A new virus?

**gwpriester** · 29 April 2002, 09:11 AM

I seem to be receiving a lot of virus-infected messages with a subject line something to the effect of IE Win XP Removal or words to this effect. I have also received some allegedly send via Miscosoft.com that offer an XP patch. These messages are about 30K in size and contain a virus.

Anyone else having trouble with these?

Between the virus-infected messages and SPAM from Korea, almost constant, I hardly get any meaningful messages any more.

Makes one wonder.

Gary

Gary Priester

Moderator Person

<a href="http://www.gwpriester.com">
www.gwpriester.com </a>

XaraXone

**jens g.r. benthien** · 29 April 2002, 11:36 AM

The worst thing is a 'nice game', where 'you are the first one to play it'. Comes with a 'play.exe' attached. It'll infest Outlook address books and start duplicating itself. Spreading very fast. Don't touch it, delete it on the server if you can.

jens

jens g.r. benthien
designer
http://jens.highspeedweb.net

----------//--
If you don't know how to dream you'll never be a designer.
----------//--

**houseofman** · 29 April 2002, 10:20 AM

I've been getting various versions of W32/Klez.h@MM virus lately atempting to attack my system but not the one you spoke of. I did see info about it though on McAfee site. (I guess you've got the latest and greatest <g>)

... and the SPAM... GRRRRRRRrrrrrrrrrr!

Phil

**rockymtnwulf** · 08 May 2002, 02:00 PM

I would like to start by saying hello to all the forum members...this is my first post.

Gary, you wrote:
So now, if it is not someone I know, it is out it go(es).

Gary, I know spam is a huge problem on the Internet. Heck, I had to drop several e-mail addresses over the years due to the outrageous amount of spam. However, you helped me in the past. Someone you did not know. If it was not for you opening up my e-mail (which was from someone you did not know) then who would have helped me with the design for my father's tombstone (doesn't that bring a tear to your eye)

. I have been contemplating and fighting with myself as to whether or not I should go to an Art College. After talking to you through e-mail and the first time in several years, you have sent me on a path to pursue graphic design (though some would construe this as a bad decision on my part). Gary, it has been you who has inspired me to design and whom I hold a high regard. I know viruses and spam are something no one wants to deal with. I ask you to keep this in mind, if you delete the e-mails from someone you do not know, then who wins. The spammers do and the person out there like myself who needed a nudge in the right direction and help loses. What I ask is that you give everyone the same help you gave me. I thank you again Gary for your time and your help!

Now that I am off my soapbox, here is some info I have come across and feel I should share. There is a script written in JavaScript http://www.joemaller.com/js-mailer.shtml which will break your e-mail address into two parts. This is oblivious to the surfer and will display on your site as a normal e-mail link. It is very easy to use and will prevent the spiders and bots from grabbing your e-mail address. Now, when you register a web site, your name, e-mail address, home address, etc. is listed in Network Solutions WHOIS database http://www.netsol.com/cgi-bin/whois/whois (this web site is a spammers dream) and although it is a royal pain to remove this info or change it, it can be done. Another way to deal with spam is to contact the FTC and or forward the spam to the FTC at https://rn.ftc.gov/dod/wsolcq$.startup?Z_ORG_CODE=PU01.

As far as faxes/telephone calls, Colorado was so kind enough to pass a law to protect us from many unwanted telemarketing calls. There is a web site to put your telephone number on the Do Not Call List. This page has links which should be helpful to Non-Coloradoans but is just for the States http://www.coloradonocall.com/index....seaction=Links.

Remember, your best defense is a good offense. A firewall (Zonelabs) and anti-virus (Norton) should be your offense.

I hope this helps...

Pauly

**gwpriester** · 01 May 2002, 05:32 AM

It used to be I opened almost every piece of e-mail I received. I often get messages requesting help from all over the place.

Now I never download e-mail without going first through mail-washer, although it does not really flag virus infected messages. I have "previewed" a few messages on the server only to find they contain viruses which Norton Simon has caught and quarentined.

So now, if it is not someone I know, it is out it go(es).

Gary

Gary Priester

Moderator Person

<a href="http://www.gwpriester.com">
www.gwpriester.com </a>

XaraXone

**diniel** · 03 May 2002, 07:34 AM

It'll sit in your system tray and whenever you collect email - either manually or automatically, Norton steps in and acts as a proxy between your email program and your email server.

Norton downloads your email and then checks it for viruses before passing it into Outlook/Pegasus/Outlook Express/whatever.

It takes no extra time to download, takes no effort, and you need set nothing up. Just install Norton Antivirus and that's it.

Provided you keep the virus definition files up-to-date, you can be more confident that you're not about to open another email. It'll stop you from receiving any more Badtrans, Sircam or Klez viruses right away, and as soon as the definition files are updated after the next monster is discovered, then you'll get no more of those either.

Best thing to do is to get yourself signed up with the Trend and SARC mailing list notifications, which send out warnings of each new "big" virus, and as soon as you get the email from them, force an update.

For obvious reasons, this doesn't mean you can open any attachment you like without worrying, but over 99% will get stopped at the door.

If you run the firewall from ZoneLabs or Outlook 2002, you can't accidentally open .pif or .exe virus attachemnts anyway.

**Peter Clifton** · 30 April 2002, 04:32 AM

This is a bit beyond my skills but I think it should be possible.

You are receiving so many spams and viruses because your email address exists in probably hundreds of thousands of HTML pages in web caches across the world.

In javascript it might be possible to do the following, perhaps an HTML/script wiz (Maybe even someone at Xara) could come up with the following.

Instead of having a 'mail to:' link on the web page, you have a button that points to a java script routine that ROT13's (shifts all characters along the alphabet by 13 places) an already ROT13nd email address stored in the webpage prior to calling 'mail to:' (it may be possible to use a slightly more complex form of encryption, just in case spam trawlers are wise to ROT13)

Since the ROT13nd address stored in the web page will be utterly useless it won't matter if it is trawled by search engines and others. It will still be possible to email you with one click of the mouse, but this would require user intervention and somebody actually wanting to contact you, hopefully with relevant correspondance.

If it is possible, it might take several months to stem the tide as search engine web spiders gradually update their caches and users clear there temporary internet caches but eventually unwanted emails might slow down. It won't stop the spammers that already have the email address stored elsewhere but maybe if this idea fails now, it might work in the future if you change the email address and report any future offenders to Spam Cop.

As I said the idea may not be workable, it is beyond my current skills, just thought it might be worth mentioning

HTH

Peter

The style challenged Pete'sCrypt

**mesteno1** · 01 May 2002, 04:17 AM

Yes i have been recieving what seem to be an unusualy large number of spam emails. What ever you DO DO NOT TOUCH ANY THING FOR I.E.EXPLORER PATCHES REPAIRS FREE OFFERS OR ANYTHING LIKE THAT ,, ONE MORE THING IF YOU FREQUENT MICROSOFT UP-DATE PAGE BE VERY CARFUL
WHAT YOU DO I BELIEVE THAT IS WHERE I GOT A VIRUS FROM. IT IS A FIGURATIVLY SLOW MOVING VIRUS AND IT MESSES WITH IE EXPLORER FIRST YOU START GETTING ERROR REPORTS SYSTEM WIDE THEN STARTS LOCALIZING IN YOUR BROWSER FEED OVER INTO WINDOWS EXPLORER IN THE END WHEN YOU YOU TRY BOOT YOUR YOU COMPUTER JUST BEFORE YOUR DESK TOP APPEARS , ALL THAT IS VEIWABLE ON SCREEN WILL BE YOUR START BUTTON, AT THIS POINT , WINDOWS EXPLORER SAYS IT HAS CREATED AN ERROR IN SOME WIERD FOLDER TELLS YOU TO TRY RESTARTING YOUR COMPUTER BUT YOU WONT BEABLE TO NOR WILL YOU BE ABLE TO START IN SAFTY MODE AFTER ALL IS SAID AND DONE YOU WILL HAVE TO REFORMAT YOUR PC YOUR ENTIRE SYSTEM , I KNOW CAUSE I JUST DID THIS. NOT EVEN MY EMERGENCY BOOT DISC WOULD WORK. I LOST ALL MY ART POETRYSOME RATHER RARE PROGRAMS THAT ARE IRRIPLACABLE. SO BE EXTREEMLY CARFULL EVEN WITH WINDOWS UPDATE PAGES, OR ANTHING TO DO WITH WINDOWS EXPLORER IE EXPLORERE

MESTENO1

**raffon** · 09 May 2002, 09:17 PM

My ISP uses a service called Postini (www.postini.com), filters viruses and spam for $2 a month. If your ISP is a small one have them check it out as an option for their customers. I haven't had a virus since I started using it. Always up-to-date virus definitions.

Ich bin ein New Yorker

**NinaV** · 30 April 2002, 09:19 PM

A few weeks ago when I visited this group I found a message with a link to http://www.mailwasher.net/

Since then I've been using this great application to prevent my system from downloading spam and infected emails.

You may want to visit the site and give it a look.

Nina V

"Love me... Love my dog

Thread: A new virus?

Thread Tools

Display

Hybrid View

Bookmarks

Bookmarks

Posting Permissions