[LargeFormat] Virus?
Clive Warren
largeformat@f32.net
Fri Apr 26 05:41:02 2002
At 6:50 pm -0700 25/4/02, Les Newcomer wrote:
>I'm putting this out as an APB and asking if anybody knows what's going on
>with my computer.
>
>Starting about 3 or 4 days ago I started getting emails from unkown
>recients, with various attachments.
>None of the emails come from the same address, none come from the LF list
>serve, all have different subject headings. All have attachements with odd
>or unkown formats
snip
>
>Has anybody recieved anything similar?
>Does anybody have enough computer skills to tell me what a .pif, scr and a
>[1].htm is? I would have assumed it would have lead to a page on the web
>but it doesn't.
snip
Les,
As you are using a Mac you are probably safe. This is the Code Red
worm virus that has surfaced again. Essentially, if someone has an
infected machine, the virus uses the MS OutLook mail application to
gather Email addresses and replicates itself, generating attachment
files that includes the virus and based on random files on the
unfortunate person's computer. The virus sends out Emails to all the
addresses it can find - if your address is on the infected computer,
you receive the virus carrying Emails. The Emails are sent out
whenever the infected machine is connected to the internet.
The .pif, scr and [1].htm attachment files are the virus incorporated
in random selections of files taken from the infected computer.
As you are using a Mac, simply delete the messages and attachments -
always a good idea to run a virus checking application that should be
kept up to date. If you are using a PC and OutLook then the preview
window can activate the virus. So if you are running a PC and find
the suspicious file attachments, chop your external internet
connection immediately and run an up to date anti-virus application
to clean up your computer.
Some modifications of this virus can also gather Email addresses that
are included on web pages visited by the infected machine. The
visited pages are stored as files in the browser's cache and the
virus scans these looking for EMail addresses. This is how the
registered f32 photographers recently were subject to virus Emails. I
did warn all registered photographers to be on their guard and
identified the Email for them.
One of the best ways of avoiding the MS virus of the month is to use
any mail client that is not OutLook! I recommend Eudora which is
free and an excellent Email client that I have been using for many
years. http://www.eudora.com If you also use a Mac then you are even
more safe :-)
Hope this helps,
Cheers,
Clive