View Full Version : Virus Alert: what to do

30-11-2004, 08:46
This day, I recieved two emails, one claiming to be from 'Hotmail', and from another company. They both claimed to be returned emails. I assumed that they were part of this of false address scam, however, something about them made me uneasy. The attachments were supposed to be the email I had 'sent' earlier. There was even a 'footer' saying that they were scanned for viruses. Actually they were viruses. This is a new trick, one that pretends to be a warning about a virus.

To make sure you are safe:

1. Update your Anti-Virus (AV) software reguarly (daily is good, weekly is fine)
2. If an attachment comes from some unknown source, do the following:
i. right click on the attachment and save it on your harddrive. DO NOT OPEN IT.
ii. Goto where you saved it, right click on it. Most AV software will be integrated. You should see an option to scan the item
iii. Scan the item. You will know in seconds if it is safe or not.
iv. If it is not safe, DELETE IT! Do not open it, do not ponder, do not delay!
v. Goto the 'Recycle Bin', and delete it from there too
vi. Goto your email client, e.g. Outlook Express, and delete the email from there as well
vii. Smile that you know your AV is upto date, and you are safe!

Just to add, just had a 3rd one, this time from 'Yahoo', here is the title:
Re: illegal signs in your mail <SMTP:2963>
Forgot to add, this new virus is called Sober I

30-11-2004, 10:03
Just one more thing...
Just because you scan an item, and your AV says it's OK, if it looks the way Osher described it, and it's not something you know you sent, delete it anyway!

If mail comes from someone you know, does it look like mail they usually send? Would they send you an attachment with a name like that?
If it's not quite normal, and you're unsure, ask them!

I've spoken to too many people who's computers have been trashed by viruses to take the risk. My data is worth more to me than curiosity.

And while you do have to have faith in your AV software, none of them are 100% foolproof. They all have fine print. In the end, it basically comes down to common sense. Yes, rely on your AV to protect you, but don't go doing anything silly just because you can.

30-11-2004, 10:47
If I were you, I would not waste my time checking the letter, saving the file on my hard disk and scan it. Just delete the suspect email and empty your recyble bin. When an anti-virus detects a virus, it freaks out the computer and makes the deletion of a virus nearly impossible. It does that with mine, puts alerts at each single thing I try to do, which messes my computer, and refuses to delete the file and locks it there. I have to use my brain each time to find a way to toss the file in the recycle bin. Thankfully, this didn't happen to me very often.

Another tip about virus, if you got a virus through a webpage, empty your Temporary Internet Files for Internet Explorer. IE, being a crappy browser, and having an incestuous relationship with Windows, this tip might not work. For Opera, it's the cache that has to be emptied. And empty the recycle bin, to ensure the virus won't resurrect from the dead.

30-11-2004, 10:51
...yet another reason to switch to anything not made by MicroSquash. Sigh...someday...

Thanks for the heads up Osher!

30-11-2004, 12:38
Good ideas all, but the best (outside of getting a Mac) is to update your AV protection AT LEAST once a day (I update everytime I go on line-and sometimes Norton has an update twice in one day!) also: do three things to keep your data safe: 1)back it up 2) back it up 3) back it up! Do you detect a pattern here? :D

30-11-2004, 15:03
I get them all the time, if the address isn't someone in my address book (which automatically updates whoever I send to) it's a scam, virus or some other problem & only deserves to go into the delete file.

Dump them. If you didn't send them, they're not yours & are highly suspect.

And a resounding 'yes' to keep your virus protector updated!

06-12-2004, 22:08
I've been getting a few emails of this virus, but the one today was interesting. It claimed to be from AOL, and was called 'Password Confirmation'. These virus writers are clever!

06-12-2004, 22:18
one time i had a bunch of the returned mail notices, turns out the virus was using my pc, to send spam. it was the "trojan horse worm", very very difficult to kill. after taking it to a repair shop, and not killing it, another shop told me to go to a website, and download a free a-v software; killed it instanly, not sure if it would be proper to post their address, so if you want it just send me a pm or e-mail.

07-12-2004, 01:52
That sounds like the Klez virus Contradiction. This is the Sophos virus, however, they both use a similar email. The difference is that the Klez uses your address book and would appear to be from an individual, whilst the Sophos would appear to be from a company. The Sophos also claims to be virus checked.