Howdy folks,

Yesterday, Sunday, I got up and fired up the old computer. Started reading the news when I got an instant message on my Compuserve instant messanger from someone I did not know. I declined to answer. I kept gettin' this over and over. I wish I had marked down the sender.

Finally, I relented and answered. I got back a message "Your time is short"!!! http://www.PCGuide.com/ubb/eek.gif That sucks on a Sunday mornin'.

So I kept on doin' what I was doin'. I did not reply.

The first thing I noticed was that I was gettin' an "illegal operation" error when I tried to access "My Computer". Then I got it when I tried to access "Documents". Then Windows Explorer, then anything I tried. http://www.PCGuide.com/ubb/frown.gif

It quickly (took about 30 mins.) brought my computing to a halt. Nothing.

No amount of rebooting would get me anything but "Illegal Operation".

I lost alot. I didn't realize how much I hadn't backed up. Alot of it wasn't even my work but my daughters and a friends.

I'm really bummed! Does anyone have an idea what happened? I guess someone got me, somehow. But how? My Norton Antivirus didn't pick up anything. I'm clueless.

On the upside... I just did my first reformat, partition and reinstall OS. What little hair I had is now totally gray. But I'm on the way. Installing my printer, scanner etc. Reinstalling all the programs I've installed over the past year and a half.

Does anyone have an idea of what happened?

------------------
Peace and Love, brothers and sisters. Peace and Love

Virus man , all i can say i got 2 last night just surfin the web, norton caught one but the other it didnt, so i dont know if its still in my cpu or not. http://www.PCGuide.com/ubb/mad.gif In my experiece the ones that you get in your email are more sophistcated than the ones you get online and in messegers services.These viruses are getting out of hand its get ridiolous.

------------------
Sledgehammer will save the day!

Hi diurnal,

How do you get a virus through IM. I've never heard of that. Did I get it when I answered the IM?

------------------
Peace and Love, brothers and sisters. Peace and Love

Sorry to hear that one : as soon as you answered it your browser opened and wham I believe thats the way it works kind of like opening an attatchment in the mail? Damn people and there nonsense wish they would just get a life. http://www.PCGuide.com/ubb/frown.gif http://www.PCGuide.com/ubb/mad.gif Kinda need to back up every thing you do nowa days
diurnal need to watch those surfin viruses you know what happened to Me close that browser.

------------------
What have I gotten my self Into now (ROFLMAO)

Thanks YODA,

Is that true!!?? You can get a virus from IM?



------------------
Peace and Love, brothers and sisters. Peace and Love

http://www.google.com/search?q=virus+in+IM

some articals at these site on it PC magazine and a few others ZD net has a good artical can't get the link to work should beable to find it though
http://www.PCGuide.com/ubb/wink.gif

------------------
What have I gotten my self Into now (ROFLMAO)



[This message has been edited by YODA74 (edited 10-01-2001).]

Hey Steve,

Yours is truly a tale of woe. These latest viruses are insidious. I managed to stumble into one two weeks ago at the office by just surfing a web page in search of some graphics for an ad layout. We are still fighting that one! We tend to be very vigilant with our system and keep our virus definitions up to date. The problem was that the desktop I was temporarily assigned was not totally updated with the latest IE5.5 updates. So I advise everybody to keep their browser and anti-virus updated.

Feeling your pain,
ER


------------------
I think, therefore I am -What the hell was I thinking?

very sad event indeed http://www.PCGuide.com/ubb/mad.gif

Steve, it sounds to me like when you answered the IM, this is when the other party was able to obtain your IP#. Then by doing a port scan on you, (I am assuming you either do not have ZoneAlarm or do not have it configured correctly?) >> they were able to gain entry to your root directory and basically do anything they desired. (including running a script or batch, or exe file that did what you have observed.

Very sorry ........... anyway we can help with any type files please don't hesitate to ask.

GH could explain it better.

------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)

[This message has been edited by sea69 (edited 10-02-2001).]

Cnet (http://news.cnet.com/news/0-1005-200-6873022.html) says IM virusthreats are few, but apparently getting a good start. The article says experts are not aware of any viruses (virii?) targeting ICQ or Yahoo messanger, but MSN messenger has seen a couple, hello.exe and choke.exe. Micro$oft issued an Alert (http://messenger.msn.com/support/knownissues.asp) also linked to in the Cnet page. You have to double click on these files to open them.

I think in this case Sea is probably closest to the problem, someone managed to get an IP address and had a bit of fun with the system files.

While on the subject, a few IM/ICQ virus hoaxes have been around for a while, same as with email. Sensible Solutions (http://www.canada-av.com/sensible/home.nsf/htmlmedia/hoaxes.html) has a good list, Stiller Research (http://www.stiller.com/hoaxes.htm) has another, Symantec (http://www.symantec.com/avcenter/hoax.html) too. Most of these are email oriented hoaxes, but I'm pretty sure the ones sent by IM should also be in there. The Flashing IM (http://www.stiller.com/flim.htm) is one of them.

------------------
Support the right to keep and arm bears.
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.dreamwater.com/paleopete/computer.htm) has been moved, please update your bookmarks.

Below is an excerpt from an article I read giving tip in the battle against spreading viruses. I am not trying to teach my Granny to suck eggs but it my be useful for someone. Sorry if it seems to be a long post. http://www.PCGuide.com/ubb/rolleyes.gif

Also at present I have had to install AOL onto my computer for a couple of weeks, so that my nephew can access the net and his e-mail etc from my house. (personally I would not give it to my worst enemy) This is a warning concerning Zone Alarm. When you have AOL installed on your computer and want to access Internet Explorer when connected through AOL you HAVE TO DROP your security level settings in Zone Alarm. So if you are thinking about putting AOL on weigh it up against what happened to Steve. With full security setting in Zone Alarm (or any firewall) there is a more than even chance that this would have been blocked (if he has been hacked).

PLEASE NOTE!: This only tip only stops a mail virus from spreading via your address book. IT DOES NOT TAKE THE PLACE OF upto date Anti-Virus Software. IT DOES NOT STOP YOU FROM BECOMING INFECTED.

"To avoid spreading computer viruses, create a contact in your email address book with the name !0000 (or similar)with no email address in the details. This contact will then show up as your first contact in your address book. If a virus attempts to do a "send all" on your contact list, your PC will put up an error message saying that "The Message could not be sent. One or more recipients do not have an e-mail address. Please check your Address Book and make sure all the recipients have a valid e-mail address." You click on OK and the offending (virus) message would not have been sent to anyone. Of course no changes have been made to your original contacts list. The offending (virus) message may then be automatically stored in your "Drafts" or "Outbox" folder. Go in there and delete the offending message. Problem is solved and virus is not spread. I wasn't going to cover this widely-circulated "tip" because it's so easy to check for yourself: Just try it: Add the fake name, but enter no corresponding email address. Many email clients will allow you to do this, and indeed will complain when you--- or a virus or worm--- try to send email to that bogus name.It only works if your online defenses have already failed: Yes, it may help prevent a virus from spreading from your machine, but by the time this trick works, your PC is already infected. It's far, far better to prevent such infections in the first place. Then, not only will your system not infect others, but *you* won't be infected either. So add a fake "!0000" (or "AAAAAA" or whatever) name to your address book if you wish, but please realize that this does absolutely nothing to prevent you from being infected in the first place, and so is of limited utility, at best."

------------------
Ernie

thanks ERNIE, I did it, don't know why I hadn't thought of it before... makes perfect sense.

http://www.PCGuide.com/ubb/wink.gif



------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)


;)~

Hi Folks,

I guess it was a virus. I didn't know you could get one from IM. Live and learn. I'm kicking myself. I shut down ZA, to do my usual maintenance, and didn't turn it back on when I got on the net. Geeeze!

A while ago I got involved with a hacker dude in Germany on IRC. I got nine virus's that week. http://www.PCGuide.com/ubb/eek.gif That's what prompted me to get ZA in the first place. Norton AV picked them all up though and I was able to clean things up and get back to normal.

I appreciate all the links and articles on IM virus. I'm not sure but I do think that I had to double click to answer. I guess that's one more thing I'll NOT do again!

Thanks again.

------------------
Peace and Love, brothers and sisters. Peace and Love

Ernie,
Thats so simple its fantastic. Thanks
As for the statement about "Dropping your security level" to use IE while signed on with AOL, I have to totaly disagree. I use AOL and access some things with IE every day. My setting is on the highest and I have never had to change anything.
Curious as to what problems you have experienced.
OH GOD, here I go again http://www.PCGuide.com/ubb/biggrin.gif http://www.PCGuide.com/ubb/cool.gif

------------------
If I tell you to think for yourself, then you're not doing it.
.
.
This is not directed at those asking questions in order to gain knowledge. That shows you are thinking.

Whoooooooooosssssssssssshhhh!

Pete got it right away.

still wish GH would appear here.

http://www.PCGuide.com/ubb/eek.gif

http://www.PCGuide.com/ubb/wink.gif



------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/3.html)


;)~

Bassman - Tried it today again. (it is great being able to get on-line during the day at no cost what so-ever) Same as before. With ZA set a full security I cannot access IE. Drop security settings and I can get into IE no trouble at tall. AOL here in the UK say that you MUST do this or do without IE. http://www.PCGuide.com/ubb/eek.gif

------------------
Ernie