MS security updates or spying?

An annoying problem:
Several days ago I installed a fixed connection to the internet so that I
was finally able to download the latest update for my Office Pro.
Very soon afterwards I received an e-mail with "September 2003, Cumulative
Patch" which "resolves all known security vulnerabilities affecting MS
Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.
A couple of hours later I received another e-mail, this time with "November
2003, Cumulative Patch". When I ran the attached *.exe file, an info popped
up that I didn't need to install it.
That was some 5 days ago. The problem is that now I'm receiving such
messages SEVERAL times a day. The last thing I got was "November 2007,
Cumulative Patch" (yes 2007!). Another one was "February 1980, Cumulative
Patch". They come, however, from different addresses, e.g.:
Microsoft (),
Microsoft Security Bulletin (),
Microsoft Corporation Internet Security Center
(wtsxpeio-).
(At least, such names are shown when I hit the reply button)

What should I think of it? What can I do to stop it?

Moreover, at the same time I started to receive "failure notice" e-mails
informing me that some of "my" e-mails couldn't reach the recipients. The
"unavailable addresses" include:
,
,
,
,
, and many more.
Of course, I didn't send any e-mails to any of these addresses.
Practically all of the "returned e-mails" contain a small *.exe file (ca.
100kB), but I wasn't ambitious enough to run any of them.

I don't get any "typical" spam.

The system that I use is Win XP Home Edition. I had to uninstall the
firewall that I had been using before (Zone Alarm) because it caused some
memory error when I installed the new modem.

Any help?

Robert Foltyn, Poland

Robert Foltyn

In article <bo943q$ndb$>,
says...
> An annoying problem:
> Several days ago I installed a fixed connection to the internet so that I
> was finally able to download the latest update for my Office Pro.
> Very soon afterwards I received an e-mail with "September 2003, Cumulative
> Patch" which "resolves all known security vulnerabilities affecting MS
> Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
> e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.
> A couple of hours later I received another e-mail, this time with "November
> 2003, Cumulative Patch". When I ran the attached *.exe file, an info popped

Microsoft does NOT send updates via email - that's what the Windows
Update function on the browser and on the start bar is for.

Your machine has been compromised by the update you installed - I don't
know which one it was, but your best bet (generic response) is to boot
from a known clean diskette or CD and wipe/format the drive and
reinstall the OS/Apps.

Had you been running an updated anti-virus application you would not
have been infected.

--
--

(Remove 999 to reply to me)

Leythos

Leythos <> wrote in news:MPG.1a11fdc5a69b4551989dbd@news-
server.columbus.rr.com:

> Your machine has been compromised by the update you installed - I don't
> know which one it was, but your best bet (generic response) is to boot
> from a known clean diskette or CD and wipe/format the drive and
> reinstall the OS/Apps.

Anybody who's stupid enough or so far out of it as to actually install one
of these things after all the ink that it's been given probably deserves
what they get.

donutbandit

In article <boa0ic$i2d$>, says...
> Leythos <> wrote in news:MPG.1a11fdc5a69b4551989dbd@news-
> server.columbus.rr.com:
>
> > Your machine has been compromised by the update you installed - I don't
> > know which one it was, but your best bet (generic response) is to boot
> > from a known clean diskette or CD and wipe/format the drive and
> > reinstall the OS/Apps.
>
> Anybody who's stupid enough or so far out of it as to actually install one
> of these things after all the ink that it's been given probably deserves
> what they get.

While those of us in the computer community may sometimes feel as you
pointed out, there are a great many people that only "use" their
computers and have no clue about anything going on in the computer
world.

It does no good to insult them, you have to try and educate them in the
hopes that it will then be taught to their friends.


--
--

(Remove 999 to reply to me)

Leythos

Robert Foltyn wrote:
> An annoying problem:
> Several days ago I installed a fixed connection to the internet so that I
> was finally able to download the latest update for my Office Pro.
> Very soon afterwards I received an e-mail with "September 2003, Cumulative
> Patch" which "resolves all known security vulnerabilities affecting MS
> Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
> e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.
> A couple of hours later I received another e-mail, this time with "November
> 2003, Cumulative Patch". When I ran the attached *.exe file, an info popped
> up that I didn't need to install it.
> That was some 5 days ago. The problem is that now I'm receiving such
> messages SEVERAL times a day. The last thing I got was "November 2007,
> Cumulative Patch" (yes 2007!). Another one was "February 1980, Cumulative
> Patch". They come, however, from different addresses, e.g.:

BBWWHaaaaaaahahahaha!! You have got to be THEE biggest Idiot the world's
every seen!! Hahahahhaaaaaa!! You installed a virus, several times! Now
your computer is sending out viruses in the mail. Tell me, where have
you been for the past 3 months?? When everybody was yelling about
Win32.Swen what did you think they meant? Didn't you pay attention? I
know Windows users are slow, but that one wins the prize, hands down.
Didn't you hear the "News"? (swen | news - gittit?) If I hand you a
hammer, will you hit yourself over the head with it? I guess you
would... wwwwhhhahahahhahah!!


-Bill Gates (really, hahahahah!)

@micro$oft.com

"Robert Foltyn" <> wrote in message news:<bo943q$ndb$>...
> An annoying problem:

Even more annoying, as you've determined by the other helpful posts,
is that you installed a virus.

You might be able to install an anti-virus and clean your system, but
you are much better off archiving your important data and then wiping
the system and reinstalling Windows. Then, install an anti-virus
package before you restore your data to ensure you don't re-infect
your computer.

Free advice:

Microsoft never sends updates or any software by email. Never.

Install and regularly update an anti-virus package. Several exist,
including AVG, McAfee, Norton, F-Secure.

Install and configure a firewall. Hardware is the most effective
against intruders, but a software firewall such as ZoneAlarm, Kerio,
or Sygate, offer application-level inspection and can control your
outbound service.

n1pop@hotmail.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"@micro$oft.com" <""billyboi\"@micro$oft.com"> wrote in message
news:...
> Robert Foltyn wrote:
> > An annoying problem:

<snip Robert's 'accident'>

> BBWWHaaaaaaahahahaha!! You have got to be THEE biggest Idiot the world's
> every seen!!

Not quite, I just saw another.

Regards,

Pete
- --
'War doesn't prove who's right, just who's left.'

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2

iQA/AwUBP6lr7vYt+hJ+PYFrEQJzSQCfeopgIyThuiVTBzEXp7FNho 3BVAoAn33z
QEOcmsA+NEnPX6MFKx69fJ/l
=Nd2f
-----END PGP SIGNATURE-----

Pete-X

"Robert Foltyn" <> writes:

]An annoying problem:
]Several days ago I installed a fixed connection to the internet so that I
]was finally able to download the latest update for my Office Pro.

I assume you got it directly from the Microsoft site.

]Very soon afterwards I received an e-mail with "September 2003, Cumulative

Microsoft NEVER sends out emails with patches. You just installed a
trojan. Erase everything on your drive and reinstall.


]Patch" which "resolves all known security vulnerabilities affecting MS
]Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
]e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.

Stupid. Sorry.

]A couple of hours later I received another e-mail, this time with "November
]2003, Cumulative Patch". When I ran the attached *.exe file, an info popped
]up that I didn't need to install it.
]That was some 5 days ago. The problem is that now I'm receiving such
]messages SEVERAL times a day. The last thing I got was "November 2007,
]Cumulative Patch" (yes 2007!). Another one was "February 1980, Cumulative
]Patch". They come, however, from different addresses, e.g.:
]Microsoft (),
]Microsoft Security Bulletin (),
]Microsoft Corporation Internet Security Center
](wtsxpeio-).
](At least, such names are shown when I hit the reply button)

]What should I think of it? What can I do to stop it?

]Moreover, at the same time I started to receive "failure notice" e-mails
]informing me that some of "my" e-mails couldn't reach the recipients. The
]"unavailable addresses" include:
],
],
],
],
], and many more.
]Of course, I didn't send any e-mails to any of these addresses.
]Practically all of the "returned e-mails" contain a small *.exe file (ca.
]100kB), but I wasn't ambitious enough to run any of them.

YOu did send it. You sent it via your computer and because of the trojan
whcih you installed.


]I don't get any "typical" spam.

Yes. you do. This is a typical spam trojan.

Again, wipe the drive and reinstall. Yes, this is important. Wipe the
drive and reinstall. In the meantime you are infecting other computers
and are contributing to the slowing down of the net, and are making
yourself liable to tort damages from others you harm.

]The system that I use is Win XP Home Edition. I had to uninstall the
]firewall that I had been using before (Zone Alarm) because it caused some
]memory error when I installed the new modem.

]Any help?

Wipe your system and reinstall


]Robert Foltyn, Poland

Bill Unruh

Leythos <> writes:

]In article <boa0ic$i2d$>, says...
]> Leythos <> wrote in news:MPG.1a11fdc5a69b4551989dbd@news-
]> server.columbus.rr.com:
]>
]> > Your machine has been compromised by the update you installed - I don't
]> > know which one it was, but your best bet (generic response) is to boot
]> > from a known clean diskette or CD and wipe/format the drive and
]> > reinstall the OS/Apps.
]>
]> Anybody who's stupid enough or so far out of it as to actually install one
]> of these things after all the ink that it's been given probably deserves
]> what they get.

]While those of us in the computer community may sometimes feel as you
]pointed out, there are a great many people that only "use" their
]computers and have no clue about anything going on in the computer
]world.

]It does no good to insult them, you have to try and educate them in the
]hopes that it will then be taught to their friends.

Also it is not what they get but what all of us get. He is not
proceeding to spread that trojan and other viruses and clogging up the
net.

Bill Unruh

wrote:
> "Robert Foltyn" <> wrote in message news:<bo943q$ndb$>...
>
>>An annoying problem:
>
>
> Even more annoying, as you've determined by the other helpful posts,
> is that you installed a virus.
>
> You might be able to install an anti-virus and clean your system, but
> you are much better off archiving your important data and then wiping
> the system and reinstalling Windows.

You'd be much better off archiving your important data and then wiping
the system and instaling Linux.


> Install and configure a firewall. Hardware is the most effective
> against intruders, but a software firewall such as ZoneAlarm, Kerio,
> or Sygate, offer application-level inspection and can control your
> outbound service.

But all that is for naught- when the user INSTALLS a virus. I've heard
of 'caught a virus' but never 'installed a virus'.

--
-=-=-=-=-=-=-=-=-=Atr2-WBS @ Atr2.Ath.Cx=-=-=-=-=-=-=-=-=-
Mod-SSL / PGP Key / CA Onsite
-{jayjwa} Was I helpful? https://atr2.ath.cx/affero.php
Contact: https://atr2.ath.cx/cgi-bin/ping-jay.cgi
or finger, same name & domain, for plan, projects, $ PGP

Who We Are: https://atr2.ath.cx/who-we-are.html
=-=-=Linux Tough.Powered By Slackware=-=HTTPS/FTP=-RLF#37=

jayjwa