BULLAMANKA-PINHEADS Archives

The listserv where the buildings do the talking

BULLAMANKA-PINHEADS@LISTSERV.ICORS.ORG

Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Dan Becker <[log in to unmask]>
Reply To:
BP - "It's a bit disgusting, but a great experience...." -- Squirrel" <[log in to unmask]>
Date:
Tue, 12 Sep 2000 14:11:12 -0400
Content-Type:
text/plain
Parts/Attachments:
text/plain (59 lines)
> -----Original Message-----
> From: BP - "It's a bit disgusting, but a great experience...." --
> Squirrel [mailto:[log in to unmask]]On Behalf Of
> Lawrence Kestenbaum
> Sent: Tuesday, September 12, 2000 1:49 PM
> To: [log in to unmask]
> Subject: Re: BIG ASS ALERT: DON'T OPEN Sig Tag EMAIL
>
>
> Is this a joke?  The file seemed to be just a plain vanilla JPEG of two
> cherubs.
>
> Of course, even if it were a bug, it couldn't infect my UNIX mail.
> However, I forwarded it to my office account to see what the image was.
> We have all kinds of heavy duty virus protection here at U-M, and opening
> the image didn't set off the scan, or indeed do anything at all, as far as
> I can tell, other than show a pseudo 19th century picture of two cherubs.
>
> Hours have passed since then, and none of my correspondents (including
> many computer geeks) have complained of receiving "I love you" mail from
> me.

I wish it were a hoax.  I confess.  I clicked on it.  (Remember, I'm a Mac
user, and these things don't work on Macs, few do; I'm still adapting to the
Windows environment, and clicked before thinking).

All of the .jpg files on my hard drive are now trashed, having been
converted to .vbs files.  The worm exploits security holes in Microsoft
Outlook.  The thing grabbed my Outlook Address book and began trying to send
everyone an "I Love You" email (I think this happened about an hour after I
clicked it).  Fortunately, I was able to open the outbox (the software is
set up to make server calls periodically, rather than send everything
immediately) and delete all the emails before they were sent.  It also
somehow managed to change my default Internet Exploder start page from
"blank" to substitute a URL (I'll send it to you back channel if you like if
you want to do an IP address analysis on it) that immediately tried to load
itself the next time I opened IE.  Information services has since scrubbed
my machine.  They had not seen this particular permutation of methods to
transmit the worm; apparently there are folks out there constantly fiddling
with it coming up with creative ways to transmit it.  But I was still stupid
to open the attachment.

My VirusScan DAT files were within 5 days of being up to date; however, it
was version 4.03, and I think they are now up to 4.5x.  This may have been
my downfall, I don't know...information services folks didn't tell me.  But
now I'm all way up to date on everything.  When the IS person was working on
trying to clean up my computer, the virus protection software said it was
infected, but that it couldn't clean it, and all the files had to be
deleted.

That's my story today...I've not gotten a lot of productive work done, so
I'll be at the office late tonight if anyone wants to talk more about
this...    :-(
___________________________________________________
Dan Becker,  Executive Director          "What's this? Fan mail
Raleigh Historic                                   from some flounder?"
Districts Commission                           - Bullwinkle J. Moose
[log in to unmask]

ATOM RSS1 RSS2