Is it possible to pick up a computer virus using the hotel wireless connections?
Nothing downloaded just using MSN messenger and skype.
Keep getting some virus named JS/downloader agent.
Isolate it and throw it in the virus vault, opening messenger it pops up again.
Affecting quite a few computers here.

Messenger is notoriously poor at security, it has been the source of many infections I believe, Skype is better but you could still get infected if you accept stuff from strangers.

Found this little snippet, naughty boy.....:E:E:E

This trojan can get installed while browsing adult websites where it has been hosted

No adult web sites here in KSA anyway.
Just wondering if it came from MSN or Yahoo messenger.

Am in KSA too, but know how easy it is to get on them from here, is it a secure wireless connection? I would bet even money it came from messenger. My son came to visit me in the states and used my computer for chat on messenger, when he finished Norton found 4 trojans!!!

I occasionally read HJT logs in security forums. (Well, ok, I read quite a lot of them), one thing most of them have in common is at least one IM program active.
I never use them; never will, have no need. One of the first things I do on a new system is to remove it.

Unfortunately, a hotel wireless connection is generally as secure as your PC is. It is as secure as your home internet connection, it's only your PC which has the security problem as the hotel wireless is only a connection unless you had to install a special piece of software to use the connection and that could be the issue.

Uninstall messenger, delete anything regarding messenger that is left, go to http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym or http://housecall.trendmicro.com/ and do their online scan. You can do the same with Macafee too. From what I have seen, and that ain't much so far, this seems to be getting flashed up by AVG. Wonder if it's a false alert....

Yes I am using the AVG edition, but fully updated.
Hotel connection is unsecured, just click and go.
nothing downloaded.
Hope its a false alert!

I remember a similar problem getting rid of a virus/trojan, found out it kept coming back because I has system restore on. Had to turn restore off, clean the system then re-enable restore. The virus was sitting in the restore file and would just come back every time I booted up. That solved my problem. Maybe you need to go that route too. :}

This from Symantec regarding JS/Downloader

Discovered: October 27, 2003
Updated: February 13, 2007 12:12:27 PM
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.


Disable System Restore (Windows Me/XP).
Update the virus definitions.
Run a full system scan and delete all the files detected as JS.Downloader.Trojan.

Is it possible to pick up a computer virus using the hotel wireless connections?

To answer the question very simply: YES

If you normally run your own home wireless network behind a NAT router you are shielded. No take you laptop on to another wireless netwok and you have no idea who is also on the that same wireless network, inside the router.

Just check next time, use explorer (not IE) to have a look under the network section, maybe you will see a few PCs with open shares all asking to be infected, or maybe trying to infect you.

I'm running a hardware firewall (my router) as well as a software one and that does not stop an infection when one of rugrats decides to open something/visit a site/download something they shouldn't.

This infection that Earl got is a javascript exploit which can only be picked up by visiting a dodgy website. It isn't a "virus", but a trojan so it cannot replicate itself and spread, you can only get it by going to a website which has the script embedded in it. The hotel network is not at fault here, in any way, he picked it up himself somewhere.

One very effective way to help prevent computer infections - particularly by trojan horses - is NOT to use an admin-level account for general browsing.

IMHO, ALL users should be simple "User" level, with an admin account available for "run as" and occasional logging in for admin tasks.

If a virus / malware piece of sh1t cannot write to the registry, install programs or whatever, then it is robbed of its ability to do harm.

SD

If AVG removes the virus, and it keeps popping back up, it has probably installed a rootkit. This lives under the OS level, and so is invisible to your anti-virus. Each time AVG removes the virus, the rootkit simply puts it back.

Grisoft (who make AVG) also have a freebie rootkit removal tool here: http://free.grisoft.com/doc/5390/us/frt/0?prd=arw

It's also _VERY_ worthwile considering SD's tip above.