Fun for your Brain/viruses


Posted by Pippa ® , Apr 29,2002,09:55   Archive
Lots of nice experiments and activities on
Neuroscience for Kids site:
http://faculty.washington.edu/chudler/experi.html -
....go to Brain Games, and Reflexes (the bottom of page).

I have just spent an enjoyable 20 minutes on this site and thought it might entertain and educate some of us (or our children/grandchildren) about the brain. I tried
"Who wants to be a Mill-neuron-aire? "
I got to 32,000 first time round, so I wish it had been for real!


Pippa...who got 3 viruses picked up by her anti virus checker (who quarantined them) and knows of someone who got 60 of them this morning. It is called w32.klez.gen@mm virus. Has anyone else had it? is this a new one?




Recommend Current pageAuthor Profile
Replies to this message


Re: Fun for your Brain/viruses

Re : Fun for your Brain/viruses --- Pippa
Posted by Sally - in - Idaho ® , Apr 30,2002,19:14 Top of Thread Archive
Pippa, how do you know you had the viruses? Does you anti virus checker tell you?

I will have to ask Shirley's husband (my personal computer guy!) about this and what I shuld have.

Sally in North Idaho where there are lots of beautiful daffodils in bloom now. Guess spring is here.




Recommend Original Message Top of Thread Where am I? Current pageAuthor Profile
Re: Fun for your Brain/viruses

Re : Re: Fun for your Brain/viruses --- Sally - in - Idaho
Posted by Pippa ® , Apr 30,2002,19:51 Top of Thread Archive
Yes, my anti virus checker told me I had a virus, that it cannot repair it, and asks me what i want to do about it..it recommends something then, usually to quarantine the virus.
But here is some information that I got about this virus..

Yes my virus checker tells me I have got one and repairs or quarantines it.
This is info about the virus I got from Cloudeight which is a stationery
thingy I get
regularly. You will need to perservere with reading it to the end
though...!

----W32.Klez.E@mm
Discovered on: January 17, 2002
New variants in March and April 2002
Because this virus can come in so many forms, it is important that you do
not open any attachments that are sent to you unless you know for sure the
person it is from meant to send to you. Ask before opening! Also, if you
have an outdated, unpatched version of Outlook Express, you can get forms of
this virus without opening any attachment. Be sure you have the lastest 6.x
version of Internet Explorer/Outlook Express as you are protected from this
virus executing itself from a preview pane or opened mail; if you are using
5.x versions, you need to update or obtain the patch from Microsoft.
Information and a patch for the vulnerability are available at
http://www.microsoft.com/technet/security/bulletin/MS01-020.asp

IMPORTANT! This W32/Klez variant has the ability to spoof the email FROM:
field. The senders address used by the virus, may be one that was found on
the infected user's system. Thus, it may appear that you have received this
virus from one person, when it was actually sent from a different user's
system. Viewing the entire email header will display the actual senders
address. (Information from McAfee website)

Remember, Cloudeight does not send any kind of attachments to any email. As
you can imagine we have been added to hundreds of thousands of personal
address books, and since this virus will take a name at random and put it in
the "from" field of an infected mail, do not trust any attachments even if
you think it is from a reliable source!

Never open an attachment even if the sender is your best friend unless you
were expecting it and you know what it is. Even then you should save it to
your desktop and scan it with an updated anti-virus program before opening
it.

. Do not use email or the Web
without anti-virus software and the latest patches from
http://windowsupdate.microsoft.com/ . If you do you will help spread virus,
Trojans, and worms, and you will stand a good chance of losing all your
files and other data. Please don't take chances. Let's all join together to
be part of the solution and not part of the problem.If you want to check
your system right now, online, free, visit http://housecall.antivirus.com/ .

Information below obtained from Symantec

W32.Klez.E@mm is similar to W32.Klez.A@mm. It is a mass-mailing email worm
that also attempts to copy itself to network shares. The worm uses random
subject lines, message bodies, and attachment file names.

The worm exploits a vulnerability in Microsoft Outlook and Outlook Express
in an attempt to execute itself when you open or even preview the message in
which it is contained. Information and a patch for the vulnerability are
available at
http://www.microsoft.com/technet/security/bulletin/MS01-020.asp.

The worm overwrites files and creates hidden copies of the originals. In
addition, the worm drops the virus W32.Elkern.3587, which is similar to
W32.ElKern.3326.

The worm attempts to disable some common antivirus products and has a
payload which fills files with all zeroes.

****************

Characteristics. Information obtained from Sophos

This worm searches for email address entries in the Windows address book but
uses its own mailing routine.

The email will have the following characteristics:

Subject line: either random or chosen from the list

How are you
Let's be friends
Darling
Don't drink too much
Your password
Honey
Some questions
Please try again
Welcome to my hometown
the Garden of Eden
introduction on ADSL
Meeting notice
Questionnaire
Congratulations
Sos!
japanese girl VS playboy
Look,my beautiful girl friend
Eager to see you
Spice girls' vocal concert
Japanese lass' sexy pictures

Message text: Message text is randomly composed by the worm but the message
can also be without a text.

Attached file: Randomly named with extension .PIF, .SCR, .EXE or .BAT.

The sender address which appears in a message is chosen from a list inside
the worm.

W32/Klez-E attempts to disable several anti-virus products and delete some
anti-virus related files.





Recommend Original Message Top of Thread Where am I? Current pageAuthor Profile