Helen Bates on wed 28 nov 01
All Clayarters...
I strongly suggest you stop sending email to anyone until you have
used truly current antivirus program such as McAfee or Norton to
check your system. Before you do that, try to delete all emails (even
from friends) that are puzzling in -any- way.
This includes double extension attachments such as name.doc.pif or any
other double extension files.
It also ncludes now (as far as I am concerned) blank emails that come
with the sender's name and address but no sign of text in the body or
any indication of attachment, because the attachment -may- be hidden
but still there.
(Though I'm no virus expert, so I'm not absolutely sure of myself
here.)
These people "appear" to have sent emails to me in reply to my posts.
Cindy Strnad; Lawrence D. White; Joyce Lee; Vince Pitelka; Diane
McNeil; Linda Blossom; Elaine Coggins; Anthony Ferguson;
There is nothing in the body of the mail and no (apparent)
attachment:
However, I opened one of them in Netscape 4.7 and clicked on
and what I saw there looked like an encoded attachment
(even though it didn't show up in the normal mail reader preview
window or the opened mail window. I am virtually certain it is yet
another virus.
I hesitate to send this, and will hold off until I've updated my
McAfee Antivirus program, but I guess people need to know, and get
their systems fixed if they can.
I just hate to use M.S. Outlook Express anymore because I'm not sure
that I can prevent the opening of attachments, though I have used the
rule to delete emails on the server that say "look to the attachment"
and have written another that sends email of any sort with attachments
to a separate folder, and (I hope) made the choice that attachments
are not opened in the preview window of this email reader.
I'm glad I have Netscape 4.7 because I know it doesn't open
attachments unless they are actual image files (jpegs, gifs and I
think, bmps.)
(I have now downloaded the latest data files for my antivirus program
and checked my own system. As far as I know, I do not have any virus
on my system.)
Sincerely, and good luck!
Helen
--
=======================================================================
Helen Bates - mailto:nell@quintenet.com
Web - http://www.geocities.com/nelbanell/HelensClayPicks.html
B. Amsterlaw's link to my Clayart Posts - http://amsterlaw.com/nell/
=======================================================================
pammyam on wed 28 nov 01
Good stuff snipped
:
: I just hate to use M.S. Outlook Express anymore because
I'm not sure
: that I can prevent the opening of attachments, though I
have used the
: rule to delete emails on the server that say "look to the
attachment"
: and have written another that sends email of any sort with
attachments
: to a separate folder, and (I hope) made the choice that
attachments
: are not opened in the preview window of this email reader.
:
:
: Helen
: --
Helen, I've gotten no infected messages with your address,
but I've gotten most of the ones that you mentioned, if
that's any comfort.
My EZ Antivirus has been alerting me right along, and it
tells me that such and such file is actually this bad thing
and then says it "has not been restored." Then, when I
select the email to delete it, it tells me again and then
I'm asked by Windows if I want to open or download, and I
say no, delete it, and then empty the deleted items folder.
So far, my two AV programs (Norton and EZ) say that I am
clean. I am getting at least one virus sig update daily
from EZ. I've searched for kdl.dll and not found it.
I have been told in the Microsoft newsgroup that creating a
rule to delete from the server will not work, as I thought
it did, and that you can only "tell" it to go to the Deleted
Items folder and then you can empty the folder. That could
at least prevent execution of the ones that execute code
simply by previewing if you empty the folder without opening
it and previewing the items in there. I cannot see a way to
even create a rule for the new badtransB since there is
nothing in the body of the emails and the subject line
varies.
One thing you CAN do with Outlook Express, though, that will
help improve security (not sure if for the current new worm)
is to put it in the Restricted Zone (Tools/Options/Security)
and then open Internet Explorer Properties and click on
Security/Restricted Sites/Sites and go through the list of
options and disable everything.
Another thing that might help is to turn of the Preview
Option in OE under View/Layout. I'll check with the
newsgroup about OE to see if that would prevent execution of
this one.
Pam
| |
|