|
|||||||
BS: Tech- BLACKHOLE WORM VIRUS |
Share Thread
|
Subject: BS: Tech- BLACKHOLE WORM VIRUS From: Barbara Shaw Date: 14 Apr 03 - 03:23 PM Has anyone else run into this? I get an email with the subject: BEWARE OF THE NEW BLACKHOLE WORM VIRUS Then my mail program brings up a window saying Msimn has performed an illegal operation and I have to close down. When I open up Outlook Express again, I need to delete the message quickly or this mail will keep closing down my program over and over. Help! The guy at Norton had not heard of this. |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: Greenbeer Date: 14 Apr 03 - 03:44 PM could be "Trojan.AOL.Blackhole" ...are you on AOL? see http://www.antiviraldp.com/virus_list/list_7.htm for the site that seems to handle this virus. -Patrick/greenbeer |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: Barbara Shaw Date: 15 Apr 03 - 08:59 AM No, I'm not on AOL. And I just got another one today with a different subject. Without even opening the thing, just in preview, it performs "an illegal operation" and shuts down my browser. Anyone got any other ideas? |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: GUEST,Jon Date: 15 Apr 03 - 09:13 AM I can't find anything on "BLACKHOLE WORM VIRUS" but: 1. Disable Javascript on Outlook Express. Or set it to prompt. 2. Go to the Microsft Site and look for "critical updates" for your operating system. Both of these actions should help prevent malicous code "auto opening". |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: GUEST,jennifer Date: 15 Apr 03 - 09:30 AM I have had the Outlook-closing-down thing ever since we updated to version 6 - and before I had any Black Hole Worm virus warnings. But mine does it when I'm in the middle of replying to messages. It hasn't got any worse since we have had the virus warnings, two I think I've seen but I delete them straight away. I've got the preview pane switched off and also set it so it won't download attachments. I have run Norton checks and updated virus definitions since it started. Is this related to Barbara's problem? Has Barbara found any lasting effects once the rogue email is deleted? |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: Snuffy Date: 15 Apr 03 - 09:31 AM Turn Preview off |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: Barbara Shaw Date: 15 Apr 03 - 07:11 PM How do I disable javascript on Outlook Express? I changed the security setting to "restricted sites zone (more secure)" rather than "internet zone (less secure but more functional)" but couldn't find anything to disable java scripts. I turned preview off, and saved myself from yet another BLACKHOLE WORM VIRUS message, this time from "Carmella Burton" at o169hrx02u1@aol.com. (What's the point of preview, anyway, if it still executes code in the email without being opened?) As for lasting effects, the next time I booted my machine I got an illegal operation in Explorer! I closed the box that came up, and everything seemed to continue anyway, although all the icons that are usually shown as running along the bottom were not there. Shut it down, rebooted, and this time it worked fine. Humbug. Thanks to all for the suggestions and help. |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: NicoleC Date: 15 Apr 03 - 08:18 PM "(What's the point of preview, anyway, if it still executes code in the email without being opened?)" It saves you the double click. That's about it. You can't disable JavaScript in Outlook without disabling it in Internet Explorer. Tools -> Options -> Connection -> Change -> Security -> Custom Level ... and scroll down to the Java section Jen, updating your AV program will not necessarily undo the damage done by a virus, worm or trojan, which is why staying up to date on your definitions anmd frequent backups of critical date are so important. It might, however, have quarantined files which you can see in your Quarantine section which will help you identify the culprit(s) and rectify the damage. Instructions or removal tools are available on various AV web sites for specific viruses. If you can't figure out what you may have been infected by, a full system reformat is sometimes the only option to definately get rid of it. (NOT restoration programs which don't reformat your hard drive -- it might kill it, it might not. It might save the particular settings that cuased the damage.) And if it wasn't a case of infection but instead damaged files or setting, that'll fix that, too, but I see many folks rush to decide their problem is a virus. With so much junk coming in your email, it's understandable! But I'd check everything else before reformatting... what a pain. |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: JohnInKansas Date: 16 Apr 03 - 06:19 AM A second to NicoleC - you've got to keep your AV program and definitions up to date. When your AV identifies a virus, you need to go to your AV supplier's site and look at the detailed info on that virus. Usually there will be enough description of what the virus does to let you "complete" a cleanup. It's especially necessary if a new AV update finds a "new" virus that may have been on your machine, and done some damage, before you got the new signatures. The question of disabling Java is sort of a "grey" one. There are enough good sites using it that you lose a little if you turn it off, but if you go to "questionable places" on the web, or if you get a lot of junk email, you may want to disable it. Especially if you chose to permit Java, it is essential that you keep up with Windows and IE (or your other browser) updates. If you use XP or 2K, you can set up "auto-updating." I'm not sure that Win95 or Win98 can do it automatically, but if you haven't done a Windows update within a couple of weeks you're past due. John |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: GUEST,PaulC Date: 16 Apr 03 - 02:06 PM I know of two computers infected. Both sites had the latest virus definitions from Norton. One site was using Juno, which unfortunately doesn't allow you to close the preview pane. Neither Norton nor McAfee know anything about the virus, apparently. I can find nothing in either virus databases about it. On both machines, there was an additional symptom. The edges of the Windows desktop began to shrink, leaving a black border all around the screen. (The "blackhole"?) Not a hardware problem. Possibly a driver corruption. In one case, an update of IE and Juno resolved the "illegal operation" problems but not the desktop shrinkage. The desktop can be stretched to fill the screen, but the edges are not accessible. |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: Barbara Shaw Date: 16 Apr 03 - 04:31 PM Well, I've been busy getting religion. I confess I have NEVER updated Internet Explorer, and had to go from 5.5 to 6 plus get 19 critical updates. My AV is up to date with the latest definitions and I trusted that to protect me. Hah. Anyhow, things are seemingly working well right now, although I miss the preview in Outlook. Thanks to the folks here, whom I trust for good information. |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: wysiwyg Date: 17 Apr 03 - 12:04 PM What the heck is Msimn? ~S~ |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: MMario Date: 17 Apr 03 - 12:08 PM program/process name... |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: Stilly River Sage Date: 17 Apr 03 - 12:09 PM Barbara, You can set up the Antivirus to scan regularly, and also to go check for updates. Mine runs every evening at 8pm, and it's in the background. I only hear a momentary sound as the system starts running the scan. SRS |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: wysiwyg Date: 17 Apr 03 - 12:09 PM Mmario, does this probalem sound like what you saw with my puder? ~S~ |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: GUEST Date: 17 Apr 03 - 12:27 PM WYSIWYG msimn.exe is Outlook Express |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: wysiwyg Date: 17 Apr 03 - 12:31 PM Thanks. ~S~ |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: MMario Date: 17 Apr 03 - 12:32 PM no. similar but not the same. |
Subject: RE: BS: Tech- BLACKHOLE WORM VIRUS From: GUEST,Peter from Essex Date: 17 Apr 03 - 12:35 PM I use a free package called EmC to preview headers before I download anything. Saves a lot of time as it automatically wipes a lot of spam and lets me manually delete the rest. After that I still have a Norton running with auto update. |