E MAIL VIRUS. THIS IS REAL!

self ^ | sept. 18th, 2001 | rockfish59

[rockfish59]

this is real, folks! my e mail is infected right now and i will be working on a way to fix it. any help or suggestions would be appreciated. the e mail says this:

Hi! How are you?

I send you this file in order to have your advice.

See you later.

the same letter is going to jim robinson in my name. when he first contacted me i didn't know what he was talking about. last night it sent a steady stream to him. he said they were coming every 5 minutes or so and went from about 11:40pm to 2:15am.

[ofMagog]

BTTT

[ofMagog]

Click HERE FOR MORE INFORMATION

[ofMagog]

BTTT

[Snow Bunny]

Thank you so much ofMagog dear friend. This kind of thing really scares me, I am not that professional at computers.

Good to see you. We have been busy getting packages ready to send back to N.Y. to my husbands family and friends.

[Fred Mertz]

Thanks for the links; your first one seemed over-subscribed/flooded. I'll try this one.

[sonserae]

I'm telling you guys, go Macintosh...I've never had a virus
and most of the viruses out there affect PCs but not Macs.

[sonjay]

I'm telling you guys, go Macintosh...I've never had a virus and most of the viruses out there affect PCs but not Macs

Yep, a Mac is the best virus protection program on the market. I've been using 'em for 11 years, and I've never had a problem with a virus.

I got my parents on a Mac a few years ago, and every few weeks my mother calls in a panic -- "So-and-so says I might have a virus! What should I do?"

I just smile calmly and say, "Nothing."

[patricktschetter]

Another good thing to have would be a program such as Zone Alarm. They have two versions -- ZA Pro, which you have to buy, or the original, free version. Both versions can be set up so that they ask you if you want to allow a program to connect to the Internet before allowing it. For example, you would allow Internet Explorer or Netscape Navigator, but not "virus.exe" or whatever. While it wouldn't be a permanent fix it would help to keep your system from infecting others while getting anti-virus stuff. However, this wouldn't help if the virus takes over, say, Outlook, unless you go into the program list and block Outlook.

[PJ-Comix]

I get that "Hi! How are you?" e-mail quite a bit. For awhile I was getting at least 2 dozen such e-mails per day. Now it is down to just a couple per week. Best thing for folks out there to do is IMMEDIATELY delete it WITHOUT opening it and then delete it from your Deleted Items box.

[Registered]

How many of these do you get? If you need some I can spare a few for a fellow Michigander ;-) Share the wealth...so to speak.

[ofMagog]

Well, of course, but then who'd go to the trouble of writing a virus for the 57 users of macs?

;-)

My iMAC wife says same as you.
Kinda like the early VW bug owners -- a cult, dangerous one at that.

[tang-soo]

I was hit by this a couple of weeks ago. I made a major mistake of opening an attachment from someone I did not know. Do not remove any files by running the Anti virus scanner. A friend did this which removes the offending files but does nothing regarding the registry. This causes certain applications to not run i.e. file manager, ftp ... etc makeing the recovery process more difficult. The solution in this case is you must use another computer to download the fix and run it from a floppy. Instead, download the fix from Symantec's web site and run the program after having read the instructions. It took me 20 minutes to fix my system and several hours on the phone and email warning friends to avoid attachments sent from me. The silver lining in all this is a great scenerio in a novel I'm writing. I'm now using a similar situation in my story. In it, the conspiracy being rought by the bad guys is exposed by the accidental emailing of sensitive documents to patriots through the exposure of this type of virus.

[2ndMostConservativeBrdMember]

My dear brother and sister FReepers,

At this, of all times in my lifetime, I would like nothing more than to be able to read these threads and reply to them.  I have much I would like to say.

BUT, I cannot!

Why?

Because I am trying hard to raise the finances needed to keep FreeRepublic up and running so that we can continue to share valuable information and respond to it.

I beg you, if you have not yet donated to FreeRepublic this quarter,  do so now!

I realize you are giving to lots of Relief efforts and I encourage you to do so.  But we need to help FR too.  Where would we be right now without it?

If you have no money, please come and bump the Fundraiser Thread.

I would really like to reach our goal quickly so that I and the rest of the dedicated FReepers who are working the Fundraiser Threads can participate in what is undeniably the most important time in FreeRepublic's history.

FreeRepublic Fundraiser --WE WILL STAND UNITED!!!-- We NEED YOUR HELP AND PATRIOTIC POSTS! <--click here

Support FreeRepublic! Support the U.S.A. <--click here

[b4its2late]

I received the same message for about 4 Mondays in a row then it stopped. I guess I'll be expecting incoming, but not on the scale that Saddam, Osama, et al will be receiving.

[William Terrell]

Set up a dummy account in you address book that will place itself first in the book. Do not put in any email address. When the virus attempts to send out your address books accounts, it will be stopped by the first, dummy account with an error message.

[rockfish59]

thanks for all the replies. i am working on it and it IS the 'sircam'. i guess the commie/rat wanted to get jim mad at me and also get on his nerves. that's why i posted here so no one else would have 'their' mail sent to him. guess this is petty compared to the real world. now i can't WAIT for the first strike against 'has-bin laden'!

[rockfish59]

hmmmm, the weird part is i never sent an e mail to jim and he wasn't in my address book.

[Dog Gone]

'Nimda' Computer Worm Hits Worldwide

By Duncan Martell

SAN FRANCISCO (Reuters) - A damaging new computer worm was spreading like wildfire across the Internet on Tuesday, hitting both home PC users and commercial servers, in an outbreak that could prove more widespread and costly than the Code Red viruses, computer security experts said.

Known as ``Nimda,'' which spells admin backwards, the worm spreads by sending infected e-mails and also appears able to infect Web sites, so when a user visits a compromised Web site, the browser -- if it has not been patched -- can spread the worm to a PC, analysts said.

So far, it appears that Nimda arrives in e-mail without a subject line and containing an attachment titled ``readme.exe,'' experts said.

Internet security experts have warned of the potential for an increase in virus activity after last week's attacks on the World Trade Center and Pentagon (news - web sites), but U.S. Attorney General John Ashcroft (news - web sites) said there was no sign the outbreak was linked to those events.

``There is no evidence at this time which links this infection to the terrorist attacks of last week,'' Ashcroft told a news briefing.

The worm may have started as early as Monday and was showing signs of overloading traffic on the Internet, Ashcroft said, saying that Nimda proved ``heavier'' than the Code Red worm that caused an estimated $2.6 billion in clean-up costs on Internet-linked computers after outbreaks in July and August.

``Compared to Code Red, it may well be bigger simply because it can affect home users as well,'' said Graham Cluley, senior technical consultant for Sophos Antivirus.

If Microsoft Corp.'s (Nasdaq:MSFT - news) Outlook e-mail program has not been patched with an update that became available in March, the recipient does not even need to open the attachment to activate the virus -- opening the e-mail itself is sufficient -- said Vincent Weafer, senior director of Symantec Corp.'s (Nasdaq:SYMC - news) Symantec Security Response unit.

Other e-mail programs, such as Eudora or International Business Machine Corp.'s Lotus Notes, require the recipient to open the attachment for the virus to replicate, he said.

So far, the malicious program does not appear capable of erasing files or data, but Nimda has shown itself capable of slowing down computer operations as it replicates, experts said.

``In terms of data destruction, we haven't seen anything,'' Weafer said.

Experts said Nimda had appeared in the United States, Europe and Latin America and was likely to spread to other regions as well.

``It seems to be very widespread and (moves) at an incredibly quick rate,'' Cluley said. ``The reason it's become so widespread is because it not only travels via e-mail but it contaminates Web sites as well.''

The worm exploits an already detected vulnerability in Microsoft's Internet Information Server Web software running on Windows NT or 2000 machines, the same breach that the Code Red viruses exploited, experts said.

Once Nimda infects a machine, it tries to replicate in three ways. It has its own e-mail engine and will try to send itself out using addresses stored in e-mail programs. It also scans IIS servers looking for the known vulnerability and attacks those servers. Finally, it looks for shared disk drives and tries to replicate itself to those devices, Symantec's Weafer said.

Experts urged companies and users to update antivirus software and to download the software patches, noting the principal reason the worm had spread so quickly was that people and companies had not downloaded the free software patches.

Patches are available for both the IIS vulnerability and Web browsers at http://www.microsoft.com/security.

[mickie]

I am not very computer savvy.......BUT I never open any attachments from people I don't know.
And I get rid of mail without openning it by right clicking my mouse and hit 'delete'.......works for me!

[TankerKC]

probably some commie who doesn't like us

Uh, yeah, I bet that's it. Do you work in Computer Customer Support somewhere?