RE: klez / SPY VIRUS BEWARE

[Andrew Nielsen]

At 13:29 +0800 3/12/02, Ted Burbidge wrote:

SO BEWARE OF STRANGERS OFFERING YOU GIFTS.


Also beware of Geeks bearing GIFs, but that's another story.
--

Andrew Nielsen 
Starfish Technologies Pty Ltd 
ACN 076 426 714 / ABN 49 426 849 601 Tel: 0500 555 677
Consultants in Unix, Mac OS, Windows & networking technologies

RE: klez / SPY VIRUS BEWARE

[Ted Burbidge]

Hello All,
I just want to expand this dialog to include Spy Viruses. I recd what seemed a 
helpful e mail
offering a driver to enhance my web downloads at triple the speed etc. It was 
free. I
downloaded and installed it, but it did not seem to make any difference. I then 
started to get
all sorts of promo e mail messages, others were e mailing me saying I sent them 
messages when I
had not, and when Web browsing I got unwanted sites automatically coming in 
over the top of
what I was looking at, and I could not stop them, erase them, close them etc, 
without a
complete reboot, and then next time I went into the Web or email it started all 
over again.

Techo's say when I downloaded the Web enhancer I downloaded a Spy Virus into my 
PC, (not on the
server) and then whenever I accessed email or Web browser from my PC it came to 
life and sent
messages from my PC to a site in the USA which then flooded me with promo and e 
mails and
basically shut me down.
Without me touching the keyboard the techo's showed me on the server screen all 
the e mails and
promo junk being routed thru my PC from the USA and going out to annoy others.
It did not cause any corruption to files HDD etc, just a continual nuisance.

Techo's have not been able to locate the spy virus to eradicate it. It is 
hidden inside a file
somewhere. Normal virus and spy ware checkers can not find it, so techo's have 
set up an
elaborate firewall screen on the server to stop all the unwanted junk getting 
in and out.

You can now buy specific "Spy Virus" detection software to stop them coming 
into your PC in
disguise, as once inside your PC they are hard to find and eradicate.

SO BEWARE OF STRANGERS OFFERING YOU GIFTS.

Regards, Ted Burbidge

-Original Message-
From: Shay Telfer [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 3 December 2002 1:24
To: wamug@wamug.org.au
Subject: Re: klez message


>I got this today:
>
>[...]



>It came with attachements which will not forward and I have not touched:
>
>HTML.pif
>_tn_Brewer+Twins+-+7[1].htm

Good idea. It's actually a virus payload. If you a) had a PC, and b)
had believed the e-mail and allowed it through your virus checker
your machine would be infected.

>
>I simply ask, how does this get to me?

Someone who has either received an e-mail from you either directly,
on a list, or your e-mail has just randomly been pulled off a web
page by the virus.

> Do I have the darn thing?

No. You, after all have a Mac :)

> I am
>now getting the occasional email not intended for me and from people I have
>sent emails to in the past. Its a worry because I suspect I am
>inadvertently passing on some bug that will affect the PC users I correspond
>with. What is the best action to take?

Only if you forward the attachments to them. Or if you open a
Microsoft document infected with a macro virus which then forwards
itself to them, or infects all your other Microsoft documents.

Options are
* Don't use Microsoft products (Word, Microsoft Exchange, etc.)
* If prompted, *don't* allow macros to execute in Microsoft products
when opening new documents.
* Run a virus checker regularly (Virex etc.) and keep the virus
definitions updated!
* Don't open any attachments you aren't expecting, even if they come
from someone you know (especially if they're in a strangely worded
message)

Have fun,
Shay
--
=== Shay Telfer 
Perth, Western Australia Technomancer It must be bunnies!
Opinions for hire [POQ]
[EMAIL PROTECTED] fnord

-- The WA Macintosh User Group Mailing List --
Archives - 
Guidelines - 
Unsubscribe - 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/