Hey guys,


I wanted to alert you, that there may be a possible Worm/trojan circulating in email.

I received a call from a dear friend a couple of weeks ago. She told me not to open any emails from her.

Sure enough, i received two emails from her..both of them using the word "surprise"

ie: "I have a surprise for you" both mails contained a link..and both mails were obviously not from her. She is very plain spoken..these emails were not her words.

Do not open any mail...even from your friends, that contain the word "surprise" I am fairly certain this is not conficker, but a resurfacing or perhaps re vamped worm introduced in or around 2001..i was researching this last night and lost my word pad due to computer updates.

I have mail in to Mccaffee, and snopes. I will update when i get confirmation.

Most of you are computer savvy..and i know that.

For those who aren't, never open attachments from unknown senders.
This is an important note. If you receive mail from a friend, and it contains an attachment, ask yourself a question..."does this sound like my friend" Tip off here..Friends are usually very personal..if it sounds like a form letter, it probably is. Confirm with your friend first.

Let me explain here how these worms work. When you open an infected mail, (this can also happen from clicking on bogus websites) Then the virus attacks your dll registry, usually in the form of file extensions. What happens next, is that "bug" re sends the virus to everyone on your contact list, either sent or received mail.

That is a short version, but i've already talked your ears off...

People, do be sure your virus protection is adequate. This is not meant to alarm anyone..just to make you aware. I will let you guys know what i find out.

Mark

thanks for the heads up Mark

thank you

I should know something by Monday, i would rather rely on McAfee, but i'll accept Snopes. I do want to reiterate though, that i have not confirmed this. I will though...and i never miss by much.

Thanks for the warning! I hate viruses like that, they are insanely easy to get even if your computer is up to date and you have a firewall 10 miles long.

thanks for letting us know

Thanks for the love Mark.

Thanks for the heads up bro. Good looking out for the herd.

Thank you for the information.

thanks one has to be careful these days

Is it dll.vbs?! The 'Surprise' e-mail bug? Haven't seen that one in years! Suppose it is probably a variant.

Surprise

Hey Mark,

Thanx for the heads~up, babe! ....

Ok, cottage industry lass here ... very bright, yet, alas and alack, a bona fide tech~tard ...

Talk my ears off some more, please ...

What does the bug that remains in my pc continue to do, in this and various other instances ...

I lost a pc once to a BAD guy ...

Shouldn't a firewall theoretically/figuratively run in a circle around your computer? I mean being ten miles long and electrical signal running the speed of light, ten mils ain't sh!t. So maybe a firewall should be ten miles in diameter, or tall, or thick.

Anyhoo, thanx for the warning. Even though people don't even care enough about me to send me a virus, but thanx anyway.

I've not seen one with Surprise in it since about 1990. The easiest way to prevent viruses/worms from getting into your system is to stay logged in under restricted user rights. NOT Administrator.

Virii and worms always operate under the context of the logged in user. If you surf with an account that does not have rights to change system/startup files, and you don't open infected files under an account that has system rights, then you will never get infected.

Of cource a good antivirus/antimalware program and regularly checking what is loaded at startup, and disallowing BHOs in your browser is always good in addition to the then good sense reccomendation of never opening attachments and never clicking OK on a modal dialog box that pops up while surfing. ALT-F4 it, don't even press close because the buttons are defined by the programmer and there can be code attached to the OnClose and BeforeClose events for that dialog that fre when the X is pressed.

good lookin out.

Very informative ...

Uh~oh ... bet I'm in admin, dumbarse ...

Will have to go look up BHO ...networking code?

Not clicking X on pop~ups, BIG TIP, who knew!!???

More, more ... info appetite whetted!

A firewall does nothing to prevent infection from viri/worms. And most firewalls can be defeated by an experienced hacker. ALL a firewall does is watch specific ports (there are 65535 for each interface) and allow/block applications from communicating on them or hackers scanning them from opening them for R/W. Lots of worms and virii manipulate firewalls to allow an app to "talk" on a specific port. Most do this above the physical network layer, routers being the exception, so are easy to defeat by...someone like me. lol

A BHO stands fr Browser Helper Object...like a tolbar add-on or media filter for IE.
Myself and most other systems programmers call them Browser Hijacker Objects. They are application code that runs through your browser..so programmers can do basically whatever they want once you allow them to run.

Also, pressing ALT-F4 will still trigger the BeforeClose and OnClose events for a modal dialog box in any programming language that I know of...in Windows OS. Best to ALT-F4 the IE application that called up the dialog box.

YOu can get a few free tools to remove un-wanted BHOs. AutorunS from www.sysinternals.com. XP-AntiSpy is a great one that I use a lot.