Virus Information Links
Given the proliferation of virus's and the new strains that are emerging I thought I would dedicate a page to links to sites where you can get some information about dealing with these potentially devastating aspects of computing. You should invest in good antivirus software. there are a number of these on the market. There are also good freeware programs that will keep your system functioning. You must keep the virus definitions up-to-date Click here for free virus scanning services.
Search The Symantec Virus Site
General Security Advice - a must read for anyone using the internet. Good basic common sense information!
Virus Prevention in Windows 9x - the author of this site provides nice tutorials and work-a-rounds for disabling Active X and preventing "Script Virus" on a number of different browsers.
Test your Antivirus Software - Take this link to "online eicar" and test your AV program to see how it responds to a virus alert. the test file is harmless but will test your AV program to show you what you can when (not if) you really do have one of those nasty critters trying to infect your system
Virus Removal Tools - From Symantec this links gives you access to a large number of tools for removing many of the most common virus infections
More Freeware AntiVirus Removal Tools - a list of tools which are maintained at the very least on a weekly basis. As well as excellent General malware removal utilities such as Sysclean_FE there are links to resolve problematic situations and malware such as disinfecting email database files without losing important emails.
Microsoft® Windows® Malicious Software Removal Tool - This tool checks your computer for infection by specific, prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found.
Virus
FAQ - I found this submitted by "buzz-buzz" on the
CD-Rom
Guide Forum. Excellent basic information about keeping your system safe.
Thanks buzz-buzz (AKA Lyn)
Virus Info Centre at PC-cillin.com - check out the latest in virus information from PC-cillin, a leader in virus protection!
VirusList.com - From Kapersky Labs, leaders in virus research and detection, comes this superb site with an on-line encyclopedia of virus information that is always current and up-to-date. I check here first when looking for virus info.
Virus Encyclopaedia - from Symantec (makers of Norton Products)
Bugs Glitches and Stuff-ups - From Microsoft MVP Sandi Hardmeier comes a great page on a wide variety of problems caused by familiar programs. While not necessarily *virus* activity many of hiccups might seems as though the qualify to fit into that category. Enjoy Sandi's page.
Winsock Restore
- Winsock is a freeware utility, designed to restore original Windows
98/2000 socket files, winsock.dll and wsock32.dll. Some very malicious
viruses/trojans (such as Matrix, Hybris, Happy 99) replace these files with
their own and thus prevent user from using anti-virus software, block email
sending and block some webpages. The user of so badly infected PC usually can
not do anything, even ask for a help, as email sending is blocked.
You need Winsock restore if:
You can not visit certain website
Can not write emails to certain addresses
Your antivirus software is blocked and won't start
Outgoing emails with attached viruses are being sent without your intervention.
This program automatically recognizes Windows 98 or Windows 2000 and restores
the respective files to original condition.
Shields Up - This site will test your computer for security holes which could be capitalized on by a hacker. The tests will probe your IP address to see how vulnerable you are!
Agnitum
Outpost is equipped with every feature a personal firewall should
have. It is the most functional firewall in the world. Outpost supports all the
latest security techniques and features such as: Full Stealth Mode, Anti-Leak,
and MD5 Authentication
Zone Alarm
- If you don't have firewall protection and you have DSL or Cable modem
connection then you need this program!
and.doxdesk.com - Check for Parasites. ‘Parasite’ is a shorthand term for “unsolicited commercial software” — that is, a program that gets installed on your computer which you never asked for, and which does something you probably don’t want it to, for someone else’s profit. SpywareBlaster (below) can keep these parasites off your system!
System been Hijacked? Try these links for tools to get you running again fast! MVP.org or Spyware Info
Spyware
Blaster -
SpywareBlaster
doesn't scan and clean for so-called spyware - it prevents it from being
installed in the first place. It achieves this by disabling the CLSIDs of
popular spyware ActiveX controls, and also prevents the installation of any of
them via a webpage. This allows you to run Internet Explorer with Active-X
enabled, but it will never download or even prompt you for any of the known
ActiveX controls.
Spybot Search & Destroy 1.1 SpyBot-S&D searches your hard drive for so-called spy- or adbots; that is, little modules that are responsible for the ads many programs display. Many of these modules also transmit information, including your surfing behavior on the Internet. If SpyBot-S&D finds such modules, it can remove them. In most cases the host still runs fine after removing the spyware/adware.
From PC Magazine - and excellent overview of Spyware. Don't read this before bed time or you are sure to have nightmares!
The
Anatomy of File Download Spyware - Do you use Netscape? Have a read
through Steve Gibson's report on his findings.
Steve
Gibson's homepage can be found here.
What Is a Computer Virus? A computer virus is a program – a piece of executable code – that has the unique ability to replicate. Like biological viruses, computer viruses can spread quickly and are often difficult to eradicate. They can attach themselves to just about any type of file and are spread as files that are copied and sent from individual to individual.
Get Rid Of GoHip - GoHip is a search engine that installs ActiveX components without your knowledge onto your computer. This will modify your Homepage URL and add a line to your e-mail messages that directs people to the GoHip site where, you guessed it, you catch the GoHip bug. The link will take you to a remover that will take this plague off your system.
CoolWebSearch - get rid of this browser hijack
Doug Muth's Anti-Virus Help Page - this is one of those "Must Visit" sites for anyone wanting information about computer viri and protection. It is straightforward and written in easily understood terms. Well worth bookmarking.
Network Associates Virus Information Center - More than 50,000 viruses exist today. Network Associates Virus Library has detailed information on where viruses come from, how they infect your system, and how to remove them.
Getvirushelp.com - This is a super resource with information about, and free cleaners for, the KAK.Worm, the ILoveYou.vbs virus , Happy99.exe and Pretty Park.exe worms. Information is clearly presented and the free cleaners are worth the visit.
W32.Swen.A@mm - This worm/virus comes as a message from Microsoft informing the recipient that it is the latest Security Patch. Microsoft never sends out security patches by e-mail
Fix Sasser Worm - Jupiter Jones MS-MVP gives simple instructions for getting rid of the newest plague affecting Windows 2000/XP
Blaster Worm - A.K.A. W32.Blaster.Worm - information from Microsoft MVP's Mike Kolitz and Ron Martell regarding this newest addition to the "screw up your computer" gang or worm viruses Also check through Jim Eshelman's forum response to fixing the Blaster plague . Symantec also has info here
W32.Yaha.K@ mm - In their infinite wisdom Symantec and possibly other antivirus software companies decided not to place the definitions for this virus in their LiveUpdate until December 30. They knew the virus was in the wild and propagating but just let it go. Get a cleaner here.
W32/BugBear-A information and removal tool from Sophos
W32.Klez Removal Tool - Symantec has provided a tool to remove infections of W32.Klez.E@mm, W32.Klez.H@mm, W32.ElKern.3587, and W32.ElKern.4926
W32.Nimda.A@mm - is a new mass-mailing worm that utilizes multiple methods to spread itself.
The W32.Sircam.Worm@mm - Download a tool to remove and repair any damage done by this virus.
NewLove virus - They keep getting worse. This one is based on the ILOVEYOU virus but can erase ALL inactive files on your system. Take this link to update patches for most of the anti virus programs around. This includes free antivirus as well as the retail services. DO IT NOW!!!!
ILOVEYOU virus - Symantec has identified 29 variants of this virus since it was released on May 4, 2000. Check out the info at this link to learn more about this quickly mutating virus and the different versions currently in the wild.
ILOVEYOU - Love Letter virus - Information about protecting yourself from the .VBS worm that brought the world to it's knees. There is also a cleaner available from Getvirushelp.com
KAK worm virus - WScript.KAKWorm - There is information here about this "pain in the butt" as well as a cleaner. In addition you need to download and install a patch from here to fix a security problem with Microsoft Outlook Express Security Update, September 7, 1999
W32.CIH.Spacefiller - Also known as the Chernobyl Virus this nasty will erase your hard drive. You can find a cleaner for it from this link.
Is Someone Looking At Your Files? - Updated information about the Sub7 trojan!
SubSeven
cleaner
and Backdoor Orifice Removers
-
These links will take
you to sites to download cleaners for these unpopular trojan programs. If you spend much
time on mIRC you may want to check these out!
NetBus Information - The author does a fine job of explaining backdoor trojans and supplies links to solutions on how to remove these nasty intruders
SubSeven Information - This page will give you the low down on another popular trojan program and the instructions for removing it!
Fix-CIH" Since this pesky CIH virus has just damaged hundreds of thousands of hard disk drives, Steve Gibson created a new FREEWARE program to recover from this problem . . . even AFTER the virus has wiped out a drive!
ByeMelissa - Take this link to ZDNet to download a freeware program that will check for the Melissa virus (read this) on your system. If it is found you will be prompted to download and remove it through a virus checker.
BubbleBoy Virus - Microsoft has released information on how users can protect themselves from the newly-reported BubbleBoy virus. This *new* virus takes advantage of a couple of security flaws in Outlook and Outlook Express. You can find patches and solutions to defend against the BubbleBoy Virus here.
Anti Virus Research Center - Information and Protection for W95.CIH (Chernobyl) virus KILL_CIH.EXE Tool
EICAR-STANDARD-ANTIVIRUS-TEST-FILE
- Do
you want to see if your Anti-virus software can catch a virus, or know what happens when
one is found? The following is for Test purposes and is harmless. Either click the link to
download the
EICAR.COM
(in zip form) or open Notepad and copy and paste the following line, then save the file as
EICAR.COM
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
When scanned with a virus checker it will be identified as a virus and the options to deal
with it will be displayed. Once again THIS IS NOT A VIRUS AND WILL
NOT HARM YOUR COMPUTER IN ANY WAY. Please do not send
this as a "Joke" to someone. Viruses (even as Jokes) are not funny and if you've
ever had your computer thrashed you'll know what I mean.
Virus Hoaxes - another link to the Symantec site. This time you get to read about the hoaxes and myths out there
Inside the Virus Writers Mind
-
a brief news item written by
Vince Beiser and published on WiredNews
Hot On The Trail of Virus Writers - another good review of the psychology of
the virus writer.
Virus Alert - the author gives a treatment to the .CIH (Chernobyl) virus
Microsoft Security Bulletin - check here for info regarding security problems and find patches for known problems or to prevent potential problems with security issues in Windows 9x.
Norton Antivirus Free 95/98/NT Scanner - This is from the No Nags website. Read what they have to say about it here
Symantec Online Scanner - Symantec Security Check tests your exposure to a wide range of online threats. It's free and efficient, and it helps you determine your Internet security needs.
House Call Online Virus Checker HouseCall is Trend Micro’s free virus scanning service - the only online scanning service available to all Web users. There is nothing to install; just follow the simple instructions.
Free Anti Virus Software
AntiVir Personal Edition - An excellent freeware AV program. There are versions for Windows 95 through to Windows XP.
AVG Antivirus v 6 - this is a top notch AV program with real-time scanning and a host of features.
MailCleaner - MailCleaner constantly checks your incoming mail in order to verify that your computer receives no viruses. When an incoming mail is suspected to contain a virus, MailCleaner will automatically delete it and notify you.
eSafe Desktop offers the most complete Internet content
security solution for home users. eSafe is the first content security solution
to offer comprehensive protection from vandals (malicious mobile code, Trojans,
worms, VB/JavaScript), viruses, data exposure and inappropriate content
The Cleaner - the
(Multi-Trojan) cleaner for Windows95/98/NT (30 day trial then $29.95 to register)
MooSoft Development
Computer Associates - InoculateIT Personal Edition
http://www.cai.com/antivirus/personal/
F-PROT For DOS (freeware)
http://www.claymania.com/f-prot.html
Frisk Software International - F-Prot (not the same as DataFellows)
http://www.complex.is/f-prot/obtaining.html
Kaspersky Labs - AVPLite for DOS
http://www.kasperskylabs.ru/eng/products/eval.html#evaluate
Rose Site for Antivirus tools - freeware and shareware
http://come.to/rose_swe/
TheFreeSite.com - A good selection of Antivirus freeware
Symantec - Norton AntiVirus DOS Scanner
http://www.symantec.com/nav/index_downloads.html
http://vil.nai.com/vil/stinger/
http://www.emsisoft.com/en/
http://free.grisoft.com/doc/8/lng/us/tpl/v5/nid/3001#3001
http://www.f-secure.com/download-purchase/tools.shtml