MS security updates or spying?

Discussion in 'Computer Security' started by Robert Foltyn, Nov 4, 2003.

  1. An annoying problem:
    Several days ago I installed a fixed connection to the internet so that I
    was finally able to download the latest update for my Office Pro.
    Very soon afterwards I received an e-mail with "September 2003, Cumulative
    Patch" which "resolves all known security vulnerabilities affecting MS
    Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
    e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.
    A couple of hours later I received another e-mail, this time with "November
    2003, Cumulative Patch". When I ran the attached *.exe file, an info popped
    up that I didn't need to install it.
    That was some 5 days ago. The problem is that now I'm receiving such
    messages SEVERAL times a day. The last thing I got was "November 2007,
    Cumulative Patch" (yes 2007!). Another one was "February 1980, Cumulative
    Patch". They come, however, from different addresses, e.g.:
    Microsoft (),
    Microsoft Security Bulletin (),
    Microsoft Corporation Internet Security Center
    ().
    (At least, such names are shown when I hit the reply button)

    What should I think of it? What can I do to stop it?

    Moreover, at the same time I started to receive "failure notice" e-mails
    informing me that some of "my" e-mails couldn't reach the recipients. The
    "unavailable addresses" include:
    ,
    ,
    ,
    ,
    , and many more.
    Of course, I didn't send any e-mails to any of these addresses.
    Practically all of the "returned e-mails" contain a small *.exe file (ca.
    100kB), but I wasn't ambitious enough to run any of them.

    I don't get any "typical" spam.

    The system that I use is Win XP Home Edition. I had to uninstall the
    firewall that I had been using before (Zone Alarm) because it caused some
    memory error when I installed the new modem.

    Any help?

    Robert Foltyn, Poland
     
    Robert Foltyn, Nov 4, 2003
    #1
    1. Advertising

  2. Robert Foltyn

    Leythos Guest

    In article <bo943q$ndb$>,
    says...
    > An annoying problem:
    > Several days ago I installed a fixed connection to the internet so that I
    > was finally able to download the latest update for my Office Pro.
    > Very soon afterwards I received an e-mail with "September 2003, Cumulative
    > Patch" which "resolves all known security vulnerabilities affecting MS
    > Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
    > e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.
    > A couple of hours later I received another e-mail, this time with "November
    > 2003, Cumulative Patch". When I ran the attached *.exe file, an info popped


    Microsoft does NOT send updates via email - that's what the Windows
    Update function on the browser and on the start bar is for.

    Your machine has been compromised by the update you installed - I don't
    know which one it was, but your best bet (generic response) is to boot
    from a known clean diskette or CD and wipe/format the drive and
    reinstall the OS/Apps.

    Had you been running an updated anti-virus application you would not
    have been infected.

    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Nov 4, 2003
    #2
    1. Advertising

  3. Robert Foltyn

    donutbandit Guest

    Leythos <> wrote in news:MPG.1a11fdc5a69b4551989dbd@news-
    server.columbus.rr.com:

    > Your machine has been compromised by the update you installed - I don't
    > know which one it was, but your best bet (generic response) is to boot
    > from a known clean diskette or CD and wipe/format the drive and
    > reinstall the OS/Apps.


    Anybody who's stupid enough or so far out of it as to actually install one
    of these things after all the ink that it's been given probably deserves
    what they get.
     
    donutbandit, Nov 5, 2003
    #3
  4. Robert Foltyn

    Leythos Guest

    In article <boa0ic$i2d$>, says...
    > Leythos <> wrote in news:MPG.1a11fdc5a69b4551989dbd@news-
    > server.columbus.rr.com:
    >
    > > Your machine has been compromised by the update you installed - I don't
    > > know which one it was, but your best bet (generic response) is to boot
    > > from a known clean diskette or CD and wipe/format the drive and
    > > reinstall the OS/Apps.

    >
    > Anybody who's stupid enough or so far out of it as to actually install one
    > of these things after all the ink that it's been given probably deserves
    > what they get.


    While those of us in the computer community may sometimes feel as you
    pointed out, there are a great many people that only "use" their
    computers and have no clue about anything going on in the computer
    world.

    It does no good to insult them, you have to try and educate them in the
    hopes that it will then be taught to their friends.


    --
    --

    (Remove 999 to reply to me)
     
    Leythos, Nov 5, 2003
    #4
  5. Robert Foltyn wrote:
    > An annoying problem:
    > Several days ago I installed a fixed connection to the internet so that I
    > was finally able to download the latest update for my Office Pro.
    > Very soon afterwards I received an e-mail with "September 2003, Cumulative
    > Patch" which "resolves all known security vulnerabilities affecting MS
    > Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
    > e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.
    > A couple of hours later I received another e-mail, this time with "November
    > 2003, Cumulative Patch". When I ran the attached *.exe file, an info popped
    > up that I didn't need to install it.
    > That was some 5 days ago. The problem is that now I'm receiving such
    > messages SEVERAL times a day. The last thing I got was "November 2007,
    > Cumulative Patch" (yes 2007!). Another one was "February 1980, Cumulative
    > Patch". They come, however, from different addresses, e.g.:


    BBWWHaaaaaaahahahaha!! You have got to be THEE biggest Idiot the world's
    every seen!! Hahahahhaaaaaa!! You installed a virus, several times! Now
    your computer is sending out viruses in the mail. Tell me, where have
    you been for the past 3 months?? When everybody was yelling about
    Win32.Swen what did you think they meant? Didn't you pay attention? I
    know Windows users are slow, but that one wins the prize, hands down.
    Didn't you hear the "News"? (swen | news - gittit?) If I hand you a
    hammer, will you hit yourself over the head with it? I guess you
    would... wwwwhhhahahahhahah!!


    -Bill Gates (really, hahahahah!)
     
    @micro$oft.com, Nov 5, 2003
    #5
  6. Robert Foltyn

    Guest

    "Robert Foltyn" <> wrote in message news:<bo943q$ndb$>...
    > An annoying problem:


    Even more annoying, as you've determined by the other helpful posts,
    is that you installed a virus.

    You might be able to install an anti-virus and clean your system, but
    you are much better off archiving your important data and then wiping
    the system and reinstalling Windows. Then, install an anti-virus
    package before you restore your data to ensure you don't re-infect
    your computer.

    Free advice:

    Microsoft never sends updates or any software by email. Never.

    Install and regularly update an anti-virus package. Several exist,
    including AVG, McAfee, Norton, F-Secure.

    Install and configure a firewall. Hardware is the most effective
    against intruders, but a software firewall such as ZoneAlarm, Kerio,
    or Sygate, offer application-level inspection and can control your
    outbound service.
     
    , Nov 5, 2003
    #6
  7. Robert Foltyn

    Pete-X Guest

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    "@micro$oft.com" <""billyboi\"@micro$oft.com"> wrote in message
    news:...
    > Robert Foltyn wrote:
    > > An annoying problem:


    <snip Robert's 'accident'>

    > BBWWHaaaaaaahahahaha!! You have got to be THEE biggest Idiot the world's
    > every seen!!


    Not quite, I just saw another.

    Regards,

    Pete
    - --
    'War doesn't prove who's right, just who's left.'

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0.2

    iQA/AwUBP6lr7vYt+hJ+PYFrEQJzSQCfeopgIyThuiVTBzEXp7FNho3BVAoAn33z
    QEOcmsA+NEnPX6MFKx69fJ/l
    =Nd2f
    -----END PGP SIGNATURE-----
     
    Pete-X, Nov 5, 2003
    #7
  8. Robert Foltyn

    Bill Unruh Guest

    "Robert Foltyn" <> writes:

    ]An annoying problem:
    ]Several days ago I installed a fixed connection to the internet so that I
    ]was finally able to download the latest update for my Office Pro.

    I assume you got it directly from the Microsoft site.

    ]Very soon afterwards I received an e-mail with "September 2003, Cumulative

    Microsoft NEVER sends out emails with patches. You just installed a
    trojan. Erase everything on your drive and reinstall.


    ]Patch" which "resolves all known security vulnerabilities affecting MS
    ]Internet Explorer, MS Outlook and MS Outlook Express" - quotes from the
    ]e-mail. An *.exe file was attached, I ran it, and, apparently, all was fine.

    Stupid. Sorry.

    ]A couple of hours later I received another e-mail, this time with "November
    ]2003, Cumulative Patch". When I ran the attached *.exe file, an info popped
    ]up that I didn't need to install it.
    ]That was some 5 days ago. The problem is that now I'm receiving such
    ]messages SEVERAL times a day. The last thing I got was "November 2007,
    ]Cumulative Patch" (yes 2007!). Another one was "February 1980, Cumulative
    ]Patch". They come, however, from different addresses, e.g.:
    ]Microsoft (),
    ]Microsoft Security Bulletin (),
    ]Microsoft Corporation Internet Security Center
    ]().
    ](At least, such names are shown when I hit the reply button)

    ]What should I think of it? What can I do to stop it?

    ]Moreover, at the same time I started to receive "failure notice" e-mails
    ]informing me that some of "my" e-mails couldn't reach the recipients. The
    ]"unavailable addresses" include:
    ],
    ],
    ],
    ],
    ], and many more.
    ]Of course, I didn't send any e-mails to any of these addresses.
    ]Practically all of the "returned e-mails" contain a small *.exe file (ca.
    ]100kB), but I wasn't ambitious enough to run any of them.

    YOu did send it. You sent it via your computer and because of the trojan
    whcih you installed.


    ]I don't get any "typical" spam.

    Yes. you do. This is a typical spam trojan.

    Again, wipe the drive and reinstall. Yes, this is important. Wipe the
    drive and reinstall. In the meantime you are infecting other computers
    and are contributing to the slowing down of the net, and are making
    yourself liable to tort damages from others you harm.

    ]The system that I use is Win XP Home Edition. I had to uninstall the
    ]firewall that I had been using before (Zone Alarm) because it caused some
    ]memory error when I installed the new modem.

    ]Any help?

    Wipe your system and reinstall


    ]Robert Foltyn, Poland
     
    Bill Unruh, Nov 6, 2003
    #8
  9. Robert Foltyn

    Bill Unruh Guest

    Leythos <> writes:

    ]In article <boa0ic$i2d$>, says...
    ]> Leythos <> wrote in news:MPG.1a11fdc5a69b4551989dbd@news-
    ]> server.columbus.rr.com:
    ]>
    ]> > Your machine has been compromised by the update you installed - I don't
    ]> > know which one it was, but your best bet (generic response) is to boot
    ]> > from a known clean diskette or CD and wipe/format the drive and
    ]> > reinstall the OS/Apps.
    ]>
    ]> Anybody who's stupid enough or so far out of it as to actually install one
    ]> of these things after all the ink that it's been given probably deserves
    ]> what they get.

    ]While those of us in the computer community may sometimes feel as you
    ]pointed out, there are a great many people that only "use" their
    ]computers and have no clue about anything going on in the computer
    ]world.

    ]It does no good to insult them, you have to try and educate them in the
    ]hopes that it will then be taught to their friends.

    Also it is not what they get but what all of us get. He is not
    proceeding to spread that trojan and other viruses and clogging up the
    net.
     
    Bill Unruh, Nov 6, 2003
    #9
  10. Robert Foltyn

    jayjwa Guest

    wrote:
    > "Robert Foltyn" <> wrote in message news:<bo943q$ndb$>...
    >
    >>An annoying problem:

    >
    >
    > Even more annoying, as you've determined by the other helpful posts,
    > is that you installed a virus.
    >
    > You might be able to install an anti-virus and clean your system, but
    > you are much better off archiving your important data and then wiping
    > the system and reinstalling Windows.


    You'd be much better off archiving your important data and then wiping
    the system and instaling Linux.


    > Install and configure a firewall. Hardware is the most effective
    > against intruders, but a software firewall such as ZoneAlarm, Kerio,
    > or Sygate, offer application-level inspection and can control your
    > outbound service.


    But all that is for naught- when the user INSTALLS a virus. I've heard
    of 'caught a virus' but never 'installed a virus'.

    --
    -=-=-=-=-=-=-=-=-=Atr2-WBS @ Atr2.Ath.Cx=-=-=-=-=-=-=-=-=-
    Mod-SSL / PGP Key / CA Onsite
    -{jayjwa} Was I helpful? https://atr2.ath.cx/affero.php
    Contact: https://atr2.ath.cx/cgi-bin/ping-jay.cgi
    or finger, same name & domain, for plan, projects, $ PGP

    Who We Are: https://atr2.ath.cx/who-we-are.html
    =-=-=Linux Tough.Powered By Slackware=-=HTTPS/FTP=-RLF#37=
     
    jayjwa, Nov 7, 2003
    #10
  11. Robert Foltyn

    Jim Watt Guest

    On Fri, 07 Nov 2003 04:12:06 -0500, jayjwa
    <> wrote:

    >
    >You'd be much better off archiving your important data and then wiping
    >the system and instaling Linux.


    except that most of his software would not run ...
    --
    Jim Watt http://www.gibnet.com
     
    Jim Watt, Nov 7, 2003
    #11
  12. Robert Foltyn

    Guest

    jayjwa <> wrote in message news:<>...
    > You'd be much better off archiving your important data and then wiping
    > the system and instaling Linux.


    Not if the user wants to use Windows.
     
    , Nov 7, 2003
    #12
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Jim Prather

    Is Spam Spying on Me

    Jim Prather, Nov 25, 2003, in forum: Computer Support
    Replies:
    32
    Views:
    959
    ┬░Mike┬░
    Nov 26, 2003
  2. miss calm

    non spying downloader?

    miss calm, Jan 31, 2004, in forum: Computer Support
    Replies:
    6
    Views:
    464
    David A. Seiver
    Jan 31, 2004
  3. Rob Slade, doting grandpa of Ryan and Trevor

    REVIEW: "Cyber Spying", Ted Fair/Michael Nordfelt/Sandra Ring

    Rob Slade, doting grandpa of Ryan and Trevor, Aug 15, 2005, in forum: Computer Security
    Replies:
    0
    Views:
    483
    Rob Slade, doting grandpa of Ryan and Trevor
    Aug 15, 2005
  4. KH

    Spying ISP

    KH, Nov 1, 2005, in forum: Computer Security
    Replies:
    19
    Views:
    1,706
    Tom Jennings
    Jun 10, 2006
  5. Imhotep

    Warcraft game maker in spying row

    Imhotep, Nov 3, 2005, in forum: Computer Security
    Replies:
    1
    Views:
    511
    Colin B.
    Nov 3, 2005
Loading...

Share This Page