Background.exe Virus?

[Brian Olewnick]

Just thought I'd let people know: this afternoon I received an e-mail ostensibly from Pete Cherches (turns out he sent nothing). It had no text, but included an image (.jpg, I think) of an ICP Orchestra album cover (one of the hats) and a "background.exe" file. Not sure where it's emanating from, but figured I'd give a heads up in case it affects a bunch of JC people.

[bluenoter]

Thanks, Brian. That's scary. I mean, it's bad enough that the virus glommed onto Pete's e-mail address and yours, but where did it pluck the ICP Orchestra image from?

[Cem]

Did someone on JC criticize Han Bennink recently? Don't piss him off! He's liable to do anything to smash critics like he does his cymbals...

But seriously, I recently received an automated response 'away on holidays' email from someone whom I don't know, in respose to an email sent to them from me supposedly.

Scary stuff!

[Lois Gilbert]

On the serious side, we are very concerned about viruses and scans esp from attachments. On Monday, serious spamassinating software (the real weapons of mass destruction) and stronger anti virus software for any attachments you might send. Anybody, not using anti virus software is a dope at this point. Anyone found to be sending spam utilizing a name on jazzcorner, will be banned from JC and other measures will be taken.

I am serious, this shit has got to stop.

L

[bluenoter]

I know of two free online virus checkers. One of them, Housecall, wouldn't load for me in many attempts (I have a dialup connection). But the other one, Freedom Online Virus Check powered by Zero-Knowledge, loaded fine and scanned for viruses fast. It's here. Note that supplying your e-mail address is optional.

I tested clean.

Disclaimer: Checking for viruses isn't the same thing as having virus protection in place.

[moneyp]

Quote:

Originally posted by Lois Gilbert
On the serious side, we are very concerned about viruses and scans esp from attachments. On Monday, serious spamassinating software (the real weapons of mass destruction) and stronger anti virus software for any attachments you might send. Anybody, not using anti virus software is a dope at this point. Anyone found to be sending spam utilizing a name on jazzcorner, will be banned from JC and other measures will be taken.

In that vein, please forward me (via PM) any phony messages sent from JazzCorner recipients (minus attachments). Please make sure the full headers are included, and I'll be happy to mark their IPs and make their lives a living hell.

Thanks!

[bluenoter]

Quote:

I'll be happy to mark their IPs and make their lives a living hell.

Whose lives? JazzCorner members won't really have sent those e-mails. What's involved with "phony messages" would be a virus, not spam. How are you going to trace a virus that's been around the world several times and proliferated back to its originators so you can make their lives a living hell?

I'm sure that I'm missing something, but I'm curious.

[moneyp]

Quote:

Originally posted by bluenoter
Whose lives? JazzCorner members won't really have sent those e-mails. What's involved with "phony messages" would be a virus, not spam. How are you going to trace a virus that's been around the world several times and proliferated back to its originators so you can make their lives a living hell?

I'm sure that I'm missing something, but I'm curious.

You're missing something. We're talking about someone masquerading as JazzCorner posters, not somebody stuck with a virus. The "lives" I'm referring to are the sender or senders of the phony e-mail, not whomever's name happens to be in the "From" field.

This is more likely a virus than a phoney poster playing games.
About 6 months or so ago a somewhat similar one was going around. It gets into the personal mailbox file, cooppts names found in the mail box or the e-mail address files, and is off and running. My old anti-virus couldn't deal with it, so I had to install a new Norton program, and neither send nor open e-mails until old Norton said my system was clean again.
Lois is right, you must keep your anti-virus program up dated at least once a week. It is easier to avoid getting infected than to get clean once infected.
They have not been called "virus" for nothing.

Sounds like pre penicillin clap !!! ;-)

[Lois Gilbert]

Moné

I forwarded to befriend tonight 2 phoney emails using jazzcorner identities - both were spam and of course not sent from our server. There were no attachments --- just spam. Friday, befriend and I talked at length of what we'll be implementing. For obvious reasons, since this board is open for anyone to read, I won't go into detail here, but Moné I will keep you in the loop - some of it has more to do with impersonating folks at jazzcorner

for eg - someone sending out spam with the name lois@jazzcorner.com - the receipient doesn't look at the details of the headers and reports us to their ip. At the same time, attachments are a concern for viruses. I don't think anybody on the board would be doing it maliciously, but could be inadvertently sending attachments with viruses.

On another note, often when I'm scrolling down a thread with pictures I'll get a message to block or accept cookies. Even though the thread and the picture is residing on JC - the link is a virtual one and reporting back to the page it came from. To cut down on spam, when you see that message as your scrolling on this board, check block all cookies

"I know of two free online virus checkers." - Bluenoter

And I can also recommend AVG anti-virus. It's a freebie as well, and I have been using it for almost two years now and it is rock solid. Free updates automatically, mail scanner, all the essential basics. I got it shortly after I lost my old computer to a virus from Kazaa while McAfee(the biggest piece of shit on the market if you ask me) slept soundly in the background.

I received a few questionable attachments months ago when we were on the old board(one of which was the old Klez worm), but happy to say nothing lately.

[Tom Storer]

Scott,

Why is McAfee a piece of shit? I've been using it for a couple of years - I go all over the net, download all sorts of stuff, receive all kinds of spam, and have never been hit with a virus. The IT department of my employer, a software publisher with about 300 employees on site and probably a thousand networked computers, uses McAfee and we weather the big virus tidal waves with nary a ship sunk.

[shrugs]

McAfee is fine. People just need to do the updates.
Downloading from Kazaa is risky.

[shrugs]

Yesterday, I received an e-mail at the account I had listed at the old board. It was from bgugg. I think he posted infrequently at the old board and the old BN BBS. Anyway, it was a 153K Survey. That got deleted instantly.
One nice thing about using Outlook is that you can get the details of the person who sent you the msg right down to their IP address.

[Sergio Zamora]

FYI, this morning I got an email from a hardbop15 at hotmail dot com that contained the klez virus. It had a batch file attachment called height.bat. However, due to how that virus works, the infected computer is not hardbop15's, but somebody who has that email (and mine) in ther address book or inbox.

Mone or Lois, I've deleted the message, but if you want the header, let me know

[lazarus]

Quote:

FYI, this morning I got an email from a hardbop15 at hotmail dot com that contained the klez virus. It had a batch file attachment called height.bat. However, due to how that virus works, the infected computer is not hardbop15's, but somebody who has that email (and mine) in ther address book or inbox.

The e-mail adress that I use here at jazzcorner is hardbop15@hotmail.com.
Strange!!!!!!!

[moneyp]

Quote:

Originally posted by shrugs
Yesterday, I received an e-mail at the account I had listed at the old board. It was from bgugg. I think he posted infrequently at the old board and the old BN BBS. Anyway, it was a 153K Survey. That got deleted instantly.
One nice thing about using Outlook is that you can get the details of the person who sent you the msg right down to their IP address.

You can get this from most commercial e-mail programs. All of them have an option to view the full headers.

Tom, I think that McAfee being asleep at the wheel while a virus munched away on my machine is a pretty good indicator of why I think it's a piece of shit. And yes Shrugs, I always update, religeously. I'm always extremely careful about virus protection.

Plus, my buddy in Florida who uses Norton on his machine has received virus laced files from a friend of his who uses McAfee!

Nothing is 100% airtight, and yes, downloading from Kazaa can be dangerous, but my buddy who uses Norton and my father who uses AVG still download from it daily and have never had a single problem.

The most interesting part of my story is that I went back and started downloading all the programs that I had aquired from Kazaa before the crash, and guess what? AVG found The infected file and immediately quarantined it. I found that to be quite satisfying, that is until I remembered that McAfee had let that very same file slide right on by the day before.

[shrugs]

Quote:

Originally posted by mone peterson
You can get this from most commercial e-mail programs. All of them have an option to view the full headers.

Hmmm,
I didn't know you could get the Message Source information. Can you tell me which ones have this option?
I just changed my Yahoo account to view full headers and you still don't get the same detailed info as you do from right clicking on the name in the From column in Outlook. There you will get full details of the message path with IP addresses and yo ucan also get the Message Source as well.

[BFrank]

It usually doesn't help to get the message source info from professional spammers. They reroute the stuff in such a way that they are still invisible.

[shrugs]

Yes but you can SEE if there is anything malicious inside. That is good info IMO.
BWTFDIK

[Henry Mars]

My linux box has never been infected by any email virus or any virus for that matter.
Win 2000 on the other hand has been infected, has crashed beyond repair more than once.
My advice, as one who lives with computers, is to dump Windows and M$ in general.
Gosh, you would think with all of the lefties around here that ya all would be using a good commie OS like Linux since M$ is in serious violation of the Sherman act.
Every one should storm the *gates* of their local govs and school boards and insist that the operation be switched to Linux to save lots of $$$$ and provide a more secure infrastructure for valuable data and records.

M$ = bend over and spread 'em. Every boxed M$ "product" should be required to have a packet of K-Y Jelly attached.

[Cem]

I'd love to, but a techo-moron like myself's gonna struggle w/linux, no? How user-friendly is it?

[Henry Mars]

The learning curve is a little steep, but less so with the new distro's. Mandrake 9.1 and Suse 8.2 rock.
In the en you will be rewarded with a system that does not crash and software that is equal to or better than M$ in most cases.
AND MOSTLY FREE ( had to shout that to the world)
If you are a game player Linux may not be your best choice.

[Pete C]

[moneyp]

Quote:

Originally posted by BFrank
It usually doesn't help to get the message source info from professional spammers. They reroute the stuff in such a way that they are still invisible.

I'm curious why you would say that Frank. Unless they're going so far as to hack a mail server to send stuff out, all you have to do is do a traceroute of the originating IP to find which ISP they happen to be using (DSL.net is the biggest source of trouble at the moment). A little more work, and you can at least get the NOC where it's coming from and have the machine shut down. Very rarely, maybe one or two messages a month out of the 3,000 or so that are filtered through my own mail server generates from an IP with no trace.

Dave, I was talking about commercial mail programs, not web accounts. Yahoo at least allows you one click to report the e-mail as spam.

[clinthopson]

Since we installed the Norton Anti-Virus program on our system, we've had no viruses get through it's protection. It automatically upgrades and is well worth the money.

We decided on it a few yesra ago after one of our adminsitrator's hard drive was totally corrupted and the virus was edging into the other work stations.

Any email that contains a virus is zapped as soon as it shows up.

[Lois Gilbert]

I would suggest that you all block your email on speakeasy and just allow private messaging. It might help cutting down spam....