| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 25665 | 2002-10-09 04:55:00 | Bugbear Worm | eef2 (1904) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 87437 | 2002-10-09 04:55:00 | On reading up on the above, I understand that one characteristic of this infection is that it installs an .exe file in the windows/system directory and one in the startup directory. In windows, is there any way to set a pre-filter not to accept any .exe files therein? If so, then wouldn't this be a good protection from this virus now rated 4 out of 5 on the dangerous scale? |
eef2 (1904) | ||
| 87438 | 2002-10-09 05:05:00 | Apart from AntiVirus software activity, not aware of any . It would prevent any software ever being installed as well, not ideal . As always, diligent updating of AV definitions prevails . |
godfather (25) | ||
| 87439 | 2002-10-09 05:35:00 | Download Mailwasher (www.mailwasher.net) and you will be able to read all your emails off the server (before you download to OE) then you will be able to bounce any that might look a bit on the weird side. Usually the Bugbear emails contain a rather nonsensicle message with info that will be completely meaningless. I got one the other day with a rather silly "review" of some poor sods funeral. BALDY:-) |
Baldy (26) | ||
| 87440 | 2002-10-09 06:32:00 | Thanks, guys. I do these things: 1. Continually update my AV software 2. Never use OE - only Netscape's mail client. 3. Have downloaded and use mailwasher - (do I ever need it with Netscape?) 4. Have searched Windows directory and all subfolders and found no .exe files 5. Am aware that Windows/temp will, now and then, contain .exe files when downloading new installed programmes. 6.Left wondering why windows/temp couln't be excluded from a batch or script file that would ban .exe files from windows. |
eef2 (1904) | ||
| 87441 | 2002-10-09 07:59:00 | I use Outpost for my firewall and there is an option in it to filter email attachments. This means that if certain specified attachments come in you can set Outpost to warn you. It is customisable as to what the attachments are. It is only for emails though. So far I haven't been warned and I'm not sure if that's a good thing or a bad thing! :O |
Susan B (19) | ||
| 87442 | 2002-10-09 08:24:00 | Sorry, guys. Ignore 4,5,,& 6 from my last post - I found 117 *.exe files in windows/system directory alone :8} Hmmm - interesting re outpost - could filter *.exe attachments, huh? |
eef2 (1904) | ||
| 87443 | 2002-10-09 08:32:00 | 2 of them only were 4 letter ones (typical of Bugbear) - both eliminated as suspect by selected virus scan updated 4th October via Ontrack. | eef2 (1904) | ||
| 87444 | 2002-10-09 08:56:00 | Extensions with .exe are not the only ones associated with this virus it also uses .scr and .pif It is easy to see the file extension without opening the attachment, just delete it. If you want to send .exe attachments straight to Trash just set up a Message Filter (Edit Message Filters) and set it to trash any mail with .exe in the body of the mail and you will never see it in your inbox. Bear in mind though that if anyone sends you a genuine .exe attachment you will not see it. |
Jim B (153) | ||
| 87445 | 2002-10-09 09:12:00 | *Done* - Thanks, Jim B :) | eef2 (1904) | ||
| 87446 | 2002-10-09 10:48:00 | I have been sent two copies of bugbear so far and they went straight through Outpost even though it was set to catch .scr extensions. It did successfully catch all the test files I tried that used .vbs extensions so it may have been the way the message was encoded (running Eudora Lite 3.0 with the AVG plug-in). What would be great is if there was an e-mail programme that supported filters based on file extenstions, but unfortunatly there weren't last time I looked. |
bmason (508) | ||
| 1 2 | |||||