OT: OS changes...possible virus infection?

  • Thread starter Thread starter rhys
  • Start date Start date
R

rhys

Off-topic, but any other NG with "virus" in its name seems empty.

On a home-built dual processor rig, I run the latest Grisoft AVG 7
free anti-virus package, and update at least twice a week. I have
partitions (logical and physical) for the OS, all other programs, and
all data. I run Windows 2000 (latest service pack) on this dual
processor workstation connected via a router to a DSL modem.

I also use POPfile and Ewido security/anti-spam software.

I notice that when I scan either selectively (C: drive for the WINNT
and F: drive for all e-mail and downloads) or do "full scans" (two
hours over 13 partitions), I rarely find a virus of any description. I
have, however, found that AVG notes the following files as "changed"
(AVG reports zero infections).

C:\winnt\system32\kernel32.dll
C:\winnt\system32\userl32.dll
C:\winnt\system32\ntoskrnl.exe

Equivalent scans on my laptop running AVG 7 (latest update) under
WinXP (latest SPs) does NOT show "changed" in these system files.

I noticed in the last month also that my domain and a couple of my
e-mail addresses had been "harvested" and that I was being "spoofed".
While I have blocked false e-mails, I am wondering if I have a problem
and what to do about it.

Thanks,
R.
 
I don't know if this is of any use, but can you try Symantec
Security Check? It's a free online service for which they try to
sell you products. It's useful and not pushy, in my opinion.

Good luck.

For what it's worth.

Other related groups:
alt.privacy.spyware
comp.security.firewalls

I was browsing two days ago when ZoneAlarm advised me that a program
was trying to dial out. The program name was obscure. Then another
obscure program tried to dial out. I checked the hard disk at the
ZoneAlarm identified location and did not see that program (all
Windows files exposed). Very suspicious. So I went to Symantec's web
site and ran the virus check. It found at least one infected file. I
rebooted to my PartitionMagic CD, deleted the current Windows
partition, and copied back a replacement. And that was the end of
that problem.
 
Sounds like you've downloaded Spyware into your system, and that's causing
the problems.
 
rhys said:
Off-topic, but any other NG with "virus" in its name seems empty.

On a home-built dual processor rig, I run the latest Grisoft AVG 7
free anti-virus package, and update at least twice a week. I have
partitions (logical and physical) for the OS, all other programs, and
all data. I run Windows 2000 (latest service pack) on this dual
processor workstation connected via a router to a DSL modem.

I also use POPfile and Ewido security/anti-spam software.

I notice that when I scan either selectively (C: drive for the WINNT
and F: drive for all e-mail and downloads) or do "full scans" (two
hours over 13 partitions), I rarely find a virus of any description. I
have, however, found that AVG notes the following files as "changed"
(AVG reports zero infections).

C:\winnt\system32\kernel32.dll
C:\winnt\system32\userl32.dll
C:\winnt\system32\ntoskrnl.exe

Equivalent scans on my laptop running AVG 7 (latest update) under
WinXP (latest SPs) does NOT show "changed" in these system files.

I noticed in the last month also that my domain and a couple of my
e-mail addresses had been "harvested" and that I was being "spoofed".
While I have blocked false e-mails, I am wondering if I have a problem
and what to do about it.

Thanks,
R.
Click to expand...

Try running another anti virus programme. I've used AVG for year and never
thought it was a problem but I kept getting bounced emails from an email
address that was never given out to anyone (just set up locally for
testing). I downloaded and run Kapersky and it picked up two trojans and a
virus that AVG missed.
 
Well, I've loaded CW Shredder, SpySubtract, Spybot S+D, and Ad-Aware
so far...

I've found quite a few suspicious files, dialers, cookie redirects,
and possibly e-mail harvesters. Nothing that would change Windows 2000
OS files.

It's becoming an education. Thanks for the advice. Free is good, and
they can pitch me while I wait.

R.
 
Those file were immunized and they are ALWAYS changing. after every
software upgrade/update hardware change, stuff like that effects
certain system files.






@nospam.com> wrote in message
 
Those file were immunized and they are ALWAYS changing. after every
software upgrade/update hardware change, stuff like that effects
certain system files.
Click to expand...

Yes. After further investigation, I've concluded this is the case, and
there is no actual problem.

On the time spent up-side, however, I've got rid of a vast amount of
spy-bots, diallers and redirection crap.

Hurrah!

R.
 
Back
Top