WARNING: possible Virus alert !!
 

Hi peoples.

I just wanted to inform you that you may be getting an e-mail w/ an
attachment: "q409490.exe" This is what I received.

And then they say,
"Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies."
Who are these jokers kidding anyway ??
And, finally, note the last line hehe..

I guess this'll be know as the "j2003 Cumulative Patch" virus.

See Below:
------------------------------------------------------------------------------------


----- Original message follows -----

Microsoft User

this is the latest version of security update, the
"June 2003, Cumulative Patch" update which eliminates all
known security vulnerabilities affecting Internet Explorer,
Outlook and Outlook Express as well as five newly discovered
vulnerabilities. Install now to protect your computer from these
vulnerabilities, the most serious of which could allow an attacker to
run executable on your system. This update includes the functionality
of all previously released patches.

System requirements:
Win 9x/Me/2000/NT/XP

This update applies to:
Microsoft Internet Explorer, version 4.01 and later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later

Recommendation:
Customers should install the patch at the earliest opportunity.

How to install:
Run attached file. Click Yes on displayed dialog box.

How to use:
You don't need to do anything after installing this item.

Microsoft Technical Support is available at
http://support.microsoft.com/

For security-related information about Microsoft products,
please visit the Microsoft Security Advisor web site at
http://www.microsoft.com/security

Contact us at
http://www.microsoft.com/isapi/goreg.../contactus.asp


Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies.

Thank you for using Microsoft products.

Hi guys.

Today, I found two new virus/worms on my pc..

* Optimize.exe
* Directx.exe

Both of these were found w/ the same Date, so it's safe to assume that I
got infected two in the same day 8O ...

Do a search on your hd for these two files w/ exact spelling. If you find
any of them, get rid of these guys. They seem to hook into your registry
for these two files.

In mine, it was under (though it may be in other keys too, but I gotta find
them all out first)

I do have a question for anyone in the "virus stamping" areana..

* Does anyone know of an easy software app that can be run from a dos
...command-line and that's it ??
...I'm really looking for something really small and tiny and does not
...have to be installed w/ a huge baggage like MC Affee (which I do have)
* Also, same goes for a firewall. I have but, but I disabled it because it just
...slows down my internet surfing too much.
...Does anybody know of a tiny firewall app that I use turn on/off at will and
...is not a huge installation w/ baggage ??


Realy appreciated, thanks guys.
-vhelp

.
.
I also found something else out that was interesting..

* msblast.exe

This file was not on my hd, but there was a reference to it. And, it should
not be there.

It was found under key:

* ../Microsoft/Windows/Explorer/Doc Find Spec MRU
- - - * ab-C ... "directx.exe"
- - - * ab-E ... "optimize.exe"
- - - * ab-I ... "msblast.exe"
other keys of interest 8O
- - - * ab-F ... "Lru*.txt"
- - - * ab-H ... "au*.txt"
- - - * ab-j ... "dur*.txt"
- - - * ab-MRUList ... "cajdbhfieg"

EDIT: - - just found another items of interest below.

* ../Microsoft/Windows/CurrentVersion/Run
- - - * RUN -- UserSystem: "C:\PROGRAM FILES\DIRECTX\DIRECTX.EXE"
Note, this file had the same date as above. Def.'ly a virus/worm file. It's
also transparent looking :?


These were just as interesting too.

Well, that's it for now..
-vhelp

Hi vhelp,

We can never be too careful these days... :( Anyway, I would like to recommend the firewall I used before I moved to a hardware one (that is built-in in my ADSL router): Atguard. Atguard is an old firewall no longer produced, but does the job quite well, and also blocks ads and cookies if you want. It's a bit annoying in the beggining because it starts with almost no rules, but I actually think it's better this way. Because it's an old program, it use very little memory despite having lots of capabilities. And works with Windows XP.
I think Norton Internet Ssecurity is based in Atguard, but it's much more heavy and full of unnecessary stuff.

hi vmesquita,

Sorry, I didn't get an e-mail notification. Anyways..

Yes, get rid of the "unnecesary" stuff. I don't like bloating :(
All I really want is an on/off switch, if you know what I mean. You see, a
lot of times, I like to take a long break away from my pc, sometimes I will
nap (and fall asleep) all the while, my pc is connected. Granted, I'm only
on 56k, and you may feel that nobody would want to bother me, but there
are some missfits that will try anything (or any connection speed) anyways..
So, what i've ben doing was shutting down my connection and logging off.
But, this is a pain. Gemme an on/off switch and I'll be happy :P

Note, I'm looking for D/L's for OS under Windows 98 Gold !!

Thanks again,
-vhelp

Hi vhelp,

Have you considered using something like this: www.smoothwall.org and setting it up an old PC :?:
It runs like a charm, even on an old and slow Pentium computer.
Plus it will give you all kinds of statistics and protection that only high end hardware firewalls can provide.
And the best, it's free ;)

-kwag

Hi guys,

I've ben using the freeware version of Sygate's firewall protection. It seems
to be ok and I can't really complain - or can I ??

Below is a pic of a recent request I made when I called up the app to show
it's stats (just after I clicked on my "e-mail retreave" button to see my new
incomming mail.

Notice the thick white box I have, and the blocked stats
showing that something seems to be leaving my pc w/out my ok. It's in red.

Is this normal, or what ??

FWIW, a few weeks ago, I got a hit by a huge dump of e-mails on my pc.
About 2,000 emails !! I had to wait till all of them D/L'ed to my pc
before I could delete them. When I looked at some of them, most of them
were email I either sent out, or received as SPAM. It was like all m emails
that I deleted, went to another place, and then came back to me like a
dump.
.
.
Right now, my email is not acting the same. For the last 2 months I think,
it's be acting very sloowly. Getting my e-mail. And closing down the email
pop-up window, after my email has ben retreaved, and the pop-up window
stays up for about 30 seconds (like maybe it's sending some things from my
pc to a place on the net or even to my hd, and later, when I'm not expecting
it, it piggybacks on something I'm surfing or emailing. I don't know. All I
do know, is that my email is NOT fast anymores. It's very slow.
.
.
One more thing.. when ever I get an email alert of new messages, and I
go to click on my email button, it does nothing. I can click it several times
and it still does nothing. If I wait a moment and then click it, sometimes,
my email nofity will sound it's chimes (you've got mail) and when I click it,
it still does nothing, or will finally activate the retreave email, but will still
take a while to retreave the email, and close the email box. it's all very
strange, and has me worried. I've run virus checks and things, even adware
and things, but nothing is turning up as a "negative", rather all is green.
.
.
However, there was a time when my browser was constantly pointing to
this Optimizer webpage. Somehow, certain website that I go to, will some
how change my preference (which normally point to my hd .HTML home
page) and point to this Optimizer webpage. So far, I think its stopped now.
But, I still have this strangeness w/ my email.

So, if anyone has ever experience this, pleas let me know. Oh, yes.. here's
the pic (below) :roll:

Thanks,
-vhelp

http://www.digitalfaq.com/archives/error.gif

Here is something else that I find often, though I just say no to when asked by
this dialog box pop-up:

------------------------------------------------------
Win32 Kernal core component (kernel32.dll) is being contacted from remote machine
xxx.nnn.xxx [xxx.xx.xxx.xx] using local port 2007 (DECTALK). Do you want to allow
this program to access the network ?

(YES) .. (NO) .. (DETAIL >>)
------------------------------------------------------

I still have to laugh when people say, "who want's to waist their time buggin a
56k dialup connection ?" and then I see things like this. My answer for now on
should be, "who doesn't ?" What's the difference between a DSL/Cable speed vs.
a slow crowling 56k dial-up when wanting to snoop or snif out things ?? Nothing!!

-vhelp