I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back)

The interesting thing is not that there was a virus the I was almost
sure the was..but how many sites *didn't* find it..

Complete scanning result of "WW_671282.zip", processed in VirusTotal
at 08/12/2008 14:39:39 (CET).

[ file data ]
* name..: WW_671282.zip
* size..: 49434
* md5...: aefa2457dce9214b1349403bba664d12
* sha1..: c4aa3c90299e783113bb5c97d830f15a618bb226
* peid..: -

[ scan result ]
AhnLab-V3 2008.8.12.0/20080812 found nothing
AntiVir 7.8.1.19/20080812 found [TR/Spy.ZBot.DPI]
Authentium 5.1.0.4/20080812 found [W32/Downldr2.DIFW]
Avast 4.8.1195.0/20080811 found nothing
AVG 8.0.0.156/20080812 found [Pakes_c.SH]
BitDefender 7.2/20080812 found [Trojan.Spy.Wsnpoem.GH]
CAT-QuickHeal 9.50/20080811 found nothing
ClamAV 0.93.1/20080812 found [Trojan.Zbot-1936]
DrWeb 4.44.0.09170/20080812 found nothing
eSafe 7.0.17.0/20080811 found nothing
eTrust-Vet 31.6.6027/20080812 found [Win32/Kollah.NG]
Ewido 4.0/20080812 found nothing
F-Prot 4.4.4.56/20080812 found [W32/Downldr2.DIFW]
F-Secure 7.60.13501.0/20080812 found [Trojan-Spy.Win32.Zbot.dvy]
Fortinet 3.14.0.0/20080812 found nothing
GData 2.0.7306.1023/20080812 found [Trojan-Spy.Win32.Zbot.dvy]
Ikarus T3.1.1.34.0/20080812 found [Win32.Outbreak]
K7AntiVirus 7.10.412/20080812 found nothing
Kaspersky 7.0.0.125/20080812 found [Trojan-Spy.Win32.Zbot.dvy]
McAfee 5358/20080811 found nothing
Microsoft 1.3807/20080812 found [PWS:Win32/Zbot.gen!G]
NOD32v2 3348/20080812 found [Win32/Spy.Agent.PZ]
Norman 5.80.02/20080812 found nothing
Panda 9.0.0.4/20080812 found nothing
PCTools 4.4.2.0/20080812 found nothing
Prevx1 V2/20080812 found nothing
Rising 20.57.12.00/20080812 found nothing
Sophos 4.32.0/20080812 found [Troj/Dloadr-BPX]
Sunbelt 3.1.1542.1/20080812 found [Trojan-Spy.Win32.Zbot.gen (v)]
Symantec 10/20080812 found [Trojan.Wsnpoem]
TheHacker 6.2.96.396/20080812 found nothing
TrendMicro 8.700.0.1004/20080812 found [TROJ_DLOADR.IM]
VBA32 3.12.8.3/20080811 found nothing
ViRobot 2008.8.12.1333/20080812 found nothing
VirusBuster 4.5.11.0/20080811 found nothing
Webwasher-Gateway 6.6.2/20080812 found [Win32.NewMalware.PU!59392]

On Tue, 12 Aug 2008 13:50:11 +0100, The Natural Philosopher
wrote:

I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back)

The interesting thing is not that there was a virus the I was almost
sure the was..but how many sites *didn't* find it..

Interesting, but not surprising. Did you read this article
http://resources.zdnet.co.uk/articles/features/0,1000002000,39440184,00.htm:

----- Begin Quote -----

Eva Chen, chief executive of Trend Micro, has strong views about how
effective the antivirus industry has been over the past 20 years.
Show related
articles

According to Chen, the security industry has over-hyped how effective
its products are — and so has been misleading customers — for years.

Chen believes that no single company can offer adequate protection
against the sheer volume of new viruses that are being churned out by
cybercriminals. According to the security industry, five and a half
million new samples were detected in 2007.

----- End Quote -----
--
Martin Jay

The Natural Philosopher wrote:
I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back)

The interesting thing is not that there was a virus the I was
almost sure the was..but how many sites *didn't* find it..

Not that surprising really. If it's a new one, I imagine it'll take a few
days before all the companies become aware of it and update their virus
definition files. Probably if you resubmitted it tomorrow, there would be a
far higher detection rate.

At the end of the day, common sense is your first line of defence against
viruses. You'd have to be a real dweeb to imagine that a file with a name
like "WW_671282.zip" attched to an email *wasn't" a virus.

Tim

Tim Downie wrote:
The Natural Philosopher wrote:
I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back)

The interesting thing is not that there was a virus the I was
almost sure the was..but how many sites *didn't* find it..

Not that surprising really. If it's a new one, I imagine it'll take a few
days before all the companies become aware of it and update their virus
definition files. Probably if you resubmitted it tomorrow, there would be a
far higher detection rate.

At the end of the day, common sense is your first line of defence against
viruses. You'd have to be a real dweeb to imagine that a file with a name
like "WW_671282.zip" attched to an email *wasn't" a virus.

Tim


trouble is the Dweebs live amongst us ,I am working with 300+
programmers and professionals for a Major credit card company and last
week alone we have had 6 different viruses caused by them opening dodgy
emails or surfing weird sites during lunch breaks

--
Kevin R
Reply address works

"Kevin" wrote in message
...

trouble is the Dweebs live amongst us ,I am working with 300+
programmers and professionals for a Major credit card company and last
week alone we have had 6 different viruses caused by them opening dodgy
emails

I just don't see them. I don't know what virus filtering services my ISP
(34sp) uses but pretty well nothing at all ever gets through.

Look, hardly any email uses actually *want* to receive these viruses, surely
to goodness, so why doesn't *every* ISP just silently dump them by default?

--
Tim Ward
Brett Ward Limited - www.brettward.co.uk

On Tue, 12 Aug 2008 13:50:11 +0100, The Natural Philosopher
wrote:

I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back)

I'm surprised it reached there at all...LOL


The interesting thing is not that there was a virus the I was almost
sure the was..but how many sites *didn't* find it..

Tim Downie wrote:
The Natural Philosopher wrote:
I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back)

The interesting thing is not that there was a virus the I was
almost sure the was..but how many sites *didn't* find it..

Not that surprising really. If it's a new one, I imagine it'll take a few
days before all the companies become aware of it and update their virus
definition files. Probably if you resubmitted it tomorrow, there would be a
far higher detection rate.

At the end of the day, common sense is your first line of defence against
viruses. You'd have to be a real dweeb to imagine that a file with a name
like "WW_671282.zip" attched to an email *wasn't" a virus.


Oh, I totally agree.

But this is not a particularly new one I think.
Tim

Trouble is, they are designed to look like something else.

I suspect the OP may have received the same or a similar email to the
one I got this morning, which claimed to be from UPS concerning a
package I had posted a month ago. What I presume was a payload
pretended to be some sort of form 'UPS' wanted me to complete, in a
zip. Fortunately, I haven't posted anything via UPS recently, so I
knew straight away it was spam, and killfiled it.

Recently, I have also received spam pretending to be from Microsoft in
conjunction with one of the phone companies, or perhaps it was the
other way round, saying that I had won a draw for Microsoft website
users. As I do have a Microsoft website ID, and Microsoft do have
some form of relationship with that company, this was potentially
quite convincing, especially as I need the money! Nevertheless I
forwarded the letter to the phone company's CS department to ask if it
was genuine. As I had no reply, I eventually presumed it was fake and
killfiled it.

There have been a number of other such recently, but I can't remember
details now. I think one concerned the National Lottery, or Premium
Bonds, or perhaps there was one of each.

AFAICR the one thing they all had in common was that the email address
of the sender didn't appear to be connected with the company being
impersonated. Accordingly I would advise anyone that receives an
unexpected email to check
1) That the sender's email address is from a domain controlled by the
company/ies purporting to be contacting you - in the Microsoft
example, does it actually come from microsoft.com, or the actual phone
company's domain, rather than just a superficially similar domain
name.
2) Try and learn to check out and understand email headers, so you
can get some sort of idea of the route the mail took to reach you.

Anything you are not convinced of, try and obtain local expert advice.

Anything that definitely doesn't add up, leave well alone.

Also emails are sent unencrypted, and can be trawled as they cross the
net. Never give out anything like bank or other such details to
anyone in an email.

I've even had my mobile number trawled like that - when I emailed it
to someone a few months ago, I started to receive porno texts within
24 hours. I contacted both my phone company's CS and some overview
umbrella organisation explaining the illegal way the number must have
been obtained, and the texts stopped without my ever having to reply
to them, or my being charged for them.

On Tue, 12 Aug 2008 15:26:23 +0100, "Tim Ward"
wrote:

Look, hardly any email uses actually *want* to receive these viruses, surely
to goodness, so why doesn't *every* ISP just silently dump them by default?

The Natural Philosopher wrote:

But this is not a particularly new one I think.

Oh the payload attached to the UPS emails has been changing pretty
rapidly, far faster than some AV vendors update their virus
definitions. Once a day doesn't really cut it any more.

The advice not to follow links or open attachments unless you've
confirmed in some way that they are genuine is much more useful.
Especially as the scam ones like this are getting more convincing.

--
http://lnr.livejournal.com/

Tim Ward wrote:
"Kevin" wrote in message
...

trouble is the Dweebs live amongst us ,I am working with 300+
programmers and professionals for a Major credit card company and last
week alone we have had 6 different viruses caused by them opening dodgy
emails

I just don't see them. I don't know what virus filtering services my ISP
(34sp) uses but pretty well nothing at all ever gets through.

Look, hardly any email uses actually *want* to receive these viruses, surely
to goodness, so why doesn't *every* ISP just silently dump them by default?

thats ok if your ISP knows its a virus, how it differentiates between an
unknown virus and your friend emailing you a holiday video Zipped up is
where the problem lies, do you want your ISP to filter out a wanted
emails because it might be a virus?

--
Kevin R
Reply address works

"Java Jive" wrote in message
news
Trouble is, they are designed to look like something else.

I suspect the OP may have received the same or a similar email to the
one I got this morning, which claimed to be from UPS concerning a
package I had posted a month ago. What I presume was a payload
pretended to be some sort of form 'UPS' wanted me to complete, in a
zip. Fortunately, I haven't posted anything via UPS recently, so I
knew straight away it was spam, and killfiled it.




OH S!!T

I recd. that a few days ago and I opened it as I WAS expecting a
dellivery...

I realised what it was too late ...... :-((((

I then updated AVG and did a full scan which found nowt.
Everythins _seeeeems_ OK, but....

Now what?
Is my Dell going toturn into a pumpkin next Friday the thirtenth?

(Currently rescanning all with updated AVG again....X's fingers

Grrrrrrrrrrrrrr

--

¦zulu¦

The Natural Philosopher wrote:

I received a suspect mail and sent it off to the virus scan site.
: Subject SCAN. This is what they sent back)

The interesting thing is not that there was a virus the I was almost
sure the was..but how many sites *didn't* find it..

That happened to me once. It was a 'rare' virus. Had to do a manual removal
based on a method from one its cousins !

Graham

As long as you didn't open the zip, I *think* you should be ok ...

On Tue, 12 Aug 2008 18:07:02 +0100, "zulu"
wrote:

I recd. that a few days ago and I opened it as I WAS expecting a
dellivery...

[snip]

(Currently rescanning all with updated AVG again....X's fingers

"Java Jive" wrote in message
...
As long as you didn't open the zip, I *think* you should be ok ...


Darned if I can remember now... )

AVG is still scanning.
gulp


--

¦zulu¦

"Kevin" wrote in message
...

thats ok if your ISP knows its a virus, how it differentiates between an
unknown virus and your friend emailing you a holiday video

Dunno, but they seem to be good at it.

Zipped up is where the problem lies,

Ah, well, they've got this clever trick, see, have had for years, which is
to look *inside* an archive. (Any worthwhile virus scanner does that.)

--
Tim Ward - posting as an individual unless otherwise clear
Brett Ward Limited - www.brettward.co.uk
Cambridge Accommodation Notice Board - www.brettward.co.uk/canb
Cambridge City Councillor

"Brian Morrison" wrote in message
k...

What happens when a weird attachment arrives that you need just happens
to resemble a virus and is silently binned?

Yup, a real risk.

Which so far as I know (and therefore so far as matters to me) has never
happened.

So that's fine then.

--
Tim Ward - posting as an individual unless otherwise clear
Brett Ward Limited - www.brettward.co.uk
Cambridge Accommodation Notice Board - www.brettward.co.uk/canb
Cambridge City Councillor

On Tue, 12 Aug 2008 19:59:40 +0100, Tim Ward passed an empty day by
writing:

"Kevin" wrote in message
...

thats ok if your ISP knows its a virus, how it differentiates between
an unknown virus and your friend emailing you a holiday video

Dunno, but they seem to be good at it.

Zipped up is where the problem lies,

Ah, well, they've got this clever trick, see, have had for years, which
is to look *inside* an archive. (Any worthwhile virus scanner does
that.)

A great many gateway scanners use clamav - no doubt because it is free,
and it's been looking in archives for a long time. AFAIR it is also able
to deal with password protected archives and even tell the difference
between a spoofed file extension because of the mime type (that is a .exe
that has been rename to .jpg). It does depend on how the gateway scanner
is set up mind you.

Only problem is Trend have been trying to make a few people **** the bed
as far as clamav is concerned, but that is a different story.

The thing is malware (or Window$ self-distributing freeware as I call it)
should not be the responsibility of your ISP. Even the best scanners can
be spoofed by telneting directly into an ISP's server and dumping a virus
on in for a local user by injecting it in base64. You need to be guarding
at your own gateway for this.


--
powered by Linux - *******ized by Window$ -

"Klunk" wrote in message
...

The thing is malware (or Window$ self-distributing freeware as I call it)
should not be the responsibility of your ISP.

That, surely to goodness, is a matter for grown-ups to arrange between
themselves. My ISP chooses to offer this service, and I choose to buy it.
Neither of us needs anybody else telling us that it's "not [his]
responsibility".

--
Tim Ward - posting as an individual unless otherwise clear
Brett Ward Limited - www.brettward.co.uk
Cambridge Accommodation Notice Board - www.brettward.co.uk/canb
Cambridge City Councillor

Tim Ward wrote:
"Kevin" wrote in message
...
thats ok if your ISP knows its a virus, how it differentiates between an
unknown virus and your friend emailing you a holiday video

Dunno, but they seem to be good at it.

Zipped up is where the problem lies,

Ah, well, they've got this clever trick, see, have had for years, which is
to look *inside* an archive. (Any worthwhile virus scanner does that.)

trouble is most users have no idea what a virus is or can do and don't
use firewalls or virus scanners, they think that the windows must be
safe as Microsoft would not sell a insecure system would they???, and
these people do exist as I have been asked to fix their pc's

--
Kevin R
Reply address works

The interesting thing is not that there was a virus the I was almost
sure the was..but how many sites *didn't* find it..

For everyone else, there are a couple of similar sites that do
comparative testing, such as...

http://virusscan.jotti.org

http://www.av-comparatives.org is also useful for checking out the
relative strength of an updated and un-updated machine.

trouble is the Dweebs live amongst us ,I am working with 300+
programmers and professionals for a Major credit card company and last
week alone we have had 6 different viruses caused by them opening dodgy
emails or surfing weird sites during lunch breaks

I'd have to query the accessibility of the machines if it's that
prevalent - let me guess, your site uses IE, allows activex, and uses
an old version of java ?

Perhaps it's time to treat them like babies - given the offenders a
linux box, and add site filtering software to everything else (like K9
web protection)

AVG is still scanning.
gulp

If you're stuck, check out some of the links on my site -
http://www.coreutilities.co.uk

Start with Sysclean (kill AVG temporarily first), and scan with Spybot
S&D as well once you're done.

If you're not sure if the system is clean, try to stay offline for 2-3
days to let the virus signatures catch up, then download the latest
sigs / spyware definitions from another machine and install them with
your main system remaining offline.

I've just had to do this for a colleagues' fathers laptop - an initial
scan showed 18 viruses, mainly of the bank account stealing sort, and
another 20 traces of the same appeared in Spybot S&D.

A scan a couple of days later came up with a couple more things, but
these seemed to have been rendered useless by the earlier scans.

"Colin Wilson" o.uk wrote
in message g...

let me guess, your site uses ... an old version of java ?

Given that there are different bugs in different versions of Java, and even
when there aren't "bugs" that can be proven as such there are
incompatibilities, you sometimes need different versions of Java in order to
be able to run different applications.

If you're *very* unlucky this means each machine needs several versions of
Java, and each user needs to be adept at spotting when an application is
trying to run with the wrong version and fixing it. More common is the
situation that you find a version of Java that works for most of your users
most of the time ... but it's quite likely not the latest one, given the
application development and upgrade cycle times, hence people using "an old
version of Java" for extremely good reasons is not going to be uncommon.

--
Tim Ward - posting as an individual unless otherwise clear
Brett Ward Limited - www.brettward.co.uk
Cambridge Accommodation Notice Board - www.brettward.co.uk/canb
Cambridge City Councillor

you sometimes need different versions of Java in order to be
able to run different applications.

Although I don't use java heavily, I don't recall a single application
written using the official (non-microsoft-*******ised-pseudo-java)
version not working with the latest release :-}

Sadly, our place is keen to use activex and *******ised-non-java-java
for almost everything from intranet to bespoke applications :-/

....and yes, now we find ourselves in the same situation where we need
to have java switchers in place to run what I warned them about years
ago.

Speak of the devil, and he comes and cr*ps on your shoulder ...


--- On Wed, 13/8/08,
wrote:

-----Inline Attachment Follows-----
From:
Subject: Congratulation, You Have Won £800,000.00!!!
To:
Date: Wednesday, 13 August, 2008, 12:31 AM

Dear Winner,

This is to officially notify you that youremail
address officially emerged and wonthe sum of £800,000GBP
(Eight HundredThousand British Pounds Sterling) in theOnline
Irish Gaming Board Programme.

For more information on how
toredeem your prize, You are to replyto your claims agent
with theinformation below as soon as you receive this
notification.
NAME: Mr. Terry
ColeE-mail:
INFORMATION FOR CLAIMS
1. Full Names:
2. Address:
3. Phone numbers:
4. Country:

Your's Truly
(Promotions Co-ordinator)Copyright © 2008 Irish
NationalLottery Inc.

Note:

eMail purports to be from Irish Gaming Board, but comes from
optonline.net domain, which is just another ISP, and I should reply to
hotmail domain, which one of the most easily abused online email
systems, in that they make only minimal, if any, provenance checks.

Split infinitive, wouldn't mean anything the other side of the pond,
but bad English this side, capital Y in middle of sentence, Your's
instead of yours.

Mail contains attachment the purpose of which is not mentioned in
text.

So virus spam, I think. Pity, I could have done with £800,000.

On Tue, 12 Aug 2008 16:58:21 +0100, Java Jive wrote:

Trouble is, they are designed to look like something else.
[snip]
There have been a number of other such recently, but I can't remember
details now. I think one concerned the National Lottery, or Premium
Bonds, or perhaps there was one of each.

AFAICR the one thing they all had in common was that the email address
of the sender didn't appear to be connected with the company being
impersonated.

The Natural Philosopher wrote:
I received a suspect mail and sent it off to the virus scan site

Had the same, it's due to your computer being infected by a virus BEFORE
the email.

Assuming your replies, this is a troll, but,

Boot a live CD and scan.

Ask for more help on this, or better yet, Google and learn a ****-load.

Cork Soaker wrote:
The Natural Philosopher wrote:
I received a suspect mail and sent it off to the virus scan site

Had the same, it's due to your computer being infected by a virus BEFORE
the email.

Assuming your replies, this is a troll, but,

Boot a live CD and scan.

Ask for more help on this, or better yet, Google and learn a ****-load.

Oh dear.

This idiot isn't killfiled here.

Didn't you bother to see I was posting on a Mac, and it couldn't e
infected with a windws virus?

"Colin Wilson" o.uk wrote
in message g...
you sometimes need different versions of Java in order to be
able to run different applications.

Although I don't use java heavily, I don't recall a single application
written using the official (non-microsoft-*******ised-pseudo-java)
version not working with the latest release :-}

Sadly, our place is keen to use activex and *******ised-non-java-java
for almost everything from intranet to bespoke applications :-/

How are they doing that? M$ dumped their java like language years ago.
You can't download the engine or any fixes from M$.
You can't get a license to run their engine so its probably illegal if you
are.
All the existing licenses were revoked IIRC.


...and yes, now we find ourselves in the same situation where we need
to have java switchers in place to run what I warned them about years
ago.

zulu wrote:

I recd. that a few days ago and I opened it as I WAS expecting a
dellivery...

I realised what it was too late ...... :-((((

I then updated AVG and did a full scan which found nowt.
Everythins _seeeeems_ OK, but....

With the virus that was in the first batch of emails you'd have known if
you ran the program in the zip file as the machine would have
immediately rebooted. It's not clear if the later ones work in exactly
the same way, but I suspect it's similar.

Spybot S&D is quite good at detecting and removing things, and you
probably need something like it to remove actual infections rather than
just relying on your usual AV software, which is better for detection
and prevention.

http://www.safer-networking.org/

--
http://lnr.livejournal.com/

Eleanor Blair wrote:
zulu wrote:

I recd. that a few days ago and I opened it as I WAS expecting a
dellivery...

I realised what it was too late ...... :-((((

I then updated AVG and did a full scan which found nowt.
Everythins _seeeeems_ OK, but....

With the virus that was in the first batch of emails you'd have known
if you ran the program in the zip file as the machine would have
immediately rebooted. It's not clear if the later ones work in
exactly the same way, but I suspect it's similar.

Spybot S&D is quite good at detecting and removing things, and you
probably need something like it to remove actual infections rather
than just relying on your usual AV software, which is better for
detection and prevention.

http://www.safer-networking.org/

I know it isn't free, but how well to you rate Troan Hunter?
http://www.misec.net/trojanhunter/
--
Heard melodies are sweet, but those Unheard are sweeter
FN 2°°8 +, Mungo Brandybuck of Buckland

Flyiñg Ñuñ 2°°8 + wrote:

I know it isn't free, but how well to you rate Troan Hunter?
http://www.misec.net/trojanhunter/

I don't know it personally, and it's not one of the ones explicitly
suggested by the University's Technical User Support team, but that may
just be because it's not free. Sorry I can't help.

--
http://lnr.livejournal.com/

On Tue, 12 Aug 2008 23:38:24 +0100, Colin Wilson wrote:

you sometimes need different versions of Java in order to be
able to run different applications.

Although I don't use java heavily, I don't recall a single application
written using the official (non-microsoft-*******ised-pseudo-java)
version not working with the latest release :-}

I've seen it happen a few times...

I can't help thinking something like VMWare would help with situations
like this, though - with disk space and memory being as cheap as it is,
it's easy to keep a few virtual images around with different
configurations and trivial to roll things back to a 'known-good' snapshot.
Run any untrusted apps under the virtual image, but save user data
somewhere under the host OS.

cheers

Jules

On Tue, 12 Aug 2008 20:00:58 +0100, Tim Ward wrote:

"Brian Morrison" wrote in message
k...

What happens when a weird attachment arrives that you need just happens
to resemble a virus and is silently binned?

Yup, a real risk.

It seems acceptable to me though, providing such things aren't silently
binned but can be retrieved from the ISP on a case-by-case basis (in a
similar way I tend to scan my junk mail folder a couple of times a week
before clearing it out - every once in a while there's something
legitimate in there)

cheers

Jules

Brian Morrison wrote:
"Tim Ward" wrote:

Look, hardly any email uses actually *want* to receive these viruses, surely
to goodness, so why doesn't *every* ISP just silently dump them by default?

What happens when a weird attachment arrives that you need just happens
to resemble a virus and is silently binned?

It's possible to set things up so that legitimate messages sent from
standards-compliant sites never disappear silently even when they trigger
the anti-virus filter, and without causing any collateral spam or backscatter.

Tony.
--
f.anthony.n.finch http://dotat.at/
BISCAY FITZROY SOLE: WESTERLY 6 TO GALE 8, OCCASIONALLY SEVERE GALE 9 IN SOLE.
ROUGH OR VERY ROUGH, OCCASIONALLY HIGH. SQUALLY SHOWERS. MODERATE OR GOOD.

Sadly, our place is keen to use activex and *******ised-non-java-java
for almost everything from intranet to bespoke applications :-/
How are they doing that? M$ dumped their java like language years ago.
You can't download the engine or any fixes from M$.
You can't get a license to run their engine so its probably illegal if you
are.
All the existing licenses were revoked IIRC.

Who knows - sadly, I could care less right now, we've just been
informed they're rolling out another image to all machines, which if
it's anything like the last one they did, it'll kill all USB
functionality (not a lot of use when you have users who need to get
pictures off digital cameras regularly).

AFAIK I was the only one thinking straight and got a card reader a few
years ago - they were still trying to force us to use smartmedia via
one of the Sandisk Flashpath floppy device adaptors...

Hell, if it's anything like my existing install, it'll take 25-30
minutes to boot minimum (it's not a particularly slow machine either)

I can't help thinking something like VMWare would help with situations
like this

Been there, suggested that.

On Tue, 12 Aug 2008 20:38:56 +0100, Tim Ward passed an empty day by
writing:

"Klunk" wrote in message
...

The thing is malware (or Window$ self-distributing freeware as I call
it) should not be the responsibility of your ISP.

That, surely to goodness, is a matter for grown-ups to arrange between
themselves. My ISP chooses to offer this service, and I choose to buy
it. Neither of us needs anybody else telling us that it's "not [his]
responsibility".

It's your system and you are free as a 'grown up' to take you own
approach. It is one thing to let a virus pass on to a customer, it is
another for that customer to take responsibility for his or her actions
on opening it.

--
powered by Linux - *******ized by Window$ -

On Wed, 13 Aug 2008 22:46:37 +0100, Brian Morrison wrote:

On Wed, 13 Aug 2008 08:35:18 -0500
Jules wrote:

On Tue, 12 Aug 2008 20:00:58 +0100, Tim Ward wrote:

"Brian Morrison" wrote in message
k...

What happens when a weird attachment arrives that you need just happens
to resemble a virus and is silently binned?

Yup, a real risk.

It seems acceptable to me though, providing such things aren't silently
binned but can be retrieved from the ISP on a case-by-case basis (in a
similar way I tend to scan my junk mail folder a couple of times a week
before clearing it out - every once in a while there's something
legitimate in there)

Well, you are of course free to do as you both please, and have
obviously considered whether the risk is acceptable to you.

Well, I would assume that any ISP-run scheme has a complete opt-out. It's
just that the OS vendors don't seem to be doing anything much to make
their products more secure, the end users seem to be, on the whole,
utterly clueless, and there are just so many new virus variations per day
that it's hard for them to keep up anyway.

I just think that putting the technology in at the ISPs might be the only
route left - and that it might take quite a bit of effort initially,
but if every ISP were doing it the problem would eventually go away
anyway as there's be no incentive to write viruses (or spam) in the
first place.

I decided I was happy to run virus scanners on the mail server and on
the Windows PCs to give more defence in depth, so that's fine with me.

Not running Windows helps me a lot with the defence side of course, but
what really annoys me is that someone out there feels the need to send
me this crap in the first place - hence screening it further upstream
would seem like a nice idea...

Everyone aware of their own risks, and happy.

Except that by and large, they aren't aware...

cheers

J.

Kevin wrote:

trouble is the Dweebs live amongst us ,I am working with 300+
programmers and professionals for a Major credit card company and last
week alone we have had 6 different viruses caused by them opening dodgy
emails or surfing weird sites during lunch breaks


Which is probably why my Bank when ape-sh*t yesterday and called me to
cancel my VISA card *even* due to the fact there had been no funny
transactions recorded on it. Not convienient for me as I'm travelling
soon :-(

--
Adrian C

Kevin wrote:

trouble is the Dweebs live amongst us ,I am working with 300+
programmers and professionals for a Major credit card company and last
week alone we have had 6 different viruses caused by them opening dodgy
emails or surfing weird sites during lunch breaks


Nice one. I have a very good friend who works for a very well known anti-
virus company. The support staff have a document to follow if a virus is
sent in that has not been identified. Would you believe it reads;

"First of all confirm the file is a virus."

How do you think they have been doing this? Why, by opening them and
running them on their windows desktops and looking to see if the AV
(which never caught it in the first place, hence why the customer has
submitted it) detects it.

You could not make this up if you tried.

--
powered by Linux - *******ized by Window$ -