Loading ...
Sorry, an error occurred while loading the content.

Alert - virus possibility?!

Expand Messages
  • Kathryn Woolard
    I just got 4 copies of one message and 2 copies of another that were sent to the codeswitching list from Jan Blommaert s address. Both have odd attachments and
    Message 1 of 5 , May 30, 2002
    • 0 Attachment
      I just got 4 copies of one message and 2 copies of another that were sent
      to the codeswitching list from Jan Blommaert's address. Both have odd
      attachments and brief messages that say "You've got to look at this page"
      with a face icon rather than Jan's sign-off.

      Jan, this doesn't look like you. I am going to assume someone is using your
      address to make mischief, unless I hear otherwise. I imagine others should
      do the same.

      Kit
      **************************************************
      Kathryn A. Woolard kwoolard@...
      Department of Anthropology, 0532
      University of California, San Diego
      La Jolla, CA 92093-0532

      Office phone: 858/534--4639
      Fax: 858/534-5946
      **************************************************
    • carsten_otto
      Dear group-members, as Jan told us in message 805 the messages 800 - 801 -- which I deleted from the list -- were definitely infected or caused by a virus.
      Message 2 of 5 , May 30, 2002
      • 0 Attachment
        Dear group-members,

        as Jan told us in message 805 the messages 800 - 801 --
        which I deleted from the list -- were definitely infected or caused
        by a virus. Anyway, best thing is to delete it (them) from your
        machines!

        Cheers

        Carsten Otto
        one-of-the-moderators
      • Jakob Cromdal
        hi all, just a note to suspend the tension...I opened all four of the messages (in search of the weblink), exposing my system to whatever was in there. after
        Message 3 of 5 , May 30, 2002
        • 0 Attachment
          hi all,
          just a note to suspend the tension...I opened all four of the messages (in
          search of the weblink), exposing my system to whatever was in there. after
          the first virus alert I got the latest (daily) update for my virusprog. and
          scanned the entire system thoroughly. it returned nothing. so I guess most
          of us can relax, at least this time. still, a virus check is of course
          recommended!

          best,
          jakob cromdal


          At 18:05 2002-05-30 +0000, you wrote:
          >Dear group-members,
          >
          >as Jan told us in message 805 the messages 800 - 801 --
          >which I deleted from the list -- were definitely infected or caused
          >by a virus. Anyway, best thing is to delete it (them) from your
          >machines!
          >
          >Cheers
          >
          >Carsten Otto
          >one-of-the-moderators
          >
          >
          >
          >To Post a message: code-switching@yahoogroups.com
          >To Unsubscribe, send a blank message to:
          >code-switching-unsubscribe@yahoogroups.com
          >Web page: http//groups.yahoo.com/group/code-switching
          >
          >Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/

          Jakob Cromdal
          Assistant Professor
          Dept. of Child Studies email: jakcr@...
          Linkoping university phone: +46 13 282907
          581 83 LINKOPING fax: +46 13 28 29 00
          SWEDEN url: http://www.tema.liu.se/tema-b/
        • Celso Alvarez Cáccamo
          Jan s message was probably sent from another computer by the Klez virus/worm series, which is making a mess in the world s computers. Apparently one version of
          Message 4 of 5 , May 30, 2002
          • 0 Attachment
            Jan's message was probably sent from another computer by the Klez
            virus/worm series, which is making a mess in the world's computers.
            Apparently one version of it is VERY lethal, Klez.I , I believe -- it
            activates on the 6th or 13th of each month and deletes your entire hard
            drive. The other variants of Klez are quite harmless, except for their
            endless reproduction.

            BUT, maybe Jan's message was not sent by him or from his computer. The Klez
            worm infects A's computer, takes A's addressbook, fakes a sender (B = Jan)
            from this addressbook and sends itself to all addresses in A's list. The
            worm also fakes subject lines sometimes taken from real messages, so the
            infected message looks real. I believe Klez also takes actual filenames for
            the infected attachment.

            So, the most likely scenario is that the infected person is someone on the
            code-switching list who has both Jan's and the c-s address in his/her list.
            Since Jan is an old-time member of the list, his message was not moderated.

            It is not always wise to inform the supposed sender, as this person may NOT
            be infected.

            Maybe one planned side-effect of the virus is to cause communicative
            confusion and noise.

            Best thing is to disallow attachments and HTML-formatted messages in the
            list. I thought these options were activated.

            Some further pieces of advice. Sorry if they sound patronizing:

            1) Get your institution's computer services to install a powerful antivirus
            (campus-wide, if that's the case) so that infected attachments are deleted
            before they reach your mailbox.

            2) Get a good antivirus and update it daily (McAfee, PC-Cilin, Panda).

            3) Get a personal firewall (for example, Tiny Personal Firewall, freeware)
            that detects unsolicited "calls" (requests) from and into your computer.
            You can configure the firewall so that you get totally cut off the internet
            even if you have a permanent physical connection.

            4) Read your mail offline (with no internet connection) once you download
            it. Some viruses are caught by clicking on innocent looking HTML links, or
            automatically activated with some email programs. How to do this?
            --if by modem, just hang up
            --if you've got a LAN or permanent internet connection, disallow all
            connections to the internet in the firewall program, or
            --drastically, just unplug the LAN line from the wall! (I do this often)

            5) Deactivate all options for automatic execution and automatic connection
            to HTML pages in your mail program.

            6) If you use Internet Explorer, get the latest "security patch" for the
            latest security hole ;-) -- which won't be the last one.

            7) Do not send or open .DOC (Microsoft Word) attachments. Send text files
            in RTF format, or, better yet,

            8) Convert your files to PDF (so far PDF files don't carry viruses). Two
            freeware programs to do this are Ghostview and Ghostscript (you need both).
            The Adobe Acrobat Reader is also free.

            And

            9) Use alternative freeware or shareware, which is less subject to
            infection (as it is less common, and virus designers try to maximize their
            attacks by targeting popular platforms and software -- Windows, Explorer,
            Outlook, Word). A good alternative browser is Opera, much safer, in my
            experience. Eudora is an excellent mail program. And Abiword is a free,
            light text editor.

            10) Be a RBC (Responsible Bandwidth Consumer) ;-) .


            Good Luck and Patience,

            -celso

            Celso Alvarez Cáccamo
            lxalvarz@...
            http://www.udc.es/dep/lx/cac/
            Assembleia da Língua:
            http://br.groups.yahoo.com/group/assembleia-da-lingua
          • Jan Blommaert
            Hi Celso, Thanks for this info. I was already wondering: I have a state-of-the art antivirus program (McAfee, some kind of Rolls Royce edition, quite
            Message 5 of 5 , May 31, 2002
            • 0 Attachment
              Hi Celso,

              Thanks for this info. I was already wondering: I have a state-of-the art
              antivirus program (McAfee, some kind of Rolls Royce edition, quite expensive)
              and instantly ran a complete scan yesterday, as soon as I started receiving
              notifications of a virus spread by my machine. Nothing appeared to be
              infected. Your info provides some explanation for this. Sorry to all those on
              the CS list who got alarmed by this.

              Jan Blommaert

              Citeren Celso Alvarez Cáccamo <lxalvarz@...>:

              > Jan's message was probably sent from another computer by the Klez
              > virus/worm series, which is making a mess in the world's computers.
              > Apparently one version of it is VERY lethal, Klez.I , I believe -- it
              > activates on the 6th or 13th of each month and deletes your entire hard
              > drive. The other variants of Klez are quite harmless, except for their
              > endless reproduction.
              >
              > BUT, maybe Jan's message was not sent by him or from his computer. The Klez
              >
              > worm infects A's computer, takes A's addressbook, fakes a sender (B = Jan)
              > from this addressbook and sends itself to all addresses in A's list. The
              > worm also fakes subject lines sometimes taken from real messages, so the
              > infected message looks real. I believe Klez also takes actual filenames for
              >
              > the infected attachment.
              >
              > So, the most likely scenario is that the infected person is someone on the
              > code-switching list who has both Jan's and the c-s address in his/her list.
              >
              > Since Jan is an old-time member of the list, his message was not moderated.
              >
              > It is not always wise to inform the supposed sender, as this person may NOT
              >
              > be infected.
              >
              > Maybe one planned side-effect of the virus is to cause communicative
              > confusion and noise.
              >
              > Best thing is to disallow attachments and HTML-formatted messages in the
              > list. I thought these options were activated.
              >
              > Some further pieces of advice. Sorry if they sound patronizing:
              >
              > 1) Get your institution's computer services to install a powerful antivirus
              >
              > (campus-wide, if that's the case) so that infected attachments are deleted
              > before they reach your mailbox.
              >
              > 2) Get a good antivirus and update it daily (McAfee, PC-Cilin, Panda).
              >
              > 3) Get a personal firewall (for example, Tiny Personal Firewall, freeware)
              > that detects unsolicited "calls" (requests) from and into your computer.
              > You can configure the firewall so that you get totally cut off the internet
              >
              > even if you have a permanent physical connection.
              >
              > 4) Read your mail offline (with no internet connection) once you download
              > it. Some viruses are caught by clicking on innocent looking HTML links, or
              > automatically activated with some email programs. How to do this?
              > --if by modem, just hang up
              > --if you've got a LAN or permanent internet connection, disallow all
              > connections to the internet in the firewall program, or
              > --drastically, just unplug the LAN line from the wall! (I do this often)
              >
              > 5) Deactivate all options for automatic execution and automatic connection
              > to HTML pages in your mail program.
              >
              > 6) If you use Internet Explorer, get the latest "security patch" for the
              > latest security hole ;-) -- which won't be the last one.
              >
              > 7) Do not send or open .DOC (Microsoft Word) attachments. Send text files
              > in RTF format, or, better yet,
              >
              > 8) Convert your files to PDF (so far PDF files don't carry viruses). Two
              > freeware programs to do this are Ghostview and Ghostscript (you need both).
              >
              > The Adobe Acrobat Reader is also free.
              >
              > And
              >
              > 9) Use alternative freeware or shareware, which is less subject to
              > infection (as it is less common, and virus designers try to maximize their
              > attacks by targeting popular platforms and software -- Windows, Explorer,
              > Outlook, Word). A good alternative browser is Opera, much safer, in my
              > experience. Eudora is an excellent mail program. And Abiword is a free,
              > light text editor.
              >
              > 10) Be a RBC (Responsible Bandwidth Consumer) ;-) .
              >
              >
              > Good Luck and Patience,
              >
              > -celso
              >
              > Celso Alvarez Cáccamo
              > lxalvarz@...
              > http://www.udc.es/dep/lx/cac/
              > Assembleia da Língua:
              > http://br.groups.yahoo.com/group/assembleia-da-lingua
              >
              >
              >
              > To Post a message: code-switching@yahoogroups.com
              > To Unsubscribe, send a blank message to:
              > code-switching-unsubscribe@yahoogroups.com
              > Web page: http//groups.yahoo.com/group/code-switching
              >
              > Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
              >
              >
              >


              --
            Your message has been successfully submitted and would be delivered to recipients shortly.