Guest guest Posted December 2, 2001 Report Share Posted December 2, 2001 PS: I just got a failure notice from the sender of this message. The path was connynielsen@... so it was from Denmark. Oh well. It seems whenever I send mail to the sender of a virus the mailer fails. --le virus > I got an infected email from someone that may or may not be on this list. > The subject was > " Re: [CEDA] the daily motivator " > but it was blank except for a suspicious attachment. > The mail was sent to me and not the list. (This list removes attachments > automatically.) > > Please beware of opening any attachments, especially those with double > extensions. This attachment was > readme.mp3.scr > intended to look like a music file, but actually containing an executable > program. > > I informed the sender that her mail was infected. > Thought I'd mention it. > --le > > > > > Quote Link to comment Share on other sites More sharing options...
Guest guest Posted December 2, 2001 Report Share Posted December 2, 2001 I just received an email from this address headed " conferences " . There wasn't any attachment though. Jen Eaves wrote: > PS: I just got a failure notice from the sender of this message. The > path > was connynielsen@... > so it was from Denmark. Oh well. It seems whenever I send mail to > the > sender of a virus the mailer fails. > > --le > > > > Quote Link to comment Share on other sites More sharing options...
Guest guest Posted December 3, 2001 Report Share Posted December 3, 2001 , > so it was from Denmark. Oh well. It seems whenever I send mail to the > sender of a virus the mailer fails. I got a virus message from the same person. The reason the return mail failed is that the virus alters the reply-to address. Instead of the address you wrote below, the return path is actually _connynielsen@.... The underscore in front of the address causes the message to bounce. Some virus files can self-extract. That means that you don't have to actually open the attachment to be infected. If you are using MS Outlook Express, it is best to turn off the " preview pane. " The preview pane is the little half-screen section that lets you read the email text without double-clicking to open the whole message. The preview pane opens the email in the small window, allowing the self-extracting file to execute without your knowledge. Once you've turned off your preview pane, you can view the properties of an email by highlighting a message and right-clicking your mouse, then choosing " properties. " The properties window will show you all the headers if you click the " details " tab. On the details tab you can see the actual return path. On connie's email, the general tab says the sender is _connie but if I look in the details tab I see that the real address is connie Return-Path: To: kdavis@... Finally, if I am suspicious of an email and don't know if it is safe to open, I can always click on the " Message Source " button which will show the text of the email without actually opening the message. All attachment files will be listed, so I can scan for anything that may contain a virus before I actually open an email. If anyone wants more info, please let me know. I'll be happy to help, but please be patient with me as I only have limited email access until my computer is fixed. -Barb Quote Link to comment Share on other sites More sharing options...
Guest guest Posted December 3, 2001 Report Share Posted December 3, 2001 Well, I do use Outlook Express 5.5, but it always asks me whether or not I want to open an attachment, even when the attachment is self extracting. So maybe the people at M$ have wised up... Thanx for the info. I'll have to look into the option to view message source. If a mail program is stupid enough to open attachments without asaking, it seems like the only way to be safe is to view source on all email, which is awful... --le Re: virus > , > > > so it was from Denmark. Oh well. It seems whenever I send mail to the > > sender of a virus the mailer fails. > > I got a virus message from the same person. The reason the return mail > failed is that the virus alters the reply-to address. Instead of the > address you wrote below, the return path is actually > _connynielsen@.... The underscore in front of the address causes > the message to bounce. > > Some virus files can self-extract. That means that you don't have to > actually open the attachment to be infected. If you are using MS Outlook > Express, it is best to turn off the " preview pane. " The preview pane is the > little half-screen section that lets you read the email text without > double-clicking to open the whole message. The preview pane opens the email > in the small window, allowing the self-extracting file to execute without > your knowledge. > > Once you've turned off your preview pane, you can view the properties of an > email by highlighting a message and right-clicking your mouse, then choosing > " properties. " The properties window will show you all the headers if you > click the " details " tab. On the details tab you can see the actual return > path. On connie's email, the general tab says the sender is _connie but if > I look in the details tab I see that the real address is connie > > Return-Path: > > To: kdavis@... > > Finally, if I am suspicious of an email and don't know if it is safe to > open, I can always click on the " Message Source " button which will show the > text of the email without actually opening the message. All attachment > files will be listed, so I can scan for anything that may contain a virus > before I actually open an email. > > If anyone wants more info, please let me know. I'll be happy to help, but > please be patient with me as I only have limited email access until my > computer is fixed. > > -Barb > > > > > Quote Link to comment Share on other sites More sharing options...
Guest guest Posted December 3, 2001 Report Share Posted December 3, 2001 > Well, I do use Outlook Express 5.5, but it always asks me whether or not I > want to open an attachment, even when the attachment is self extracting. So Have you downloaded the critical updates packages at http://windowsupdate.microsoft.com? If so, that would protect you from the virus because the latest security patches block self-extracting email attachments. > maybe the people at M$ have wised up... Microsoft is always updating their software and providing patches and fixes for known program vulnerabilities. Check out http://windowsupdate.microsoft.com and http://office.microsoft.com/productupdates/ for the latest downloadable program updates. > Thanx for the info. You're welcome. > I'll have to look into the option to view message source. If a mail program > is stupid enough to open attachments without asaking, it seems like the only > way to be safe is to view source on all email, which is awful... Unfortunately, there are many viruses targeted specifically to Microsoft Outlook. There are a lot of anti-MS hackers out there and they target MS specifically. -Barb Quote Link to comment Share on other sites More sharing options...
Guest guest Posted December 26, 2001 Report Share Posted December 26, 2001 Hi Folks, It appears that I have received a virus for christmas....not the type you can lay in bed with but one that completely destroys your ability to communicate with the outside world! I have now completely wiped your existance from my address book and luckily the virus has been detected and quaratined by my anti-virus software...all outgoing mail should be stopped if it contains the virus...but neverthelses I can't seem to correct the problem.... So just in case....don't open any attachements!! I also can't retrieve email at the current time so if you need me...it'll be roachieaus@... If in the next few weeks you haven't heard from me...please email me at the beachpad address so I can get your names back into my address book! Hope you all had a good one yeaterday.... Cheers Roachie Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.