Genealogy Chat

This little beast has eaten up Norton for lunch and chewed up my internet access for dessert. Symantic's assessment of it as low risk seems a trifle optomistic. Once it had invaded, Norton scans revealed nothing and once I had rebooted I had lost the opportunity to download anything to kill it, so please be careful out there!

Have you got rid now Bren? So Nortons didnt even find it? Have you tried running avg7 to see if it picks it up?

Nod 32-trial 1 month Brenda.

Hi Heather I can mercifully open my laptop (by use of F8 button and some tweaking) but I cannot reach the internet, so can't find a cure. Strong men fainted at the sight of me in the office before 8.30, as I arrived to do a little private work deferred from last night. Looks like I'll be having a lot of early evenings for the next few days!

Can I ask if your Microsoft Windows Updates are all on? This is often a cause of these nasty problems. I would check the Windows update site if I were you. What operating system are you using? XP, Me, 98? Cheers, Horatia

If you were running Norton with the default settings following installation I doubt very much that the virus has got through Norton, they are the world leaders at anti virus, there is a very small chance that you can get a virus before Norton themselves detect it out there on the internet but it's highly unlikely, they monitor web traffic and virus's are soon detected as they are released. I would look elsewhere for the cause of the problem. Ron www.genealogyprinters*com

Ooh, that looks good, Chris! I can't believe how empty evenings are without the internet!

Discovered: June 8, 2006 Updated: June 11, 2006 02:22:51 PM ZE9 Type: Trojan Horse, Virus, Worm Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP Bloodhound.NsAnti is a heuristic detection for files that may have been packed with a tool called NsAnti to conceal them from antivirus software. NsAnti is a tool that compresses and encrypts Windows PE files. Though NsAnti is not itself malicious, it is often used to conceal threats from detection by antivirus software. Files that are detected as Bloodhound.NsAnti may be new variants of worms or trojans. Please submit such files to Symantec Security Response for further analysis. For instructions on how to do this using Scan and Deliver, read How to submit a file to Symantec Security Response using Scan and Deliver. RecommendationsSymantec Security Response encourages all users and administrators to adhere to the following basic security 'best practices': Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates. If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied. Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the current Service Pack installed.). Additionally, please apply any security updates that are mentioned in this writeup, in trusted Security Bulletins, or on vendor Web sites. Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised. Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files. Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media. Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched. Summary

I have to agree with Ego. Run Nod32. I've had Nortons for ages and just changed this year. Not sure what the tech help is like as I live in Brisbane, Australia, and it is a Brissie company, But it has been great. Nod found so much that Nortons had let through.

Nod32 - so is that a new antivirus program? ill have to have a peek. Good luck Bren- I would miss you not being on here, so get it sorted, eh? I have to say I downloaded that Spyblaster Judy recommended and its constantly telling me that its stopping cookies and things - even on this site, its just stopped three?

Thank you everyone for the advice. I *thought* I kept up to date with windows, Norton etc but I begin to think I was better with the old punched cards. The firm's it guy is coming in on Thursday. He sucked in his breath, learning what had happened, so no doubt I am due for a lecture, but he thinks he can sort it. Heather, everytime I complain about the subs, I'll remind myself what it's like when I can't access help advice and friendship from such a range of good people!