*WARNING* Virus alert on Loafdom mailing list.
 

:twisted: Hi folks.
I've just been informed that a virus worm is currently in the Loafdom mailing list.
As many of you will be reveivers of this list I thought it let you know so you can take the necessery precautions :wink:

I got an email from caryl with the virus attatched and im not even on the mailing list. And it wasnt from mailing list addy, but caryls own email account, I have tried to let her know, through email and pm with no luck


Deb

Hi! Just to clarify, there's TWO Loafdom mailing lists, and as far as i know the one titled simply 'loafdom' doesnt have the bug, but the Republic one might? (if im wrong, someone let me know please - thought it was safe since i disabled attachments a while ago!) Besides, unfortunately the 'older' list (the former, not the latter)doesnt have much mail traffic anymore, so hopefully that means no one is getting anything funky nonetheless! OK enough from me, take care!!

Jen S.

There is as far as I'm aware no virus on our mailing list. Deb is not on it. Caryl's virus checker is updated for that virus ... she just scanned her system, and it's clear.

She doesn't have Deb's email address. If Deb has received a virus appearing to come from Caryl's address book, it is most likely that someone has picked up her address from a website .. could be the UK forum. As Deb isn't even in Caryl's address book it hasn't come from Caryl!! Blame her for all the troubles they have brought upon themselves .. for the Iraq War, for the last earthquake .. for the fall in the dollar .. but not for a virus sent to someone whose address she does not have!

If I may add to this topic, first let me inform you when it comes to computers I'm not the brightest light bulb in the house. With that said, I've been getting emails from people I know and those I don't know, Heck I even got one from myself???
Anyway I contacted my ISP server and was informed that there is/was (?) a virus going around, and if someone didn't have a good/updated virus program in place this virus would send emails to everyone on their list, then send email on to people on the other person's list. Hope you understand what I'm saying here. So why did I get an email from myself?? cause my darn Outlook Express has me in my address book.
I have Norton Internet/Virus installed on my PC and just updated to the new version, before my old one ran out.
Hope this made some kind of sence ?
Wezzie :oops:

Vicki I did not blame Caryl for sending me a virus, I just said i had got one from her email account. I'm not that thick that I dont know virus's take over someones address book, I was trying to let her know so she could check her comp or at least be aware of it. As I said I did try to reply to it and I also pmed her, only once it was posted in here did I mention it and more to help her than anything else, If my comp had a virus or my email had been taken over by aliens I'd like someone to tell me. So someone from the uk forum is very unlikely to of sent me a virus in caryls name, virus's do that all on their own.

This is bigmommas husband posting here,normally I frequent pc security related forums,but I believe that this information is important to all users here also.And I would like to clarify a few facts.

-----------------------------------------------------------------------------------------
OK,first of all,when I sent the message to various mods/admins here,I did not specifically say that it was the ROL mailing list.

My wife recieved a email from c........................................m,the security measures on my pc prevented my wife from opening the file.She mentioned it to me,and I said I would look later,which I did,and upon scanning with AV,found out it was the Win32:Netsky-C worm,which is very prevalent at the moment.

The virus itself was attached to a file which came from c........................................m ,now I do not know wether that is ROL mailer or not.

But as this virus is a mass-mailing worm,thought it is important to alert anyone who might be in the address book of that email address,now I presume that some people from here may have been in the address book of the said email address,or even if their email address is on the computer where that email address is used from,because it does not just use address book,it scans the infected computer in different ways also to find any email addresses it can.

I do not know if c........................................m also uses the ROL mailer on their pc,if they do,then it could also use the ROL mailer to send the virus,or maybe the mailing list is on the pc of c........................................m ,and this is why I think it is important to alert everyone.

If it does infect another user,then it would then use all email addresses on their pc,and as many people here probably have each others mailing addresses on their pcs,it could spread quickly around all members of this forum,this is again why i believe it is important

Now there are a couple of scenarios that this could be.........

1.The antivirus on said pc is useless(probably not)

2.The antivirus on said pc is not updated,this is a relatively new worm/virus,so if the virus definitions are not up to date,then it will not detect it.

3.The mail server/account of c........................................m has been hacked into,and someone is using it to send viruses.

4.The virus was sent from the said pc intentionally(I sincerely hope not)

One of the most common causes of virus infections happens because users do not update their antivirus frequently enough,so I suggest you all do.

I still have a copy of the origanal email,if anyone wishes me to forward to them,then just pm my wife(only for those that know how to handle viruses and are maybe curious)

If you dont use antivirus,then I suggest you start using one,I use avast antivirus,which is FREE,you may try the antivirus,with no limitation for free for 6 months,if you wish,by registering a personal license(again FREE) allows you to recieve updates for 14 months.Updates for this av are very small,and are very quickly released,nearly every other day,sometimes daily,and are automatic.

kind regards....
jp

Edit(R.): Email addresses removed for privacy and security reasons

:wtf:

i have spoken to caryl on the phone about this as i am on her adress list but i have not recived any this is what she said

1 The email address being used is one on the ROL site and has been picked up by a spider
2 Caryl's antivirus is up to date and includes protection against this specific worm. Her antivirus is updated daily, and a scan of her computer has shown her system is clean.
3 The email addresses which say they have received emails from Caryl are not in her address book .. so there is no way they could be coming from her or her system. Even the cleverst virus can only access/download/use addresses which are in the person's address book.

i hope this clear's up any missgiving's this hasnothing to do with the rolperiod .end of story!
i belive her why cant you?

where did you get the impression that people are saying that caryl started the virus??????

Sigh. To quote my friend Winston, RTFP. Don't think anyone said that they thought it was being done by Caryl let alone being done to be malicious. Deb explained herself in pretty clear terms, I thought...
And BTW, that reaction was possibly just a little over the top... Just my opinion, of course.

If that is the case,then.....

Why has she not made a post here warning people that her email address(which many people will regard as safe btw)has been used maliciously,or if she is unable to post,then got somebody else to do it for her??

If loafdom.com is her domain,then surely she has access to the cp to close down that email address.....and prevent anyone else being sent emails,from what many would regard as a "safe" address........

And it is not coincidental that 2 people from the same forum(here)would recieve a virus like that.What you are saying,is that someone has gained control of her email address,then decided to mail a virus to 2 members of this forum,this is definately not coincidental.

There are ways to find out specifically where a email has origanated from.....even to find out the machine that it origanated from.

jp

Thanks Mouse and Deb for bringing the virus to everyone's attention, and to Bigmomma's husband for the detailed explanation and for the sound advice.

Nobody's blaming anyone. We can all unknowingly pass on a virus. It happens!

Diane

Once again.....

I DID NOT SAY CARYL WAS A LIAR ON THIS ONE.

I got an email one day last week from caryl and unlike the others, mine actually came from Caryls bt account. At the time I replied to it asking Caryl if she knew if she had sent it and if not to check her comp (or words to that effect, dont shoot me if i got it slightly wrong) Gave it a while and no reply, so I pmed her, if no one believes me check the poxy pm box and you'll see it sitting there long before this even got mentioned. i didnt mention it on the board then because i didnt think anyone else had it. Once it was posted I thoguht i'd add my experience of this to help others and beleive it or not!!! shock horror!!!!! Caryl also. As I have already explained in reply to Vickis post.

Big mommas hubby has already explained that virus's can take email addys from any where on your comp.

How this informative thread turned to this is really beyond me, I really do wish people would get the facts straight before jumping on someone. Know woneder threads get out of hand and we're having the problems we are here.

If theres any comp geeks here that know how i can get any deleted mail back from outlook, please let me know, so i can actually prove i got this email in the first place,
or to find out from my norton reports where the email came from.

Have you cleared out your "Deleted Items" folder lately? If not, check there.

yeah I clear it all the time :( especially since a few of us had a bout of virus's the other week, i worry about them doing something even in the trash lol. Plus I read somewhere its best to. I do have a report of it in norton, it just wont give me any info of where it came from, anyone got any ideas on where esle it might say it?

thanx for replying anyway :)
Deb

Debs

You could try going into your Deleted Items folder, click Tools then select Recover Deleted Items. You'll see the e-mails you deleted over the last couple of weeks and you can select which one(s) you want to recover.

Depends on what version of Outlook you have though. I can do this on my work PC, but not at home.

Lynne

Thanx Lynne

Just tried and I havent got that option. I have outlook express 6

Deb

Dear Symantec Store Customer,

Virus Warning!
W32.Netsky.D@mm - Category 4 Virus

Symantec has upgraded the W32.Netsky.D@mm to a Level 4 threat [On a scale of 1-5,
5 being highest].

W32.Netsky.D@mm, a variant of the recent W32.Netsky.C, a mass-mailing worm that uses its own SMTP engine to send itself to e-mail addresses it finds when scanning a hard drive. This may clog mail servers or degrade network performance. The worm attempts to remove registry keys for various worms such as W32.Mydoom.A@mm, W32.Mydoom.B@mm and W32.Mimail.T@mm, attempting to deactivate these threats.

Identifiable Characteristics of email:

(The Subject, Body, and e-mail attachment vary. See technical details for the full lists of possible subject lines, messages, and attachments. Click on Symantec Security Response link below for more details.)

From: (spoofed)


Subject: Re: Your website
Re: Your product
Re: Your letter(there are various different variants)



Body: Your file is attached.
Please read the attached file.
Please have a look at the attached file.


Attachment: your_website.pif
your_product.pif
your_letter.pif
your_archive.pif


With the newly found mass-mailing worm, W32.Netsky.D@mm, Symantec advises customers to protect the network and update the definition file of all the Symantec AntiVirus solutions, using LiveUpdate and Intelligent Updater.

New Customers
For protection against the W32.Netsky.D@mm, purchase Norton AntiVirus 2004 for only £44.99. You may wish to enhance your security by purchasing Norton Internet Security 2004 for only £54.99 which includes Norton AntiVirus 2004, Norton Personal Firewall 2004 and Norton AntiSpam 2004.


Thats the info norton are sending out about this virus, hope it helps someone.

Not all virus checkers pick up everything either, even if they are updated.

Yes, you only get that option in the later versions of Outlook, not Outlook Express.

Don't think you can recover your permanently deleted messages in OE6 unfortunately.

In the past three days i have been sent the same virus 7 times now!!! Luckily my fire wall is picking them up for me before i let curiosity get the better of me!!

Caryl can't reply to this because she evidentally has been banned from the forums for whatever reason.

I received 3 emails the other day that contained that same worm and I started to open one of them because I thought I recognized the email address as one I've seen on the BatCaves list. Now it may or may not have been anyone really on that list but my virus scanner caught it before it went into anything. (WHEW!) This was not sent to my RoL list address or the one I have in my profile here (without looking I think I had changed it). And many of us are on multiple lists so who knows where this started.

This does not mean that it really came from anyone on either the RoL list or the BatCaves list. It just means that it attached itself to someone's name and multiplied from there. The same with the one that supposedly came from Caryl. It didn't originate from her even though it may look like it did. Someone must have had both of those addresses in their address book (Caryl's and Deb's) or somewhere in their files/system for this worm to attach itself to them and spread. The main thing is to make sure your virus scanner is updated to catch it to prevent it from going any farther.

Lady B

No one said it definitley did come from caryl but on the other hand no one can say it definitely didnt either, but the point here is that everyone needs to be careful what they do and dont open and to keep their virus stuff updated

Deb

Exactly!

Lady B

To clarify this:

I'm 99,99% sure that Caryl is not spreading any internet worm.
You can verify this quite easily, if you analyse the mail headers.
It's much more likely that one member of that mailing lists got infected and now the worm is harvesting that member's address book.

Additionally a warning:
There are variants of the W32/Bagle worms on the loose.
I received an email from management@mlukfc.com notifying me about my email account utilization.
This is a fake email address and the email is not coming from mlukfc.com.

Part of the email header:

This one was sent from a computer called "toshiba-user" in Australia.
Does that sound familiar to someone?

i cant check mine cause its been deleted, unless someone knows how i can get the info back. I think bigmomma has hers though,

I;ve had 100's of virus's sent to me lately luckily nortons found them. Even had emails from people saying i'd sent them virus's but I hadnt, so someones also hijacked my email addy. Clever little so and so's these virus's :(

Deb

I know what you mean Deb.
I have been hit repeatedly over the last week or two and I even got one the other day stating that the e-mail address I sent an e-mail to wasn't valid and I don't even know that address.

Maria

Can't check this, deleted the mail. The attachment was deleted by Norton virus scanner. Warning was: w32.beagle@amm detected and deleted. Mine was supposed to look like it came MOTS.
Thank God for an updated virus-scanner. :D

well this is big momma, not the hubby as before.
i will put this as nicely as i possibly can.
1) when jp told me their was this virus and to post the info on forum, i said no, didn't want the agro, i said tell the moderator, they will post about it.
2) jp only wanted to warn people about this to save people time upset and work, ie incase of damage to computer, he did not want to go causing trouble or things like that.
3)my nice calm, placid hubby is now totally fed up with trying to explain, as he said all they want to do is cause arguements and i have not the time for that.
4) when i asked him to post the reply about the header, his reply was, why bother, you could give all the details from here to kingdom come and most would still tell you, your wrong, even with everything staring them in their face.
now for the past few months i have peeked back in every so often to see if things are calm or stormy, and well more often than not i have needed an all weather mac to venture in here.
but this has just proved it too me all to clearly, we really did not need this tripe today, we are moving house in a few days and with six kids that is a really big job, i really wish i had told him not to bother i really do.

You're moving and have six kids? OMG... you have my sympathy, girl...

As for the worms: The trojans get smarter and smarter. They can mail themselves to every person in your adressbook (outlook) and even get email-adresses from your "my documents"environment. Just like the spambots get smarter and can get email-addy's out of forwarded mails...

Don't blame the "supposed" sender. Blame the creator of the virusses...

I myself never ever open an attachment sent through mail, unless it's a person I know and trust and he/se says in the mail it's ok to open.... I also keep my scanner updated, it auto-updates when a new .dat file is available.

But I also never blame a person if he/she gets infected and I get a mail with a worm-attachment in it.

I once was a newbe on the internet. Didn't know shit, he he... managed to infect 3 egroups with the happy99.exe worm :oops:
Alanis Morrisette quote: "you live, you learn..."

And I for one am glad he took the trouble to warn people. So thanks, jp 8)

i think bigpoppa was spot on in doing what he did aswell :P

Just wanted to Thank Bigmommas HUBBY !!!! I thought you did a superb job explaining this worm thingy. I tried but as I told ya'll when it come to this worm stuff (or did I say computers? :oops: ) I'm not the brightest light bulb in the house.
Bigmommas hubby, again thank you, I understood everything you wrote, even better than what my ISP server told me.
Wezzie :lol:

thanks for that, i will tell him, it will put the smile back on his face.
he is used to putting things the way people can understand when it comes to computers as he has me for a wife, when he starts going on about these things my eyes start to glaze over, and i lose the power of speech :oops:
well now you probably wont see us till the end of next week, good luck to all, and i will keep my fingers crossed that everyone is still here when i come back, and just maybe, some of the old crowd may have returned,well i can dream cant i :roll: :wink:
take care,
kezzina

Yep i'm greatful to him as well :) he explained things very good.

Hope the move goes well. hopefully it'll mean you'll have more room after lol, I know how that feels :wink:

Deb

Computer Virus
 

Hi all, not sure if this is going in right place or not, but sure one of the Mods will move if it's wrong.

Just a warning ... be extremely careful at the moment when opening your email. So far, I have had about 10 virused emails in Outlook Express, and joy of joy found one of the little darlings in Hotmail last night. Thankfully Nortons picked up the Outlook ones and Hotmail wouldn't let me open the supposed attachment. Last nights one was titled Re: Excel File.

I know you are all probably so well versed in avoiding viruses lol but can I just say Please do not open any email from anyone you don't know, or any that look even the slightest bit dodgy.

A great site for double checking your computer is www.housecall.com it lets you d/l a scan type thing, which doesn't conflict with Nortons or anything, plus you can also sign up for a weekly email which gives you warning of any viruses going around that you possibly haven't heard about.

It's not over yet: http://news.com.com/2100-7355_3-5169...l?tag=nefd_top :angry:

R or someone, could you put that into english for me :? My brains not taking anything in at the moment :(

Deb

Basically it's sayiong that the lowlife who write these viruses are slagging each other off in the virus code, with each variant of a particular virus containing a taunt or a reply to that contained in a previous variant of a different virus.

Bottom line is that we can expect these viruses to continue being setn round the net while the lowlife continue to fight :(

wonderful :(

I got some the other day that had 2 virus's in each mail!!!

Deb

Just found No. 2 in my Hotmail account with the subject header 'your body is sexy in your pic'

:lol: :lol: they obviously haven't seen my body lol

A lot of the virused emails going around seem to have different headers as the subjects so it's hard to tell. Plus, the email addies they are supposed to have come from appear to be genuine addies.

Sometimes I wish hackers would put their talents to good use, like getting me £1,000,000 then I wouldn't have to work lol

:lmao: Just got another

This one reckons its from wezzie at oifc 8O Says i'm naked lolololol..


Return-Path: <edited@meatloaf-oifc.com>
Received: from ntlworld.com ([80.1.32.65]) by mta05-svc.ntlworld.com
(InterMail vM.4.01.03.37 201-229-121-137-20020806) with ESMTP
id <20040304215044.SQIH27661.mta05-svc.ntlworld.com@ntlworld.com>
for <edited@ntlworld.com>; Thu, 4 Mar 2004 21:50:44 +0000
From: edited@meatloaf-oifc.com
To: edited@ntlworld.com
Subject: Re: <5664ddff?$??§2>
Date: Thu, 4 Mar 2004 21:51:50 +0000
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0013_000031D9.00002B01"
X-Priority: 3
X-MSMail-Priority: Normal
Message-Id: <20040304215044.SQIH27661.mta05-svc.ntlworld.com@ntlworld.com>

This is a multi-part message in MIME format.

------=_NextPart_000_0013_000031D9.00002B01
Content-Type: text/plain;
charset="Windows-1252"
Content-Transfer-Encoding: 7bit

your are naked?

------=_NextPart_000_0013_000031D9.00002B01
Content-Type: plain/text;
name="Norton AntiVirus Deleted1.txt"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="Norton AntiVirus Deleted1.txt"

Tm9ydG9uIEFudGlWaXJ1cyByZW1vdmVkIHRoZSBhdHRhY2htZW50OiB1bmZvbGRzLnBpZi 4N
ClRoZSBhdHRhY2htZW50IHdhcyBpbmZlY3RlZCB3aXRoIHRoZSBXMzIuTmV0c2t5LkNAbW 0g
dmlydXMu
------=_NextPart_000_0013_000031D9.00002B01--



that make any sense to anyone?

Deb

FYI: I have edited the email addies in above post for privacy and security reasons.

See what I mean about the subject headers. They must think we came down in the last shower ..... well so far we know three of the subject headers NOT to open lol .....

Maybe we should start a new topic with the subject: Virus Email Headers lol

Ahh thanx R :)

does that header say where it came from?

sultonfan,
I assure you I have never seen you naked ! 8)
I also hope you know I didn't send that to you, but at least you haven't got one from yourself yet !! :oops:
Wanted to add something to Caz's post, unless you have a virus program and (thanks to David's suggestion) update it every day DON'T OPEN ANY ATTACHMENT !! It doesn't matter if you know the sender or not, as you saw sultonfan got something from whom she thought was me. This virus is I think the worst yet. Thanks for the link R.
Wezzie

Thank you so much for posting this!!! I have my own domain and got 2 emails from "management" and "no reply" with my domain name, virus attached!!! If I hadn't seen your message I very well might have opened it. It was almost word for word to what you received.

Thanks a million again R!

Lady B

Phew glad about that Wezzie thought someone ahd been sending them baby pix around :wink: No of course i knew you hadnt sent me a virus lol ,was just saying where it was saying it was from.

Deb

FYI, there's another variant of the Sober worm active right now.
This one arrives as a security patch from Microsoft.

More info here: http://vil.nai.com/vil/content/v_101081.htm