As usual, Dean's computer advice is correct. You should never open up
a file which is unexpected. Even from a friend.
The thing about these messages I got last night was that there was no
reference to '7visions'. I thought that Lenny's virus was indeed
known to be Lenny's was you could see '7visions' somewhere in the
sender's path. I have to admit, it was amazing for me to see a
message from my old 'syvox' address! But do we know that this is
still Lenny's computer, or is someone else possibly infected?
John
--- In OliveStarlightOrchestra_at_y..., "HiramGonash" <okfreddy_at_h...>
wrote:
> There's a ton of Klez variants. At least one of the Klez's hits
your
> email (usually MS Outlook) address book and forges the From: (kind
of
> a John thing but more insidious). The outgoing email claims to be a
> disinfectant but the attachment is, in fact, the virus.
>
> Simple rule of thumb folks: Don't open executable attachments (EXE,
> COM, BAT, LNK*) or files that can have active Visual Basic content
> (e.g. DOC, XLS) unless you know from whom you are receiving AND are
> expecting the file. Configure you're email program to NOT run an
> attachment upon opening the email. Have an active virus checker
like
> Norton. Get a Mac or Linux.
>
> *LNK is a nasty Microsoft bugger. You won't see this extension at
all
> unless you configure your machine to show it. So I could send you a
> file called 'MarinacciButtNaked.jpg.lnk'. You'd open it happily
> expecting to see a dudes ass but instead you get a virus or sent to
a
> website about bearcodes. The hidden lnk issue may have been fixed
in
> the newer MS OSes.
>
> In case MS didn't make lnk visible you can do some Registry hacking
> (using regedit) - I don't recommend this since you can really screw
up
> yopur system if you're not careful. But if you're like me and think
> life's an adventure anyway then go into the Registry and search for
> 'NeverShowExt'. Hopefully you'll find an entry about lnk with a
value
> of either 0 or 1. Modify the value to the other.
>
> Thanks Microsoft!
>
> Ozzy
>
> --- In OliveStarlightOrchestra_at_y..., "toughslush" <meurtre_at_e...>
> wrote:
> > --- In OliveStarlightOrchestra_at_y..., "tschibasch"
> > <tschibasch_at_y...> wrote:
> > > Hello, folks. If interested, please read the following. It is
not
> a
> > > joke
> >
> > Yeah, I know. I get these all the damned time--and it isn't all
via
> > this web site. Some of it just flows into my e-mail directly,
with
> no
> > "OSO" designation. It's supposedly from people like SR, or Mosk,
> > or others I don't recognize. They are empty, but have
> > attachments--and/or text similar to what you quoted.
> >
> > I think you would have been getting them too, John, except that
in
> > at least one place--until a few days ago--Lenny had your Syvox
> > address, rather than your hotmail one. So the worm has
> > presumably sent most or all of yours to the nonexistent account.
> >
> > Fortunately, I have a Mac, so I'm not really vulnerable to
Lenny's
> > virus/worm/whatever. But wouldn't it be nice if he fixed this, so
we
> > wouldn't get all this crap any more?
> >
> > By my accounting, this has been going on since 6/3 or so, when I
> > got my first virus spam from Lenny--both directly, and through
the
> > web site. (The direct one purported to be from you.)
> >
> > I think you would have noticed more of these, John, but I believe
> > Dean cleans them up as they show up on the site.
> >
> > --Joy
> >
> >
> >
> > >
> > > I logged on just this evening and noticed three messages
> > which were
> > > empty. They were large, but contained no text. One was from
> > Dave M.,
> > > the other from Henry, and the third from Joy. I answered Dave's
> > > message before realizing what was going on. There was
> > nothing in
> > > these messages to make me suspect Lenny's computer, or
> > anyone else's
> > > for that matter.
> > >
> > > Then a forth message appeared from "johnt_at_s...". Looks
> > familiar
> > > to me! This message had text inside it. Here is what it was:
> > >
> > >
> > > Klez.E is the most common world-wide spreading worm.It's
> > very
> > > dangerous by corrupting your files.
> > > Because of its very smart stealth and anti-anti-virus
> > technic,most
> > > common AV software can't detect or clean it.
> > > We developed this free immunity tool to defeat the malicious
> > virus.
> > > You only need to run this tool once,and then Klez will never
> > come
> > > into your PC.
> > > NOTE: Because this tool acts as a fake Klez to fool the real
> > > worm,some AV monitor maybe cry when you run it.
> > > If so,Ignore the warning,and select 'continue'.
> > > If you have any question,please mail to me.
Received on 2002-06-28 11:24:08
This archive was generated by hypermail 2.3.0
: 2020-02-04 07:16:13 UTC