Over nite and this morning while I was working, I received 9 emails 2 or 3 from mesg undeliverable and 2 from AOL and couple more from other addresses with subject of HI, error and something else. Since 9 is more than I receive in a week, I was alarmed. Everything I mentioned is a signature of the new virus.

Now you gotta wonder who is the dirty bastard who sends me 9 virus laden emails....THink real hard, it will come to you....

Congrats on being able to ID the bad stuff when it comes in.

Also for being aware of who did it.........although most aren't even aware that they are doing it................

5 more since last post

i have gotten a flood of junk emails in the past 2 weeks in my Yahoo account.
It happens.

You are a little paranoid.

8 more since last post...

how many I gotta get to be rightly paranoid

jerk

sq, these aren't just junk emails, they're viruses....a little more dangerous.

And I agree that anyone sending them out are scumbags and should be sent to jail.

Guys,

What is happening with this virus is that a persons computer is infected by the virus. The virus proceeds to extract addresses from the address book (outlook) of the infected computer. It then sends out infected e-mail "from" some of those adresses to other addresses in the same address book.

So if I have Larry's and PA's address in my outlook address book and I get infected. The virus could send Larry an e-mail addressed from PA. Larry would think PA was sending him a virus, but in reality it came from my computer. Only the header information hidden from user view would indicate that my machine was involved.

Part II - If Larry's computer sensed the virus and bounced the e-mail, it would be returned to PA as non-deliverable, so PA opens it up and he is infected (meanwhile scratching his head wondering what in hell the bounced e-mail was about)


The above is all hypothetical as I don't have your e-mail addresses in my addressbook, I don't run outlook and I don't even run windows. I don't have to fool with all this crap except for all the bounced e-mails I am getting from infected aquaintances and figuring out who is infected so they can be warned. Why Microsoft would design a feature such as this into their software is beyond me. :rolleyes:

Bill

I have received several bounced emails lately.
If anyone gets one from me, let me know about it thorugh PM.
I have sent emails to Dave Schwarts, JustRalph andCJ today, and that is all I am aware of this week.
If anyone gets one from me, I apologize. I have scanned and do not see any viruses, but I can't explain the returned emails, either.
Gernerally with email, I am getting 20-30 a week that are very suspicious - headers of "Hi" or "Here is the infor you requested" or a new one, "Your ebay account..."
As a matter of routine, I delete all emails with attachements unless I know it is coming, from who, and when. And any email I don't recognize right off gets dumped, too.

Kind of defeats the purpose of having email, doesn't it???
I have to look at getting a non-Micro-Sh** mail program.

:(

I am glad someone other than myself is thinking rationally in regards to this issue with Larry "There were government agents in the grassy knoll" Hamilton..

And do yourself a favor, before you see a virus sent to you from one of you family members or close friends, before you call them to cuss them out, realize that it's not their fault, you are likely just in their email address book...

Tom,

If you are infected, people will be getting e-mails from people in your address book, not from you. Unless they know to look at the raw header and decode the source address, they won't know it's from you.

Bill

Originally posted by Tom

Kind of defeats the purpose of having email, doesn't it???
I have to look at getting a non-Micro-Sh** mail program.

:(

That will go a long way toward solving the problem. Get rid of the browser and there goes the spyware crap. Hmmm, there is a theme developing here . :D

Bill

Originally posted by sq764
I am glad someone other than myself is thinking rationally in regards to this issue with Larry "There were government agents in the grassy knoll" Hamilton..

And do yourself a favor, before you see a virus sent to you from one of you family members or close friends, before you call them to cuss them out, realize that it's not their fault, you are likely just in their email address book...

sq....

I think the point that Larry is making is that you need to be proactive about these things and if you get infected, turn off your connection to the net or at least your email (it can be done) until you are cleaned. I believe Larry is referring to someone who is infected and just hasn't done anything about it. Or is unaware.
You both have a point though. Nowadays you can't really get pissed at anybody about this.

Bill, perfect explanation. I was too lazy to post it this morning.

Tom: what your getting falls under the same scenario. somebody somewhere has your email and they are infected. They have exchanged stuff with others and now those others have passed your address on and you are receiving random emails. You are reacting just right. Delete and ignore them. Life goes on. I read a couple days ago that a large bank was infected and all of their credit card users who had provided an email, were getting the virus emailed from the bank servers.....ouch!

OR....
Here's a thought..

DON'T OPEN EMAILS FROM PEOPLE YOU DO NOT KNOW!!

Originally posted by sq764
OR....
Here's a thought..

DON'T OPEN EMAILS FROM PEOPLE YOU DO NOT KNOW!!

What about all those people who want to enlarge my................................................ .................................................. ............................................Ego!

You aren't kidding.. I seriously get about 5 emails a day at work with the headline "Want to enlarge you member?"

After 50 or 60 of those, you start to get self-concious :-)

BTW,

As far as the passing on and on and on of everybodys addresses. It is good practice (and courtesy) to use Blind Carbon Copy -> BCC instead of CC when you are forwarding among people that don't know each other. This way peoples addresses don't end up on some spammers list or spread around the country vulnerable to a virus.

If everybody knows everybody, it's probably just as courteous to use the regular CC to let everyone know who is reading, and to avoid endless fwd'ing.

Bill

If you have set your life around paying bills by internet, receiving updates on the software you own and numerous other things, it is easy to make a mistake and open a bummer.

You cant really turn it off and you cant leave it on. And if you have a 3 year old learning to use a computer for his games, when is he gonna hit the wrong button?

Some expert explanations of the beast here, hope you guys dont mind if I save your responses as source material.

Alot of folks are just getting bombed by this crap. Hope Chairman Bill figures out a solution right quick.

All The Best,

Jaguar

Firstly, no one should use Outlook. That will keep you from spreading worms and viruses in most cases.

Secondly, if you have a decent virus protection program and keep it updated (set it to auto-update itself daily), you won't get infected even if you do happen to open the wrong message because the virus scanner will catch it. You should also have a firewall like ZoneAlarm so that no programs can gain access to the internet without your permission.

Being the webmaster of a few websites, I've gotten every virus under the sun sent to me. I've never been infected once. Just use the proper precautions and you'll be fine. Of course, you'll still get all this crap coming in your email box, but at least you won't be contributing to the problem or have any damage done...

GT (or Ralph)

I know a lot of (better) alternatives to IE, but what about outlook? I know my brother just uses yahoo to avoid problems. I'm running Evolution, from the original designers of the Mac OS ... very good but does not run on windows.

Are there any alternatives out there? (for those that need one)

Bill

I use NetScape Mail Box (because of several takes on Outlook written on this board), Black Ice, FinJan, and Zone Alarm. I have been burned several times (but not lately), it is no fun watching your directories losing their address right in front of you and making useless years of work.

THe odd thing was I got hit about 30 times in 24 hours then nothing.

Larry, I use Yahoo mail and it's actually pretty good about blocking most 'bad' emails. AOL is ok too (except that its down half the time).

I use Outlook at work and I get about 50 potential virus-laden emails per day that I just delete.

You guys think YOU got it bad....LOL

BTW the newer versions of Oulook Express allow you to set security settings that will not allow you to open suspicious attachments (which usually means, everything except pictures)

Originally posted by BillW
GT (or Ralph)

I know a lot of (better) alternatives to IE, but what about outlook? I know my brother just uses yahoo to avoid problems. I'm running Evolution, from the original designers of the Mac OS ... very good but does not run on windows.

Are there any alternatives out there? (for those that need one)

Bill

I use Mozilla's mail program. It works pretty well, though not as user friendly as Outlook. I don't mind that trade off however.

Originally posted by BillW
GT (or Ralph)I know a lot of (better) alternatives to IE, but what about outlook? I know my brother just uses yahoo to avoid problems. I'm running Evolution, from the original designers of the Mac OS ... very good but does not run on windows.
Are there any alternatives out there? (for those that need one)
Bill

You can block attachments in Outlook and express. It is no more a pain in the ass than any other solution. I use Outlook. I allow attachments to get through. I am also am very big on "examining attachments" before I open them. This means an updated version of Norton Anti Virus all the time. Never activate a exe without scanning first. This includes from sites like "download.com" etc.

I also have a yahoo account.....but I received 12 or so emails that got past the Yahoo scan last week. it was the first day of the mydoom outbreak. yahoo was behind the ball.........

Larry the virus is called "MYDOOM" and I also keep getting it
back as undeliverable, some warnings that your mail is infected would be the attachment saying .. Hi ,or test , or undelivereable mail . I had nine worms but can only quarantine eight , I am beginning to think that the anti-virus programmers think these bugs up to get you to buy their software!!!!

Just because you get a mail returned as undeliverable does not mean you sent it. I have gotten a few from people I've never heard of in my life, and I certainly didn't email them. I also know for a fact I have not been infected.

I just want to make it clear not to panic if you receive on of these undeliverable notices...someone you know probably has the worm, not you! As a few others here, I do this for a living. Just use common sense. If you don't know the person who sent you an email, delete it. If you do know them, scan sny attachments with updated antivirus software. It only takes a minute, but could save you many, many headaches. Also, update your signature files daily, weekly isn't often enough.

I would just like to add that if you have ANY doubts about the legitimacy of an email from a source that you DO recognize, and that email does contain an attachment, just shoot that person an email back and ask them if they sent it. Better to be safe than sorry. No joke or pic from a friend/contact is so funny that it can't wait until you get a reply from them.

HH

Originally posted by cjmilkowski
Also, update your signature files daily, weekly isn't often enough.

Great Point CJ ! If you have Norton Live Update, you are already doing this........if Not......do it manually.

Originally posted by JustRalph
Great Point CJ ! If you have Norton Live Update, you are already doing this........if Not......do it manually.

Signature files? What are they? Where are they?

Thanks,
Steve

Originally posted by JustRalph
What about all those people who want to enlarge my................................................ .................................................. ............................................Ego!


You know Ira Grimm too???
Nosy SOB isn't he?

The virus is up to rev. C now and at it again.

http://www.eweek.com/article2/0,4149,1522236,00.asp

I've seen damage estimates from the virus so far as high as $22 Billion worldwide. :rolleyes:

Bill

Originally posted by Pace Cap'n
Signature files? What are they? Where are they?Thanks,
Steve

Anti-virus programs such as Norton Anti-virus or those from McAfee work for you in several ways. First and foremost, these programs identify and find viruses by their signatures-combinations of bytes unique to a virus' own distorted ways-that reside in memory or on hard drives. An anti-virus program scans a system's memory and drives, and looks for these signatures that indicate a virus. And when they find one, they alert you, and then remove it. If you don't have the most current virus definitions installed on your computer, you may miss a more recent virus than your currently installed signatures may detect. You scan your system for a virus and it reports no problems. In reality there may be a virus still active on the system. Your anti-virus software is just not aware of it.

You need to visit the website for your anti-virus vendor and obtain updates on a regular basis or you may find yourself infected even though you are running anti-virus software. Symantec's Norton Anti-virus does this automatically everyday by running in the background of your computer and checking in with the Symantec website and updating itself on a regular basis. This is the Live Update option. There are some minor problems that can occur with this process, but for most people this activity is transparent and without worry. You can also manually download virus definitions and update them manually by running a simple install routine (just double click the .exe file provided by the vendor) if you have problems with "Live Updates"

let me know if you have anymore ?'s

let me know if you have anymore ?

Thanks for taking the time for your very informative response.

I run AVG, which I try to keep updated regularly, and now intend to check daily. While I know you can't vouch for the effectiveness of AVG, do you think, generally speaking, that the free services are on a par with Symnatec or Norton, or am I getting what I pay for?

BTW, when I first read of the signature files, I thought they had something to do with e-mail. But I never could figure out how to sign one.

Originally posted by Pace Cap'n
BTW, when I first read of the signature files, I thought they had something to do with e-mail. But I never could figure out how to sign one.

Pace Cap'n,

There are digital "signatures" that help a user validate that the source (an email sender) or a target (like a web server) is who/what they say they are. Typically, they are part of something called PKI, public key infrastructure. Computers or users have a special private key that is unique to them (using the right software/operating system), and a matching public key that others use to validate the sender or decrypt a sender's encrypted (secured) message.

If you want to send (more) secure email, try PGP. There is a free version, and it integrates with most email clients, and it is simple to use. Here is the link:

http://www.pgpi.org/products/pgp/versions/freeware

To help distinguish the two, think of your anti-virus updates as "definition" files (as JR mentioned); they tell the AV program what "defines" a specific virus pattern so that it can detect and (hopefully) eliminate it.

HH

Originally posted by Pace Cap'n
Thanks for taking the time for your very informative response.
I run AVG, which I try to keep updated regularly, and now intend to check daily. While I know you can't vouch for the effectiveness of AVG, do you think, generally speaking, that the free services are on a par with Symnatec or Norton, or am I getting what I pay for?
BTW, when I first read of the signature files, I thought they had something to do with e-mail. But I never could figure out how to sign one.

Pace.........

I have no experience at all with AVG. sorry I can't answer that specific question.

An interesting article about virus writers.

NY Times Magazine, 8 Feb 04 (http://www.nytimes.com/2004/02/08/magazine/08WORMS.html) Registration is required but it is free.....

do not assume that because you have a virus scanner with updated files you cannot be infected. Use common sense.

A company I contract with had all the admin passwords changed on all their servers yesterday. I assume so that whoever did it could vpn in or something. This is behind a firewall, virus scanners, whitewall, and secure route. That's a hell of a worm.

then it started. peoples computers started getting hit. As far as we could tell it was from somewhere in china but who the hell knows.

Interesting thing is this company shows up on the FBI watch for being like the 3rd or 4th hacked company in the US. No one can figure out why..they have nothing secure or very proprietary. Just a software dev firm.

I have lost 2 computers and had to rebuild 2 in the 6 months because of viruses. I think I'm changing to Linux...screw MS.

Originally posted by hurrikane@HTR
do not assume that because you have a virus scanner with updated files you cannot be infected. Use common sense.

A company I contract with had all the admin passwords changed on all their servers yesterday. I assume so that whoever did it could vpn in or something. This is behind a firewall, virus scanners, whitewall, and secure route. That's a hell of a worm.

then it started. peoples computers started getting hit. As far as we could tell it was from somewhere in china but who the hell knows.

Interesting thing is this company shows up on the FBI watch for being like the 3rd or 4th hacked company in the US. No one can figure out why..they have nothing secure or very proprietary. Just a software dev firm.

I have lost 2 computers and had to rebuild 2 in the 6 months because of viruses. I think I'm changing to Linux...screw MS.

Back in the Olde days :D when someone was paying me to develop software we had a saying that you couldn't test in quality/security, it must be designed in. Well the bad news is you can't test for/in virus immunity either. A virus has to infect someone (maybe thousands) before the virus companies can identify it and develop protection against it. The only way to guarantee being virus free is not run anything designed to be vulnerable to pass viruses. :eek:

Apple's OS-X is very close to Linux in design and have the same designed in immunity. They try to keep the fact that it's like Linux a secret so as not scare anyone away. :rolleyes:

Bill

BTW, hurrikane, let me know if you need any help.

At the risk of going off "Off Topic" ;), the above principal also applies to handicapping. You cannot test in success in a handicapping process, it must be designed in.

Bill

If MS is the only platform vunerable to viruses, and all the others are safe, could a class action lawsuit be brought against Bill Gates for the millions (billions?) of dollars his company's incompetence has cost society?
I would love to sign up for one.

Originally posted by Tom
If MS is the only platform vunerable to viruses, and all the others are safe, could a class action lawsuit be brought against Bill Gates for the millions (billions?) of dollars his company's incompetence has cost society?
I would love to sign up for one.

Oh-oh, be careful with the thought that Linux is less vulnerable than M$ products. It is not. M$ products appear to be more vulnerable as M$ dominates the market, and to get viruses to spread quickly it is preferred -- if not tantamount -- for attackers to exploit them to get the biggest payoff, i.e. the most damage.

In fact, one could argue that Linux is potentially more vulnerable as it is an open source O/S.

And not that I'm loyal to or defending M$, but most viruses spread not because of their products but because of the famous Identifier Ten T error -- you know, ID10T. (LOL)

HH

I'm sure you are right headhawg...less linux means not as tasty a treat.

Thanks for the offer Bill

as for open source...I heard this morning someone dumped M$ OS source out on the net...so I guess they are open source too! :D