaryL

    pcbutts1 Guest

    Turn off System Restore http://support.microsoft.com/kb/310405 reboot.
    Temporarily disable your antivirus. Download your mail, delete the offending
    mail. Re-enable your antivirus and do a complete scan. Turn on system
    Restore, reboot. Your antivirus is catching the email before it actually
    downloads, which is good, but with Eudora it is not good.


    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker http://www.leythosthestalker.com, David
    H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



    "MaryL" <-OUT-THE-LITTER> wrote in message
    news:KTLsh.40510$...
    >I use AVG for anti-virus. Over the last few days, it has consistently
    >located viruses. Most have been associated with Eudora but some have been
    >associated with System Volume Information. There have usually been 3 to
    >5 -- some viruses, some trojan horses, some worms. Each time, AVG moves
    >the offending files to the vault. If I re-scan, everything is clear, but I
    >will have the same (or similar) problem in another day or so. I can't tell
    >exactly *which* messages have the virus because AVG gives me a path but not
    >the filename. For example, it will show: c:\Program
    >Files\Qualcomm\Eudora\Myname\Embedded\Full Clip.exe. Another one is:
    >c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Video.exe.
    >
    > I never open files from unknown sources. I always delete them without
    > reviewing. However, I can't really tell *which* files are the offenders
    > (whether from scam, which I receive frequently but delete) or from friends
    > who may be unknowingly sending the problem files.
    >
    > Virus names have been: I-Worm/Stration; Trojan horse Downloader.Agent.ICB;
    > Virus Downloader.Tibs. Filename examples (which are not the names I can
    > see in Eurora but are apparently the embedded files) are:
    > Update-KB2524-x86.exe; A0004087.exe; Read More.exe; Full Video.exe; Full
    > Text.exe.
    >
    > Can anyone provide some help? This first occurred on Nov. 22, 1006, then
    > there were no further problems until a 3 or 4 days ago but the problem has
    > popped up persistently since that time.
    >
    > I am using Win XP-Home Edition. I have AVG free (which runs daily and
    > also scans email), and I run both Ad-Aware and SpyBot several times a
    > week. I am connected to the Internet via cable and use a wireless router
    > (LinkSys Wireless-G Broadband Router, 2.4GHz, 802-11g). I also have a
    > wireless laptop that I can use to access the Internet through the same
    > router, but it is *very rarely* used because I use it primarily when I
    > travel, and then mostly for spreadsheet and word processing (not Internet
    > connection).
    >
    > Thanks for any help. This is annoying -- but, more important, I am
    > concerned about security.
    >
    > MaryL
    >
    >
    > Thanks,
    > MaryL
    >
    >
     
    pcbutts1, Jan 21, 2007
    #3
  4. MaryL

    Leythos Guest

    In article <KTLsh.40510$>, AKE-
    OUT-THE-LITTER says...
    > I never open files from unknown sources. I always delete them without
    > reviewing. However, I can't really tell *which* files are the offenders
    > (whether from scam, which I receive frequently but delete) or from friends
    > who may be unknowingly sending the problem files.
    >
    > Virus names have been: I-Worm/Stration; Trojan horse Downloader.Agent.ICB;
    > Virus Downloader.Tibs. Filename examples (which are not the names I can see
    > in Eurora but are apparently the embedded files) are: Update-KB2524-x86.exe;
    > A0004087.exe; Read More.exe; Full Video.exe; Full Text.exe.
    >
    > Can anyone provide some help? This first occurred on Nov. 22, 1006, then
    > there were no further problems until a 3 or 4 days ago but the problem has
    > popped up persistently since that time.


    I suspect that it's the standard virus laden spam emails we've seen all
    over the country. As long as you're AV solution is catching them, as
    long as you DELETE the email without opening the attachments, you're
    fine.

    If you don't trust your AV solution try MULTI_AV from David Lipman, it's
    the best non-realtime scanner I've seen.

    --
    Want to know what PCBUTTS1 is really about?
    *** WARNING - these links contain foul/pornographic content of an
    abusive nature created by PCBUTTS1 and still hosted on his public
    website ***
    http://www.pcbutts1.com/rlk/rlk.htm ,
    http://www.pcbutts1.com/license.htm ,
    http://www.pcbutts1.com/downloads/max.htm ,
    http://www.pcbutts1.com/downloads/mpv.htm ,
    http://www.pcbutts1.com/downloads/wtcpcb.htm ,
    http://www.pcbutts1.com/cracks.htm ,
    http://www.pcbutts1.com/Loutheasshole.htm
    All while spamming his company website at: http://www.seedsv.com
     
    Leythos, Jan 21, 2007
    #4
  5. MaryL

    MaryL Guest

    "pcbutts1" <> wrote in message
    news:...
    > Turn off System Restore http://support.microsoft.com/kb/310405 reboot.
    > Temporarily disable your antivirus. Download your mail, delete the
    > offending mail. Re-enable your antivirus and do a complete scan. Turn on
    > system Restore, reboot. Your antivirus is catching the email before it
    > actually downloads, which is good, but with Eudora it is not good.
    >
    >
    > --
    >
    > Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    > The list grows. Leythos the stalker http://www.leythosthestalker.com,
    > David H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    > Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell
    >
    >
    >
    >


    I had already turned off System Restore, rebooted, then turned it back on
    (immeditely *after* I had a clean scan). I had not disabled my antivirus.
    I am willing to do this, but can you explain why? Also, I don't know how to
    delete the offending mail because that is part of the problem I tried to
    explain -- the viruses, etc. are embedded within mail, and AVG shows the
    path which includes the name of the virus but does *not* tell me
    specifically which mail includes the problem. For example, this path:
    c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Full Text.exe. Full Text
    seems to be the problem, but I still can't tell which specific piece of
    email includes it -- and I have a *huge* amount of email (some of which I
    delete and some that I move to specific mailboxes).

    Also, what did you mean when you wrote that "with Eudora it is not good"?
    Is there a problem with Eudora that I should be aware of? I have used
    Eudora for years for private mail and use Yahoo for newsgroup mail. For a
    long time, that greatly reduced the amount of spam that I received in
    Eudora, but that is now building.

    Thanks,
    MaryL
     
    MaryL, Jan 21, 2007
    #5
  6. MaryL

    Leythos Guest

    In article <SiMsh.6313$>, AKE-
    OUT-THE-LITTER says...
    > I had already turned off System Restore, rebooted, then turned it back on
    > (immeditely *after* I had a clean scan). I had not disabled my antivirus.
    > I am willing to do this, but can you explain why? Also, I don't know how to
    > delete the offending mail because that is part of the problem I tried to
    > explain -- the viruses, etc. are embedded within mail, and AVG shows the
    > path which includes the name of the virus but does *not* tell me
    > specifically which mail includes the problem. For example, this path:
    > c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Full Text.exe.


    All you need to do is delete any email with an attachment that came from
    someone you didn't ask for, should be easy to spot, then run a full
    scan.


    --
    Want to know what PCBUTTS1 is really about?
    *** WARNING - these links contain foul/pornographic content of an
    abusive nature created by PCBUTTS1 and still hosted on his public
    website ***
    http://www.pcbutts1.com/rlk/rlk.htm ,
    http://www.pcbutts1.com/license.htm ,
    http://www.pcbutts1.com/downloads/max.htm ,
    http://www.pcbutts1.com/downloads/mpv.htm ,
    http://www.pcbutts1.com/downloads/wtcpcb.htm ,
    http://www.pcbutts1.com/cracks.htm ,
    http://www.pcbutts1.com/Loutheasshole.htm
    All while spamming his company website at: http://www.seedsv.com
     
    Leythos, Jan 21, 2007
    #6
  7. MaryL

    MaryL Guest

    "Leythos" <> wrote in message
    news:...
    > In article <KTLsh.40510$>, AKE-
    > OUT-THE-LITTER says...
    >> I never open files from unknown sources. I always delete them without
    >> reviewing. However, I can't really tell *which* files are the offenders
    >> (whether from scam, which I receive frequently but delete) or from
    >> friends
    >> who may be unknowingly sending the problem files.
    >>
    >> Virus names have been: I-Worm/Stration; Trojan horse
    >> Downloader.Agent.ICB;
    >> Virus Downloader.Tibs. Filename examples (which are not the names I can
    >> see
    >> in Eurora but are apparently the embedded files) are:
    >> Update-KB2524-x86.exe;
    >> A0004087.exe; Read More.exe; Full Video.exe; Full Text.exe.
    >>
    >> Can anyone provide some help? This first occurred on Nov. 22, 1006, then
    >> there were no further problems until a 3 or 4 days ago but the problem
    >> has
    >> popped up persistently since that time.

    >
    > I suspect that it's the standard virus laden spam emails we've seen all
    > over the country. As long as you're AV solution is catching them, as
    > long as you DELETE the email without opening the attachments, you're
    > fine.
    >
    > If you don't trust your AV solution try MULTI_AV from David Lipman, it's
    > the best non-realtime scanner I've seen.
    >
    > --


    AVG has been very easy to use, and it is usually given a high rating for
    reliability (both of which are important to me). I am not familiar with
    MULTI_AV, but I'll take a look at it. One of my difficulties is that I
    don't know which email is the actual source. As I said in another message,
    the path includes the name of the embedded file but not the name of the
    email message -- so, I can't be sure if this is included in spam or if a
    friend is inadvertently sending it.

    I had AVG running while I wrote this, and I just received a popup saying
    that 3 files were successfully healed.

    MaryL
     
    MaryL, Jan 21, 2007
    #7
  8. MaryL

    pcbutts1 Guest

    There is no problem with Eudora it is safe. The problem is your AV is
    intercepting the virus before it fully downloads to your mailbox. We had a
    big problem with Norton doing that. The virus is embedded in an html
    document in email. You have to clean it out of that folder c:\Program
    Files\Qualcomm\Eudora\Myname\Embedded. One way to do that would be to
    disable your AV and let it fully download to your inbox. You can also turn
    off html in the Eudora settings. You can also set you AV to exclude the
    embedded folder.

    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker http://www.leythosthestalker.com, David
    H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



    "MaryL" <-OUT-THE-LITTER> wrote in message
    news:SiMsh.6313$...
    >
    > "pcbutts1" <> wrote in message
    > news:...
    >> Turn off System Restore http://support.microsoft.com/kb/310405 reboot.
    >> Temporarily disable your antivirus. Download your mail, delete the
    >> offending mail. Re-enable your antivirus and do a complete scan. Turn on
    >> system Restore, reboot. Your antivirus is catching the email before it
    >> actually downloads, which is good, but with Eudora it is not good.
    >>
    >>
    >> --
    >>
    >> Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    >> The list grows. Leythos the stalker http://www.leythosthestalker.com,
    >> David H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    >> Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell
    >>
    >>
    >>
    >>

    >
    > I had already turned off System Restore, rebooted, then turned it back on
    > (immeditely *after* I had a clean scan). I had not disabled my antivirus.
    > I am willing to do this, but can you explain why? Also, I don't know how
    > to delete the offending mail because that is part of the problem I tried
    > to explain -- the viruses, etc. are embedded within mail, and AVG shows
    > the path which includes the name of the virus but does *not* tell me
    > specifically which mail includes the problem. For example, this path:
    > c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Full Text.exe. Full Text
    > seems to be the problem, but I still can't tell which specific piece of
    > email includes it -- and I have a *huge* amount of email (some of which I
    > delete and some that I move to specific mailboxes).
    >
    > Also, what did you mean when you wrote that "with Eudora it is not good"?
    > Is there a problem with Eudora that I should be aware of? I have used
    > Eudora for years for private mail and use Yahoo for newsgroup mail. For a
    > long time, that greatly reduced the amount of spam that I received in
    > Eudora, but that is now building.
    >
    > Thanks,
    > MaryL
    >
    >
    >
     
    pcbutts1, Jan 21, 2007
    #8
  9. MaryL

    MaryL Guest

    "1932" <> wrote in message
    news:U2Msh.73823$...
    >
    > "MaryL" <-OUT-THE-LITTER> wrote in message
    > news:KTLsh.40510$...
    >>I use AVG for anti-virus. Over the last few days, it has consistently
    >>located viruses. Most have been associated with Eudora but some have been
    >>associated with System Volume Information. There have usually been 3 to
    >>5 -- some viruses, some trojan horses, some worms. Each time, AVG moves
    >>the offending files to the vault. If I re-scan, everything is clear, but
    >>I will have the same (or similar) problem in another day or so. I can't
    >>tell exactly *which* messages have the virus because AVG gives me a path
    >>but not the filename. For example, it will show: c:\Program
    >>Files\Qualcomm\Eudora\Myname\Embedded\Full Clip.exe. Another one is:
    >>c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Video.exe.
    >>
    >> I never open files from unknown sources. I always delete them without
    >> reviewing. However, I can't really tell *which* files are the offenders
    >> (whether from scam, which I receive frequently but delete) or from
    >> friends who may be unknowingly sending the problem files.
    >>
    >> Virus names have been: I-Worm/Stration; Trojan horse
    >> Downloader.Agent.ICB; Virus Downloader.Tibs. Filename examples (which
    >> are not the names I can see in Eurora but are apparently the embedded
    >> files) are: Update-KB2524-x86.exe; A0004087.exe; Read More.exe; Full
    >> Video.exe; Full Text.exe.
    >>

    > snipped some.
    >
    > Hi M. go have a read of this security article.
    > http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1239899,00.html
    >
    > It seems to be linked to this.
    > http://www.f-secure.com/v-descs/small_dam.shtml
    > The world is getting infected.
    >
    >


    Thanks! This does sound like an exact description of what I have seen. I
    have received a number of messages lately such as "Sadam Hussein is still
    alive" or even "Sadam Hussein is dead" (with misspellings). I did not open
    them and immediately deleted them. I also empty trash and compact mailboxes
    several times a week. So, I'm puzzled as to why AVG would then still find
    references to the problem -- if this is the source -- when it scans (done
    daily at about 8:00 a.m.). I did turn off System Restore and then restart
    it after getting a clean scan because I was already aware that it can save
    malware. The sources you sent are excellent for me -- as I said, at least I
    have now seen some references to the precise problem.

    I like AVG, but (1) it does concern me that it does not provide information
    about the precise message so I can see if any of these are included in
    messages inadvertently sent by friends and (2) it seems strange to see the
    viruses showing up *after* I have deleted unopened mail.

    Thanks,
    MaryL
     
    MaryL, Jan 21, 2007
    #9
  10. MaryL

    MaryL Guest

    "pcbutts1" <> wrote in message
    news:...
    > There is no problem with Eudora it is safe. The problem is your AV is
    > intercepting the virus before it fully downloads to your mailbox. We had a
    > big problem with Norton doing that. The virus is embedded in an html
    > document in email. You have to clean it out of that folder c:\Program
    > Files\Qualcomm\Eudora\Myname\Embedded. One way to do that would be to
    > disable your AV and let it fully download to your inbox. You can also turn
    > off html in the Eudora settings. You can also set you AV to exclude the
    > embedded folder.
    >
    > --
    >
    >


    Thanks. I'm beginning to get the picture. However, I don't see how I can
    disable the AV at the appropriate time because I get *lots* of email, and I
    would never know in advance when one of the offending emails is being
    downloaded. I could, of course, disable AVG *every* time I downloaded email
    for awhile -- but wouldn't that be opening my computer to still more
    infections? (Serious question...I'm showing my lack of knowledge here, not
    trying to be overly stubborn about it.)

    MaryL
     
    MaryL, Jan 21, 2007
    #10
  11. MaryL

    Mara Guest

    On Sun, 21 Jan 2007 10:20:41 -0600, "MaryL"
    <-OUT-THE-LITTER> wrote:

    <snip>
    >AVG has been very easy to use, and it is usually given a high rating for
    >reliability (both of which are important to me).


    I don't know where you're getting your ratings from, but I can tell you from
    practical experience that it does *not* do a good job.

    Go here: www.activevirusshield.com

    And download the free version of Kaspersky, update it, and run it. You'll find
    it much more effective.


    --
    A luser is someone who returns a perfectly good hammer to the hardware
    store saying "There's something wrong with it.  I keep hitting my
    thumb." --JB, in the Monastery
     
    Mara, Jan 21, 2007
    #11
  12. MaryL

    pcbutts1 Guest

    Disable it, download mail, re-enable it. Do that just to get rid of the
    offending email. The real-time protection will prevent it from executing
    after you re-enable it.

    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker http://www.leythosthestalker.com, David
    H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



    "MaryL" <-OUT-THE-LITTER> wrote in message
    news:FNMsh.2072$...
    >
    > "pcbutts1" <> wrote in message
    > news:...
    >> There is no problem with Eudora it is safe. The problem is your AV is
    >> intercepting the virus before it fully downloads to your mailbox. We had
    >> a big problem with Norton doing that. The virus is embedded in an html
    >> document in email. You have to clean it out of that folder c:\Program
    >> Files\Qualcomm\Eudora\Myname\Embedded. One way to do that would be to
    >> disable your AV and let it fully download to your inbox. You can also
    >> turn off html in the Eudora settings. You can also set you AV to exclude
    >> the embedded folder.
    >>
    >> --
    >>
    >>

    >
    > Thanks. I'm beginning to get the picture. However, I don't see how I can
    > disable the AV at the appropriate time because I get *lots* of email, and
    > I would never know in advance when one of the offending emails is being
    > downloaded. I could, of course, disable AVG *every* time I downloaded
    > email for awhile -- but wouldn't that be opening my computer to still more
    > infections? (Serious question...I'm showing my lack of knowledge here,
    > not trying to be overly stubborn about it.)
    >
    > MaryL
    >
     
    pcbutts1, Jan 21, 2007
    #12
  13. MaryL

    pcbutts1 Guest

    Don't use that Multi-Av if that finds anything in your embedded folder or
    anywhere it will delete it. no quarantine, no recovery.

    --

    Newsgroup Trolls. Read about mine here http://www.pcbutts1.com/downloads
    The list grows. Leythos the stalker http://www.leythosthestalker.com, David
    H. Lipman, Max M Wachtell III aka What's in a Name?, Fitz,
    Rhonda Lea Kirk, Meat Plow, F Kwatu F, George Orwell



    "MaryL" <-OUT-THE-LITTER> wrote in message
    news:spMsh.6356$...
    >
    > "Leythos" <> wrote in message
    > news:...
    >> In article <KTLsh.40510$>, AKE-
    >> OUT-THE-LITTER says...
    >>> I never open files from unknown sources. I always delete them without
    >>> reviewing. However, I can't really tell *which* files are the offenders
    >>> (whether from scam, which I receive frequently but delete) or from
    >>> friends
    >>> who may be unknowingly sending the problem files.
    >>>
    >>> Virus names have been: I-Worm/Stration; Trojan horse
    >>> Downloader.Agent.ICB;
    >>> Virus Downloader.Tibs. Filename examples (which are not the names I can
    >>> see
    >>> in Eurora but are apparently the embedded files) are:
    >>> Update-KB2524-x86.exe;
    >>> A0004087.exe; Read More.exe; Full Video.exe; Full Text.exe.
    >>>
    >>> Can anyone provide some help? This first occurred on Nov. 22, 1006,
    >>> then
    >>> there were no further problems until a 3 or 4 days ago but the problem
    >>> has
    >>> popped up persistently since that time.

    >>
    >> I suspect that it's the standard virus laden spam emails we've seen all
    >> over the country. As long as you're AV solution is catching them, as
    >> long as you DELETE the email without opening the attachments, you're
    >> fine.
    >>
    >> If you don't trust your AV solution try MULTI_AV from David Lipman, it's
    >> the best non-realtime scanner I've seen.
    >>
    >> --

    >
    > AVG has been very easy to use, and it is usually given a high rating for
    > reliability (both of which are important to me). I am not familiar with
    > MULTI_AV, but I'll take a look at it. One of my difficulties is that I
    > don't know which email is the actual source. As I said in another
    > message, the path includes the name of the embedded file but not the name
    > of the email message -- so, I can't be sure if this is included in spam or
    > if a friend is inadvertently sending it.
    >
    > I had AVG running while I wrote this, and I just received a popup saying
    > that 3 files were successfully healed.
    >
    > MaryL
    >
    >
     
    pcbutts1, Jan 21, 2007
    #13
  14. MaryL

    MaryL Guest

    "pcbutts1" <> wrote in message
    news:...
    > Disable it, download mail, re-enable it. Do that just to get rid of the
    > offending email. The real-time protection will prevent it from executing
    > after you re-enable it.
    >
    > --
    >


    Okay, thanks. I'll do that.

    MaryL
     
    MaryL, Jan 21, 2007
    #14
  15. MaryL wrote:

    > .. I could, of course, disable AVG *every* time I downloaded email for
    > awhile -- but wouldn't that be opening my computer to still more
    > infections? (Serious question...I'm showing my lack of knowledge
    > here, not trying to be overly stubborn about it.)


    As long as real-time protection is running, you do not have to scan your
    Incoming (and Outgoing) email. Your a-v app will prevent you from saving
    or executing any virus-laden file, assuming its database knows about it.
    If it a new virus not included in the database, it doesn't matter one
    way or the other.

    http://k75s.home.att.net/tips-sub.html#avscan

    You should also be able to recognize virus-laden emails, as normally
    they don't make sense to start with.

    A more modern, secure email client will also keep you safer.

    --
    -bts
    -Motorcycles defy gravity; cars just suck
     
    Beauregard T. Shagnasty, Jan 21, 2007
    #15
  16. MaryL

    Daave Guest

    MaryL wrote:
    > I use AVG for anti-virus. Over the last few days, it has consistently
    > located viruses. Most have been associated with Eudora but some have
    > been associated with System Volume Information. There have usually
    > been 3 to 5 -- some viruses, some trojan horses, some worms. Each
    > time, AVG moves the offending files to the vault. If I re-scan,
    > everything is clear, but I will have the same (or similar) problem in
    > another day or so. I can't tell exactly *which* messages have the
    > virus because AVG gives me a path but not the filename. For example,
    > it will show: c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Full
    > Clip.exe. Another one is: c:\Program
    > Files\Qualcomm\Eudora\Myname\Embedded\Video.exe.


    Why not just use Explorer to delete those .exe files?

    Or once a virus is moved to the vault, is it possible to delete it from
    there?
     
    Daave, Jan 21, 2007
    #16
  17. MaryL

    MaryL Guest

    "Daave" <> wrote in message
    news:...
    > MaryL wrote:
    >> I use AVG for anti-virus. Over the last few days, it has consistently
    >> located viruses. Most have been associated with Eudora but some have
    >> been associated with System Volume Information. There have usually
    >> been 3 to 5 -- some viruses, some trojan horses, some worms. Each
    >> time, AVG moves the offending files to the vault. If I re-scan,
    >> everything is clear, but I will have the same (or similar) problem in
    >> another day or so. I can't tell exactly *which* messages have the
    >> virus because AVG gives me a path but not the filename. For example,
    >> it will show: c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Full
    >> Clip.exe. Another one is: c:\Program
    >> Files\Qualcomm\Eudora\Myname\Embedded\Video.exe.

    >
    > Why not just use Explorer to delete those .exe files?
    >
    > Or once a virus is moved to the vault, is it possible to delete it from
    > there?
    >
    >


    I don't think it's practical to use Explorer -- there are far too many
    legitimate *.exe files on the computer. Yes, they can be removed from the
    vault, but that is not the problem. AVG heals those files that it can, and
    then (if I understand correctly) others are "stored" in the vault -- but
    these are not the ones that are being located i future scans.

    MaryL
     
    MaryL, Jan 21, 2007
    #17
  18. MaryL

    Daave Guest

    MaryL wrote:
    > "Daave" <> wrote in message
    > news:...
    > I don't think it's practical to use Explorer -- there are far too many
    > legitimate *.exe files on the computer.


    But you already know the path! Why not just use Explorer to delete:

    c:\Program Files\Qualcomm\Eudora\Myname\Embedded\FullClip.exe

    c:\Program Files\Qualcomm\Eudora\Myname\Embedded\Video.exe
     
    Daave, Jan 21, 2007
    #18
  19. MaryL

    Leythos Guest

    In article <spMsh.6356$>, AKE-
    OUT-THE-LITTER says...
    > One of my difficulties is that I
    > don't know which email is the actual source.


    But you do know which one it is, it's one with an attachment, you even
    know were the offending email attachment is stored, you showed that in
    your first post.

    Now, you would be safe just going in and sorting your email by
    attachment (so that attachment messages are at the top) then deleting
    the emails with attachments that you didn't ask to be sent to you.

    --
    Want to know what PCBUTTS1 is really about?
    *** WARNING - these links contain foul/pornographic content of an
    abusive nature created by PCBUTTS1 and still hosted on his public
    website ***
    http://www.pcbutts1.com/rlk/rlk.htm ,
    http://www.pcbutts1.com/license.htm ,
    http://www.pcbutts1.com/downloads/max.htm ,
    http://www.pcbutts1.com/downloads/mpv.htm ,
    http://www.pcbutts1.com/downloads/wtcpcb.htm ,
    http://www.pcbutts1.com/cracks.htm ,
    http://www.pcbutts1.com/Loutheasshole.htm
    All while spamming his company website at: http://www.seedsv.com
     
    Leythos, Jan 21, 2007
    #19
  20. MaryL

    Daave Guest

    MaryL wrote:
    > "pcbutts1" <> wrote in message
    > news:...
    >> Disable it, download mail, re-enable it. Do that just to get rid of
    >> the offending email. The real-time protection will prevent it from
    >> executing after you re-enable it.


    > Okay, thanks. I'll do that.


    Personally, I think the e-mail scanner is overkill; I don't use it.

    Like others have said, AVG's real-time protection (updated, of course)
    will prevent any virus from executing (unless there is a *brand new*
    virus that is not included in the most recent definitions... which is
    why it is prudent to always back up your data).

    I have the Preview pane turned off on my e-mail client, so I am able to
    see the header only and whether or not there is an attachment. But if
    you suspect a virus in a particular e-mail and note who the "sender" is,
    it still very well may not be from that person! Often a virus lifts off
    sender names from an infected PC's mail client's address book. So if it
    appears you are getting an e-mail with a virus attachment from Joe
    Smith, it might very well be coming from someone you do not know who
    happens to have Joe Smith in their address book.

    --
    Dave
     
    Daave, Jan 21, 2007
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. dmorgan1

    why's my bridge un-persistent?

    dmorgan1, Aug 2, 2005, in forum: Wireless Networking
    Replies:
    0
    Views:
    446
    dmorgan1
    Aug 2, 2005
  2. [iMpLoDe]
    Replies:
    4
    Views:
    6,266
    [iMpLoDe]
    Jan 17, 2005
  3. Sascha E. Pollok

    Cisco dialer-persistent reconnect delay

    Sascha E. Pollok, Mar 20, 2006, in forum: Cisco
    Replies:
    1
    Views:
    2,436
  4. Replies:
    2
    Views:
    593
  5. Jim Beaver

    Persistent problem - Missing Program Files

    Jim Beaver, Apr 10, 2006, in forum: Computer Support
    Replies:
    4
    Views:
    420
    Jim Beaver
    Apr 11, 2006
Loading...

Share This Page