Viruses

  • Thread starter Thread starter Will
  • Start date Start date
W

Will

Hello..
After I posted a question 2 days ago I am getting constant
e-mails from microsoft with .exe viruses attached.. Does
anyone else see this and how do I stop them??

Thanx
Will
 
If you have ISA 2000 implemented, you can use the SMTP filter to block all
messages with .EXE attachments.

David
 
Will,

Get on the internet and get you a program called Mailwasher. You can delete emails
before they get to your server, set filters to blacklist emails coming from those
you don't want it from. You'll need to do some work to begin with.

Oh, you also need to run an online virus scan at Symantec.
http://security.symantec.com/default.asp?productid=symhome&langid=ie&venid=sym

After you run it, get on Google and enter the virus and or files it come up with.
http://www.google.com/

Without getting rid of all of the virus, worm, trojan, or etc., you will keep
getting the emails. You may want to consider your email address.

good computing,
don
------------




Hello..
After I posted a question 2 days ago I am getting constant
e-mails from microsoft with .exe viruses attached.. Does
anyone else see this and how do I stop them??

Thanx
Will
 
Greetings --

What you received is either a very common malicious hoax or the
output of a computer infected by one of several wide-spread, mass
emailing worms. The most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.

There's probably no way of blocking all of the bogus messages, but
you can greatly reduce the number you get by creating a rule, based
upon the most commonly used subject lines, to delete the emails from
the server without ever downloading them.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
If you're using Hotmail you can block them. If they use different sourced email
addresses that won't be affective. Most of them are around 140K-170k. So you can
try (in OE) to make a Message Rule that deletes are moves any emails that are larger
than 140k to a specific folder. This is an ongoing problem apparently unlikely to go
away soon. I get about 30 a day.
 
I've been slammed by up to 100 a day after posting on this
site. I believe that someone (someones) are deliberatley
doing this to harass MS customers. My suggestion is to
get a new email address because that is the only way you
will stop it unless the FBI catches the people first. I
gave up trying to filter out the Swen virus. With a new
email address I am virus free again and the spammer is
thwarted.

sk
 
It isn't that personal. Anyone who has ever sent a message to any newsgroup
or has had their name in the address book of anyone who was infected is
getting this. Anyone who is anyone is getting Swenned nowadays. (Must stop
calling it the Sven virus - that's the name of that football chappy isn't
it?)
Evi
 
Of course, the other way is never to put your e-mail address into your
newsreader in the first place.

Saves a lot of hassle!!!!

Mike
 
Back
Top