Possible 'Forum' virus alert

Ron Castle · From: West Hurley,NY

I have recieved e-mail containing a suspicious file attached from various Forum
members. Norton anti-virus (using the latest definitions) say its a VIRUS.
The e-mails have had various 'subjects' relating to Forum posts of the past.

see this link
here

Ray Montee · From: Portland, Oregon (deceased)

See AL MARCUS, are you trying to reach me?
Same topic as this.

Brad Bechtel · From: San Francisco, CA

Yes, it is a virus (actually a worm), and it's hit Forum members particularly hard judging from my email. Here's the thread in the Computers section, which includes a couple of links where you can get help:
http://steelguitarforum.com/Forum12/HTML/000765.html

------------------
Brad's Page of Steel
A web site devoted to acoustic & electric lap steel guitars

Bobbe Seymour · From: Hendersonville TN USA, R.I.P.

Yep, I can't open any e-mail because of this. My virus aleart won't let me open any attachments.
www.steelguitar.net

www.bobbeseymour.com

[This message was edited by BobbeSeymour on 26 November 2001 at 10:25 PM.]

chas smith R.I.P. · From: Encino, CA, USA

After we're done in Afganistan, we should hunt down the sphincter-boys that do this kind of stuff.

Al Marcus · From: Cedar Springs,MI USA (deceased)

My McAfee virus scan 6.0 took care of the one in my computer. All is well again....thankfully...al

[This message was edited by Al Marcus on 29 November 2001 at 06:48 PM.]

Antolina · From: Dunkirk NY

Yes this worm/virus seems to prevading the whole country. My daughter's'puter picked on up and it went crazy playing mix and match with her email. Al apparently had one that found it's way to me. I'm fairly certain my anti virus picked it up. The onl protection fro my perspective is to GET SOME ANTI-VIRUS SOFTWARE!! There are some programs that allow one to track the originator but it's beyond my level of expertise.

Dougie Hodge · From: Grove City, PA / Hendersonville, TN USA

Me too. Got one a few days ago from W.C. with _steelwc. Hotmail scan said atts. were a virus, not to open them. I haven't heared from W.C. yet. I sent him a e-birthday card, don't know if he received it or not. Nov. 28th was his birthday! Happy Birthday W.C.!!! Thanks, Dougie

________________________________________________ '70 Emmons Original P/P D-10, Evans SE-200, Alesis Midiverb 4

"Steel Rocks!!!!"

[This message was edited by Dougie Hodge on 01 December 2001 at 09:14 AM.]

b0b · From: Cloverdale, CA, USA

My email programs are configured so that they never automatically open anything - not even the email itself. I get a list of emails, and I have to double-click each item to view it. It there's an attachment, I have to deliberately open that as well. Nothing is automatic.

This method has served me well to date.

On this recent spate of "Re:" messages, I've been clicking "Reply" without opening the message first. That way I can warn the sender without any risk of opening the attachment, because the attachment isn't included in quoted replies.

------------------

-b0b- quasar@b0b.com
-System Administrator

[This message was edited by b0b on 01 December 2001 at 12:06 PM.]

Janice Brooks · From: Pleasant Gap Pa

got 2 more this morning and one looks like it's from John Lacy.

------------------
Janice "Busgal" Brooks
ICQ 44729047

b0b · From: Cloverdale, CA, USA

I've had a few people ask me if the Forum is causing this recent email worm virus. The answer is NO.

The worm is spreading among steel players' machines because we all have each other in our address books and in our email archives. When someone runs the attachment, the worm sends itself to every address it can find in the victim's email system.

The Forum server (which runs Linux, not Windows) has not been infected, and my two Windows computers have not been infected. I don't run attachments, and I don't even preview suspicious emails.

I have received MANY copies of this worm, because my email address is in nearly everyone's system. I'm tempted to block all messages with a title of "Re:".

Some of the emails have legit sounding titles, though. The worm sends itself as a reply to unanswered emails sometimes. I got one today with the title "Re: The Steel Guitar Forum has Moved". I sent out that original email to all Forum members over a year ago. The worm sent itself back to me as a reply.

------------------

-b0b- quasar@b0b.com
-System Administrator

Colin Goss · From: St.Brelade, Island of Jersey, Channel Islands, UK

This type of worm can be stopped with Zone Alarm - it automatically renames any attachments (such as truth.scr to truth.zl9) preventing the script or exe etc from running. Zone alarm is a firewall which you can also set to stop web sites accessing your computer. Have a look at http://www.zonealarm.com/ for details - and its FREE.

Usual disclaimer - not connected etc, just a satisfied user.

Gene Jones · From: Oklahoma City, OK USA, (deceased)

A word of caution on Zone Alarm that I recently encountered. I have had ZA installed on my computer about 6 months and I've never had a problem with it until recently when I installed Front Page 2002 and my server installed the extensions.

I was never able to publish to my web after that and spent three weeks trying to find the problem until Microsoft techs said to try "uninstalling" Zone Alarm. (I had already tried "disabling" it but that didn't help.)

That solved the problem. I have Norton anti-virus and it has never caused a problem.

Jack Stoner · From: Kansas City, MO

I have FP2000 and don't have a problem with ZA. Just make sure you have allowed FP to act as a server. Zone Alarm should give you an option (when it tries to access the internet), and just check "allow" (or whatever the accept option is). If it is on the ZoneAlarm Programs list, select allow.

John Lacey · From: Black Diamond, Alberta, Canada

"got 2 more this morning and one looks like it's from John Lacy." That's strange Janice cause I don't have you in my address book. I've purposely kept my address book very small because of past infections. I'm downloading Panda as I type.

Blake Hawkins · From: Florida

I downloaded Panda and installed it.
While it was active, it caused a protection fault in Windows Explorer every time I tried to access the net.
After I took it out...everything is back to normal.
Blake

Bobby Lee · From: Cloverdale, California, USA

Front Page is evil. Zone Alarm is great. I have Zone Alarm on all of my Windows machines.

------------------

Bobby Lee - email: quasar@b0b.com - gigs - CDs
Sierra Session 12 (E9), Williams 400X (E7, D6), Sierra Olympic 12 (F Diatonic)
Sierra Laptop 8 (D13), Fender Stringmaster (E13, A6)

Bobby Lee · From: Cloverdale, California, USA

This worm finds unanswered emails and replies to them on your behalf. The recipient doesn't need to be in your address book.

Forum Index > Computers		Next oldest topic :: Next newest topic