posted 08-02- 10:33 PM               

I send you this file in order to have your advice

See you later. Thanks"

...however given that people frequently send files back and for on projects asking for advice, and since its an SDOE file, I thought it wise to mention here. Stay alert, and don't open the attachment, even if you recognize the filename!

Werner

posted 08-02- 11:27 PM               

Thank you for your assistance and immediate cooperation in this matter.

Regards,

Werner Molders

posted 08-02- 11:29 PM               

Its little more advanced and harder to config but safer - most viruses use Outlooks config.

www.eudora.com

posted 08-02- 11:57 PM               

Werner

posted 08-03- 12:33 AM               

If xx.26ac.org (you canīt change password) maybe xx@26th-aircorps.org have same capacity to send but im not sure... there you can make your own passwords (security better for you maybe).

I give you booth for a time if it can help you out in any way.

If to any help send me a mail to Barcat@26th-aircorps.org and i give you one ... and my identity you find easy on net confirmed if you like to know how i am...

yours Barcat

posted 08-03- 12:37 AM               

The text that comes with the SirCam virus is the following -

"Hi! How are you?
I send you this file in order to have your advice

See you later. Thanks"

There is a spanish version of the same, my father received it. I would post that text exactly but I've already purged his system. I'm sure BabelFish/Altavista will do a decent enough job translating this that you will know what to look for.

As for your question specifically - My understanding is that you're safe unless and until you open the whatever.pif file. The .pif file is the virus! Don't open it!!

As for my situation, I finished downloading all 17 megs of that rubbish from the server, and my fears have been allayed somewhat, they aren't duplicating on the server anymore. My ISP has an address where, when you send them the full email header of a spammer, they will block any messages from that sender to you. I know this isn't true spam, but as a measure of self-preservation I sent the header, I just hope the automatic handler program/database at the other end acts immediately, so I don't wake up to more copies of this.

*grumble*

Werner

posted 08-03- 12:40 AM               

This is an example of why this community keeps me coming back, even if I haven't played the game in a while.

Werner

posted 08-03- 02:56 AM               

Also be on the look out for the Red Worm Virus...

People are always asking me how to keep from getting viruses...

#1. get a good Anti-Virus program & REMEBER TO UPDATE IT AT LEAST ONCE A WEEK!!!! if it is not updated then it won't detect new viruses....

#2. NEVER OPEN UNSOLICITED EMAIL!!!
If you don't know it, KILL IT!! especially anything with attacments!!!

#3. IF YOU RECEIVE A FREINDLY Email with an attacment that you were not expecting, email the sender BEFORE you open it & ask them if they sent it. If it can't be confirmed, THEN DELETE IT ASAP!!! If you were expecting it, you still scan it (a habit I still need work on myself)

#4. Do like me & get something like a yahoo email account like mine & give that address to any websites that request them. (this will help you deal with spam as well)

The weird thing about the SirC that was sent to me was that it had NO SENDER & NO MESSAGE, basically just an attachment with my geocities.com email addy on it (yahoo owns geocities so that email is checked through my yahoo mail as well)...

One last note about the Sirc virus, it CAN be removed from the system, you can find the info at www.VirusInfo.com & do a search on SirC32. HOWEVER, at work I found that even after the virus is removed, some will still have to reload windows as this virus corrupts the registry. Sometimes your can restore a previous registry & correct it, but many times not...
For those who don't know how to this, here it is:

Step One. BOOT TO DOS...not an DOS promt window either, I mean boot into PURE DOS

Step Two. Go to the C:\WINDOWS\COMMAND Directory ("CD" with the quotation marks is the DOS command for Change Directory) & type in this:

SCANREG /RESTORE

and then press ENTER.

Step Three. In a moment, you'll see a list of CAB files that read like dates. Highlight one (one dated BEFORE you got the virus) & press enter. Windows do a back up of existing (damaged) registry & restore the one you selected & will then ask for a reboot...so you press ENTER to reboot...
Hopes this helps someone...
If this info saves one computer from virus damage, I'll be happy

hip63

posted 08-03- 09:39 AM               

If you are expecting and email with an attachment, and you get it, >>> Look at the name of the attachment before you open it <<< Thats the way I got hit recently (with a different virus). Now all incoming mails, attachments are scanned as well as "hostile web sites" Thats right, things can happen just from surfing....

posted 08-03- 10:32 AM               

Iīm right now redirecting all my mails to a account on a server with a good e-mailprotection on Barcat@26ac.org

Smash the bugs ! also in 1 5 2 9 patch...

posted 08-03- 01:55 PM               

This mass-mailing virus attempts to send itself and local documents to all users found in the Windows Address Book and email addresses found in temporary Internet cached files (web browser cache).

It may be received in an email message containing the following information:

Subject: [filename (random)]
Body: Hi! How are you?

I send you this file in order to have your advice
or I hope you can help me with this file that I send
or I hope you like the file that I sendo you
or This is the file with the information that you ask for

See you later. Thanks

This is the part I find interesting:

>>>>> email addresses found in temporary Internet cached files (web browser cache). <<<<<

posted 08-03- 02:24 PM               

Iīm sorry i havent an english browser so i can guide you better but i think itīs

- tools - advanced - security and "empty temp internetfiles when broser closes" or something like that... check that box and use it.

I empty my browsers stored files because of that information i got - i think it was from a PC-magazine ...

Maybe someone else knows more about this.

posted 08-03- 09:00 PM            

I read a good tip in computer shopper to block viruses that rely on scripts. It says:

"Most users rarely need to run Visual Basic, so here's an easy way to block viruses that rely on scripts. Using Notepad, creat a text file called TEMP.VBS and save it to the Desktop. Hold down the Shift key, right-click on the new icon, select "Open with," and click Notepad. Finally, check "Always use this program to open this type of file." Now, if you try to open a potentially dangerous attachment, it opens in Notepad and doesn't run. If you need to run the script, save it to your computer, then drag and drop it onto Internet Explorer."

I've been thinking that I would just place all my email addresses for people in a real notebook instead of in outlook express also, to prevent sending anything out that comes my way.

I think I saw that HTML should be disabled in your mail program also. Anyone know anything about that???

posted 08-03- 10:07 PM               

C:\WINDOWS\Temporary Internet Files\Temporary Internet Files

hip63

posted 08-04- 01:40 AM               

I have been surfing with that settings a couple of years (maybe) and never had any problem with it to load any site.... maybe you have some other settings also ...? or itīs depending on your connection speed ?

When a virus hit all around itīs also easy to overreact - the best way is to have a good antivirusprotection - but i use this settings "just in case" because iīm more afraid of anyone going into my puter (some had that habbit in Janeīs or Hyperlobbys community) and checking up all my login files made by the browser. I hope this settings makes it little harder for them.

posted 08-06- 10:26 AM               

quote:

---

Originally posted by Psi:
Snickers, all due respect, I took your advice and when I went to some sites they would not load completely. I went back into Tools and re-enabled it and everything loaded fine.

P

---

I was just giving the steps to set it up, it was someone elses idea (post just above mine). There is a trade off between security and convenience and that is up to the individual... I personally do the same thing Hippie does. I will let the browser go in and delete the temp files. In addition, I will go in by hand and delete files, include every cookie I can find. (this just means I need to remember some paswords as deleteting the cookie may mean that I get prompted for it again... It depends on the site....)