next message in archive
no next message in thread
previous message in archive
Index of Subjects
Hi Kathy (& Shirley),
All CCN email is virus-scanned with the latest software prior to
delivery to users' inboxes. You most likely became infected by visiting a
website somewhere on the internet that offers free software, free gifts,
news, weather, topical discussions, forums etc. To pay for these 'free'
services, some unscrupulous websites will hide trojans in their page codes
and some browsers will load these in the background, so you don't even
know that your computer has become infected. There have been reports of
virii infections on Facebook, MySpace and Twitter lately so even those are
suspect, especially where users pass email and postings amongst themselves
freely so one infected Facebook user could easily take out a bunch of
their friends. I don't use Facebook or any of those services for that
reason alone.
The best browser to use Firefox (www.mozilla.org) where you can control
the level of security and these page codes will not be loaded or accepted
by your browser. Internet Explorer is not nearly as secure as Firefox.
There are also lots of secure add-ons to Firefox; one I use, in
particular, is called NoScript, which prevents any background scripts from
loading. This, however, will also stop legitimate scripts from running
but you can alter the allowances for each website by selecting the small
box in the lower right hand corner and letting trusted sites such as CCN
to run their scripts.
There are various good virus removal programs on the internet; many
free such as Avast (do a search for the URL) and run it to remove any and
all virii found. While you're at it, it might be a good idea to get
yourself SpyBot - Search and Destroy v1.6 and Ad-Aware Anniversary Edition
(both also free) to help eliminate the threat of spyware, adware and
malware, which can be just as devastating to a computer as a virus. Look
in our PDA for software for your system:
www.chebucto.ca/Services/PDA
Find your system and follow the links through to the various sections.
Another thing to try, if you're the daring sort, is to edit the
registry to remove the virus' start line which loads each time your
computer boots. Also note that these instructions are only for a PC
running Windows and not for a Mac which is a lot more involved.
*** Please be warned that registry editing is done at your
own risk and that CCN will not be held responsible. ***
To remove BankerFox.A, you just need to stop it from auto-running
when your computer starts up. This requires the 'dreaded registry fix'.
The registry is really not that daunting, provided you're careful and follow
instructions to a tee. The thing that scares people about the registry is
that it's 'live'.
What that means is that, unlike other programs that allow you to edit and
then save your changes, any changes to the registry occur at the time you do
it, so you can't simply back out and say 'discard the changes' if you're
already made the changes. The changes you make work instantly so you just
need to know what to touch and what to leave alone.
Navigating the registry is actually very logical as you will see by
following the instructions. It really makes a lot of sense and is actually
very simple. You're just going to remove the instruction line from the
registry that tells BankerFox.A to load and that's all.
Print out (or write out) the exact path you need to follow to get to
where the line is that you need to delete. Once you have deleted the
particular line that tells BankerFox.A to load, you simply exit via the
upper right hand corner [X] exit box and all will be well.
This is the path to follow:
Go into your C:\Windows directory and find 'regedit.exe' and run it.
This will open a split window with registry directory names on the left.
Click on:
HKEY_LOCAL MACHINE and then click on:
Software and then click on:
Microsoft and then click on:
Windows and then click on:
CurrentVersion and then click:
Run
Look for BankerFox.A in the right hand window and highlight it. Use the
right mouse button to bring up the delete option and confirm 'yes' delete
it. Delete only that line. You may be tempted to delete other stuff too,
especially if you have a lot of junk starting up but you can do that at a
later date to streamline your startup. Once that line is deleted, exit
immediately via the upper right hand corner [X] exit box and all will be
well.
Now reboot your computer and BankerFox.A will no longer auto-run. It's
still there in your system until you can have an anti-virus program
remove it but it will no longer affect your system. If, once in the Run
directory of the registry , you can't find any reference to BankerFox.A,
simply leave using the exit box at the upper right hand corner of your
screen and the registry editor will close with nothing changed.
Let us know if you require further assistance with this problem but you
should really remove any virus threat from your system before contacting
any of your friends via email as they could become infected by your email.
CCN scans only incoming email and not outgoing material, and many ISPs
don't scan at all.
PS: I'm curious as to why your account name reads Shirley Gilbert
instead of Kathleen Corkery.
CCN Help
-----------------------
On Fri, 16 Apr 2004, Kathleen E. Corkery wrote:
> i keep getting email from address i don't know that says that "this email
> had a virus attached". it sounds like maybe i am sending virus around? or
> is it a case of those emails you have been wrning us about. if i am
> sending viruses around what can i do about it? thanks for your help.
> kathy
On Wed, 6 Jan 2010, kats5@chebucto.ns.ca wrote:
> Unable to access email at sign-on.
> Get the following msg:Antivirus softweare alert
> Infiltrationalert
> Your competer is being attacked by an Internet Virus.
> It could be a password-stealing attack, a trojan-
> dropper or similar.
> Details:
> Attack from: 175.26.195.9, port 53890
> Attack port: 58947
> Threat: BankerFox.A
>
> Also get a pop-up screen reading: Porn.com
> Is Thunderbird email infected at Chebucto Net or
> is it just my computer?
>
>
next message in archive
no next message in thread
previous message in archive
Index of Subjects