Re: Viruses Worms Everywhere
On Fri, 30 Nov 2001, Anthony Farr wrote: I've seen this kind of address on some spam e-mails, and I've read that they are sent directly into your mail reader while online, rather than being downloaded from your ISP's mail server. That's why they have the strange address details. Just what I read but as I have no effing idea how email works I'd probably believe anything I read :) It's the Badtrans virus. More details available from any anti-virus site. It comes with an executable program which pretends to be a Word document and does something to the registry. dave - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
I've seen this kind of address on some spam e-mails, and I've read that they are sent directly into your mail reader while online, rather than being downloaded from your ISP's mail server. That's why they have the strange address details. Just what I read but as I have no effing idea how email works I'd probably believe anything I read :) I haven't had any strangely addressed e-mail come in since I installed Sygate Personal Firewall (freeware) recently. Before that I'd get them regularly. What was scary were emails with unreadable babble in the sender and subject lines, but they turned out to be spam from Korea, and I don't have Korean language support installed. Regards, Anthony Farr - Original Message - From: Shel Belinkoff [EMAIL PROTECTED] (snip) The ones that came my way were blank messages, the sender of which had an odd aspect to his/her email address. The addresses looked like this: [EMAIL PROTECTED]. Note the underscore proceeding the actual address. (snip) - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
RE: Viruses Worms Everywhere
It's known as the W32.Badtrans.B virus. It tries to pop up some kind of control panel for something and then hangs. But it is really trying to access your email list to replicate itself. My wife's machine got it last week although she didn't see it. However those are the same symptoms. In my case I saw it come in and try to make me install the Win Media module which I squashed. then I switched Outlook to offline mode and figured out which message it was and then finally got around to reinstalling the AV package I have and didn't bother in my last HD upgrade. Had to upgrade to the latest PC-cillin 2000 to get it because it won't show up in a file scan of the drive as it is imbedded in the Outlook mail box as an undetectable attachment (JavaScript). Had to use the PC2K special feature of scanning the Outlook attachments to find it. Then set the scanner to check email as I opened it. This had to be done because after rebooting and going back on line all my last 400+ messages were redownloaded again to my desktop. this means it is affecting the status of the Deleted Item list in Outlook. This time when downloaded it caught it immediately. So keep your AV tools updated. Kent Gittings -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Rittenhouse Sent: Thursday, November 29, 2001 7:05 PM To: [EMAIL PROTECTED] Subject: Re: Viruses Worms Everywhere The one that got me was, I think, a script embedded in an e-mail. When I selected the e-mail to delete it, it ran. It gave me a script cannot complete message. Norton did not detect it. --graywolf - Original Message - From: Anthony Farr [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, November 29, 2001 7:18 PM Subject: Re: Viruses Worms Everywhere Shel, Were they in attachments or embedded in HTML? I'd just like to know what to watch out for. Regards, Anthony Farr - Original Message - From: Shel Belinkoff [EMAIL PROTECTED] I don't know about you all, but in the last three days I've received eleven email messages that contained a virus or a worm. Be careful out there ... -- Shel Belinkoff mailto:[EMAIL PROTECTED] - - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org . - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org . ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ** - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
That's a lot of work. Not using Outlook frees me, it seems, from having to deal with this garbage. Sorry you got infected, but, just out of curiosity, if various MS products are so susceptible to this sort of thing, why use those products? Is there some feature about Outlook that makes it more desirable compared to other mail programs? Kent Gittings wrote: It's known as the W32.Badtrans.B virus. It tries to pop up some kind of control panel for something and then hangs. But it is really trying to access your email list to replicate itself. My wife's machine got it last week although she didn't see it. However those are the same symptoms. In my case I saw it come in and try to make me install the Win Media module which I squashed. then I switched Outlook to offline mode and figured out which message it was and then finally got around to reinstalling the AV package I have and didn't bother in my last HD upgrade. Had to upgrade to the latest PC-cillin 2000 to get it because it won't show up in a file scan of the drive as it is imbedded in the Outlook mail box as an undetectable attachment (JavaScript). Had to use the PC2K special feature of scanning the Outlook attachments to find it. Then set the scanner to check email as I opened it. This had to be done because after rebooting and going back on line all my last 400+ messages were redownloaded again to my desktop. this means it is affecting the status of the Deleted Item list in Outlook. This time when downloaded it caught it immediately. So keep your AV tools updated. -- Shel Belinkoff mailto:[EMAIL PROTECTED] http://home.earthlink.net/~belinkoff/pow/enter.html http://home.earthlink.net/~belinkoff/cameras/pentax_repair_shops.html - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
RE: Viruses Worms Everywhere
I had to remove W32.Badtrans.B virus from a machine this week too. Norton only added this definition a few days ago (24th I believe), so if you haven't run liveupdate since then it wont pick it up. Once I installed the latest update it removed the virus fine. You also need to check Windows Update (Microsoft) for a patch for the hole that this worm uses. HTH Regards, /\/\ick... - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
RE: Viruses Worms Everywhere
BTW an easy way to see if you have W32.Badtrans is to check for the existence of Kernel32.exe (that's EXE and *NOT* DLL) and kdll.dll in your windows system directory, as those arte the virus files. You can remove the virus by deleteting them both in safe mode. Of course you also need to delete the offending email too. Regards, /\/\ick... - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
RE: Viruses Worms Everywhere
Hi, On 30 Nov 2001 at 10:04, Kent Gittings wrote: In my opinion at least Outlook tends to be more intuitive than using the Netscape email client. But these are only two. Two of the most common ones, and obviously the ones the viruses and worms are tested on. Personally, I'm for Pegasus Mail, but there are lots of others... I've used other products over the years but most have some limitations and as a result I tend to put up with the vulnerabilities. Which are limitations too... ;-) And by the way my wife's machine uses Netscape Communicator so it is not an Outlook specific virus. As long as your machine is set to execute JavaScript wise open it is vulnerable. True. HTML mail with embedded active or binary content will always be a risk. That's why I don't send HTML mail at all. For the scripted mails: has anybody ever seen anything really useful based on this feature? Gabor - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
Shel wrote: That's a lot of work. Not using Outlook frees me, it seems, from having to deal with this garbage. Not using WinDoze is even better. One of the benefits of Macintosh's small market share is that these viro-nutz don't bother attacking since the big gorilla is much more satisfying to see brought to its knees. my system spits out .exe's such like so much rotted fruit Bill - Bill D. Casselberry ; Photography on the Oregon Coast http://www.orednet.org/~bcasselb [EMAIL PROTECTED] - - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
Norton hasn't detected any on my machine in that time frame. but I've seen several posts on the Meade list by different people in the last several days who were sent viruses. Tom C. - Original Message - From: Shel Belinkoff [EMAIL PROTECTED] To: Pentax List [EMAIL PROTECTED] Sent: Thursday, November 29, 2001 12:20 PM Subject: Viruses Worms Everywhere I don't know about you all, but in the last three days I've received eleven email messages that contained a virus or a worm. Be careful out there ... -- Shel Belinkoff - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
Shel, Were they in attachments or embedded in HTML? I'd just like to know what to watch out for. Regards, Anthony Farr - Original Message - From: Shel Belinkoff [EMAIL PROTECTED] I don't know about you all, but in the last three days I've received eleven email messages that contained a virus or a worm. Be careful out there ... -- Shel Belinkoff mailto:[EMAIL PROTECTED] - - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
I think my computer crash last night might have been due to a virus. Norton is no help. The system was getting a little flaky so I ran Norton Antivirus. It said the MBR had been changed so I selected Replace MBR and continued to run Norton. It showed no other problems. When it finished a You Need to Restart Windows window came up. I clicked on OK. The computer rebooted, but came up with Can Not Find 'C:\WINDOWS|COMMAND.COM. Checking I found the raw partitions were still there but apparently the FATs had been erased on all four partitions including the none DOS ones. I have been all night restoring the system. Unfortunately I have not backed up anything since I put in the new hard drive back in October. I hadn't even synchronized the laptop to it since 11/10 so I lost a lot of info. But notice, Norton Antivirus reported no problems other than the changed MBR. In fact NAV seems to have triggered the virus. So be careful. --graywolf - Original Message - From: aimcompute [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, November 29, 2001 2:32 PM Subject: Re: Viruses Worms Everywhere Norton hasn't detected any on my machine in that time frame. but I've seen several posts on the Meade list by different people in the last several days who were sent viruses. Tom C. - Original Message - From: Shel Belinkoff [EMAIL PROTECTED] To: Pentax List [EMAIL PROTECTED] Sent: Thursday, November 29, 2001 12:20 PM Subject: Viruses Worms Everywhere I don't know about you all, but in the last three days I've received eleven email messages that contained a virus or a worm. Be careful out there ... -- Shel Belinkoff - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org . - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
The one that got me was, I think, a script embedded in an e-mail. When I selected the e-mail to delete it, it ran. It gave me a script cannot complete message. Norton did not detect it. --graywolf - Original Message - From: Anthony Farr [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, November 29, 2001 7:18 PM Subject: Re: Viruses Worms Everywhere Shel, Were they in attachments or embedded in HTML? I'd just like to know what to watch out for. Regards, Anthony Farr - Original Message - From: Shel Belinkoff [EMAIL PROTECTED] I don't know about you all, but in the last three days I've received eleven email messages that contained a virus or a worm. Be careful out there ... -- Shel Belinkoff mailto:[EMAIL PROTECTED] - - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org . - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .
Re: Viruses Worms Everywhere
I've not seen anything embedded in HTML, but, in all honesty, I'm not sure what to look for. What I received were attachments sent, in part, through mailing list messages. The ones that came my way were blank messages, the sender of which had an odd aspect to his/her email address. The addresses looked like this: [EMAIL PROTECTED]. Note the underscore proceeding the actual address. In addition, I received a few pieces that were recognizable attachments sent from email addresses of people I did business with on ebay, although they professed no knowledge of sending the messages. I do know that some of the messages I received came from people whose address was part of a group mailing made by clients or friends. I cannot stress strongly enough that if you're going to send a message to a group of people you should suppress the list of recipients. I believe it's safer, as well as just good manners. Finally, just before reading your message, I received a message from ... [EMAIL PROTECTED]. Without a doubt these viruses and worms are spreading rapidly and, it seems, are becoming more sophisticated. Anthony Farr wrote: Shel, Were they in attachments or embedded in HTML? I'd just like to know what to watch out for. Regards, Anthony Farr -- Shel Belinkoff mailto:[EMAIL PROTECTED] - This message is from the Pentax-Discuss Mail List. To unsubscribe, go to http://www.pdml.net and follow the directions. Don't forget to visit the Pentax Users' Gallery at http://pug.komkon.org .