Trojan

N

nanakris

I have discovered that there is an uncleanable Troj
ACHUM.A in residence on my computer. That must be what
keeps sending mail to addresses I have never heard of. I
only know when I receive an undeliverable mail notice.
How many are going out and being received, I have NO
IDEA!! It must also be what keeps changing the e-mail
configuration. I have to repeatedly go into it and retype
my address, password, or both. Please tell me how to get
rid of it. I am running Norton virus scan and have run
the Norton clean sweep. Thanks for any available help.
Nana-to-my-grandkids!
 
J

Jim Macklin

You need STINGER from http://vil.nai.com/vil/stinger/

also get Zone Alarm from www.zonelabs.com and don't allow
the Trojan to access the Internet.

If you are getting notices of "undeliverable mail" it may
just mean that some infected computer is spoofing your
address, it doesn't mean you are infected.


message | I have discovered that there is an uncleanable Troj
| ACHUM.A in residence on my computer. That must be what
| keeps sending mail to addresses I have never heard of. I
| only know when I receive an undeliverable mail notice.
| How many are going out and being received, I have NO
| IDEA!! It must also be what keeps changing the e-mail
| configuration. I have to repeatedly go into it and retype
| my address, password, or both. Please tell me how to get
| rid of it. I am running Norton virus scan and have run
| the Norton clean sweep. Thanks for any available help.
| Nana-to-my-grandkids!
 
T

Tom Brown

MVP's .... what about this? I just scanned my system that was supposedly
virus free and found 23 instances of the W32/Bagle.f@MM virus.

Is this a legit posting or have I been spoofed? Not that I don't trust Jim
Macklin but since I don't know him, I'd sure feel more secure if a MS MVP
vouched for this.

Thanks,

Tom
 
M

Michael Solomon \(MS-MVP Windows Shell/User\)

It's legit, Jim's legit and bagel sometimes known as beagle is vicious
virus.
 
T

Tom Brown

Thanks Michael and Jim!

Tom

Michael Solomon (MS-MVP Windows Shell/User) said:
It's legit, Jim's legit and bagel sometimes known as beagle is vicious
virus.

--
Michael Solomon MS-MVP
Windows Shell/User
Backup is a PC User's Best Friend
DTS-L.Org: http://www.dts-l.org/
Click to expand...
 
J

Jim Macklin

If you scanned your computer and found 32 virus files you do
have them on the computer, but they could just be in your
email file and not have been open and installed. Thus you
might only be "exposed" and not infected. Delete all the
suspect email.


| MVP's .... what about this? I just scanned my system that
was supposedly
| virus free and found 23 instances of the W32/Bagle.f@MM
virus.
|
| Is this a legit posting or have I been spoofed? Not that
I don't trust Jim
| Macklin but since I don't know him, I'd sure feel more
secure if a MS MVP
| vouched for this.
|
| Thanks,
|
| Tom
|
|
in message
| | > You need STINGER from http://vil.nai.com/vil/stinger/
| >
| > also get Zone Alarm from www.zonelabs.com and don't
allow
| > the Trojan to access the Internet.
| >
| > If you are getting notices of "undeliverable mail" it
may
| > just mean that some infected computer is spoofing your
| > address, it doesn't mean you are infected.
| >
| >
in
| > message | > | I have discovered that there is an uncleanable Troj
| > | ACHUM.A in residence on my computer. That must be
what
| > | keeps sending mail to addresses I have never heard of.
I
| > | only know when I receive an undeliverable mail notice.
| > | How many are going out and being received, I have NO
| > | IDEA!! It must also be what keeps changing the e-mail
| > | configuration. I have to repeatedly go into it and
retype
| > | my address, password, or both. Please tell me how to
get
| > | rid of it. I am running Norton virus scan and have
run
| > | the Norton clean sweep. Thanks for any available
help.
| > | Nana-to-my-grandkids!
| >
| >
|
|
 
T

Tom Brown

I didn't save the report (that would be a good default setting for Stinger)
and I don't remember all the files that it found. But, I do recall that a
bunch of them were in some Macromedia Flash Player files and one was in
Windows/system32. But, no problem, my regular virus scanner (Kaspersky)
found 2 more W32/Bagle.f@MM hidden in emails last night and deleted them
all. It also found, and deleted, an email with MyDoom.a in it.

Thanks again for the good advice.

Tom
 
T

Tom Brown

Ok, I have finally gotten to the bottom of this. Apparently the Bagle.f
worm infected my system through an email that I mistakenly opened when it
appeared to come from a friend. It then disabled the updating process of my
antivirus software. It has been detected, deleted, and is now updating
regularly. Here is a quote from my AV program.

"The worm attempts to counteract the updating of antivirus programs by
terminating the following processes:
ATUPDATER.EXE
AUPDATE.EXE
AUTODOWN.EXE
AUTOTRACE.EXE
AUTOUPDATE.EXE
AVLTMAIN.EXE
AVPUPD.EXE
AVWUPD32.EXE
AVXQUAR.EXE
CFIAUDIT.EXE
DRWEBUPW.EXE
ICSSUPPNT.EXE
ICSUPP95.EXE
LUALL.EXE
MCUPDATE.EXE
NUPGRADE.EXE
OUTPOST.EXE
UPDATE.EXE"Nasty!

Tom
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Trojan Threat? 13
Undeliverable e-mail 1
Trojans in Sys 32 2
how to strip out e-mail addresses from undeliverable bounce-backs 2
E_mail 1
How can I get rid of Trojans 6
Trojan and Keylogger immediately after install 4
E-mailing multiple contacts 2

Top