Today, Mikey contacted me via email to inform me that someone sent him an anonymous email with an attachment to an address he has only used here. Given the goings on of late, and fearing it could be a possible attack by "Friend in High Places" or someone similar, he asked my advice.

I told him NOT to delete it, so that he would have evidence if it turned out to be some type of virus or something. I suggested that he create a new email identity, forward it there, and then view the email at an Internet Cafe or library, so that his work and home computers wouldn't be affected if it turned out to be a virus or something. I doubted it would be anything other than another pornographic picture like the one "Friend in High Places" posted a link to some months ago, but thought it cautious.

I also asked him to send it to a different email address of mine, one I created for this purpose, and I went to my local library to view it. The message says,

"Hi! How are you?

I send you this file in order to have your advice

See you later. Thanks"

I clicked on the attachment, whose file name is Quiz2solution.doc.bat. All attachments are scanned by hotmail with a virus scanner. The result:

Name of File Virus Scan Result:
Quiz2solution.doc.bat W32/SirCam@MM Virus Found

There is no cure available for the virus on the file Quiz2solution.doc.bat

Obviously, you should NEVER click on anonymous attachments, but something like this should punctuate the point. If any of you recieve anonymous email attachments, DO NOT OPEN THEM!!

I recommend that Mikey have AOL (his email provider) and Phil investigate this. If the virus can be tracked, legal action should be taken.

Maybe you won't say it, but I will. I always knew that Peter was a vindictive SOB.

That's an old virus. SirCam has been around for about a year or so.

Here's a hint. Extensions of .bat, .exe, .cmd, and .vbs are executable attachments. NEVER click on them. The name "Quiz2Solution.doc.bat" should have been a red flag.

But you're right. However, as I said, this is an old virus/worm, and all current virus scanners should catch it.

Spelunker, it probably wasn't Peter. It was just some poor schmoe who got burned by it.

If Mikey had been using a local mail client, and didn't have virus scanning installed on his machine, he would have sent out zillions of copies. HotMail, however scanned it first.

Actually, the red flag for me was that someone sent it to me from an address I am unfamiliar with.

But I am confused about your meaning...

Are you saying that I received this email at random? Is that possible?

I'm more inclined to believe that this was deliberate, simply because it happened to be sent to the address I only use on Nitcentral right on the heels of a number of incidents on the boards. I take coincidence with a grain of salt. I have a short list of possible suspects, but only one of them is Peter.

The email address I received it from was: nehor90210@netzero.net. So just in case this is deliberate, do not open attachments from this address.

Here's some info on Sircam.

The virus collects email addresses from the Windows address book (*.wab) and from documents in the Temporary Internet Files folder (*.html...)! So it would be possible that somebody completely innocent with Sircam on his system read a page from Nitcentral and had this page with your email address on it in his cache. And Bingo, new work for sircam!

But of course there's still the possibility of a deliberate virus attack. Could you maybe post the header of the virus mail? Maybe we could figure out where it came from...

When I discovered this at the library, I couldn't tell Mikey on AIM because he had signed off, but I told Machiko, who was logged on, and told me it was unwise to open the document under ANY circumstances, that the perpertrator could have rerouted the virus through any number of servers before it reached Mikey, making tracking unlikely, and that whereas exe. documents ones we should watch for, .bat files cannot support viruses.

On the first point, I explained that I forwarded the email to a different account, and viewed it on a computer at my library, so that my home computer wouldn't be affected, so I took the appropriate precautions.

On the second point, I told MJ that I'm not a computer expert, so I didn't know this, but I wouldn't the desire to find out who sent this out of hand before investigating it SOMEWHAT if it's possible to do so.

On the third point, again, I don't know much about .bat files but Scott now says they can support viruses. So which is it?

As far as the virus being a year old, that doesn't mean it can't be "Friend in High Places." Unless FiHP is a computer virus expert, it makes sense that he'd find one and save it for a later date, which is what might have happened here.

And Electron, if by "header" you mean the subject line, it was Quiz2solution. Does that help, or did you mean something else?

No, he means the full RFC-822 headers. They contain information about every single system the email went through. However, Electron is right, SirCam just snoops for addresses on your computer -- both in your address book and your browser cache, so the sender probably read NitCentral, and SirCam just snagged the address.

Electron-

I read that same information as well about the SirCam virus, but thank you for posting it.

But another question is how does the virus send the emails? Shouldn't the return address belong to whoever the sender's address is? And if so, where did nehor90210 go? Because all my emails to the address bounce back.

The other thing is that I've only posted my email address on a few occasions. Probably no more than five times. Other people frequently post their email addresses. And the moderators' addresses are all over Nitcentral. Why would the virus target me and (apparently) no one else?

I admit it's a possibility. It's the likelihood that I question.

SirCam picks em at random.

I am really confused.

My user name on NetZero is nehor90210! I imagine therefore that nehor90210@netzero.net is an email address of mine, though I've never used it before to my recollection. That said, I certainly didn't send out any viruses. So I'm confused as to how Mikey received an email from that address. In case anyone else does get email from nehor90210@netzero.net, just know that I didn't send it, and I'd take Mikey's advice and not open anything from that address.

OK, now I've finished reading this thread. From what Electron and ScottN say about the SirCam virus, does this mean I have it?

Duke,

Run your anti-virus program.

Keep in mind that I'm not defending Peter in anyway when I say this. Mikey sent me an email about the email in question. I never once assumed it was Peter behind it. Let's face it, if Peter wanted to infect Mikey' computer with a virus, he would have sent it via his own email address rather than a fake one. This isn't a matter of bravery. It's just that since he is familiar, there's a better chance of the email being opened. Moreover, I think more of us (me, for one) would have recieved, or would have been a potential recipient of the virus.

By the way, Luigi, if you opened a virus on a public library's computer, aren't you potentially damaging public property? Simple rule, if you don't know who sent the email to you, delete it. Assume it's nothing good.

While we're on the topic of 'unusual' emails, a question for the other moderators:

Are you getting a heck of a lot of emails linking to porno websites at the moment? Ever since becoming a moderator I've been inundated with junk mail but most of it has been for financial stuff (great rate mortgages, ways of making money etc), together with offers of magic potions to, umm, enhance my manhood (I forward these on to my fella ;-)) but I've not had very much porn stuff.

As a safety precaution after the Great Hissy Fit, I had Phil divert my @nitcentral.com emails from my home computer to a Hotmail account that I set up specially. Since then (about three days), I've been inundated with porn stuff! It's easy enough to delete - easier and quicker on Hotmail than it was on the home PC, and I don't waste any money sitting patiently waiting for it all to load into Outlook like it used to - so it's no big deal. I just wondered - are all the moderators getting it or is it just me?

Callie, that's just Spammail.

Hotmail is infamous for setting up a "junk inbox" that doesn't work, and "filters" that don't work, and other such nonsense. I check my Hotmail accounts maybe once every two weeks, and I've been running upwards of 200-400 pieces of email, 98% of which has been spam. Money schemes, mortgage rates, lingerie, girls who want to entice me with their webcam naughtiness, Viagra offers, cd burners, DVD recordings, testosterone offers, increasing my bust size 2-4 inches, etc etc.

I used to have my nitcentral account go to my spammail account - I don't anymore, because I have neither the inclination nor the time to really dig out Phil's emails from all that garbage.

So, no, it's not the forwarding account. It's the Spammail account.

Well, I did wonder, having had other Hotmail accounts that get pornospammed to death, but the name on the account name is a bit cryptic, i.e. not "Callie@hotmail" or anything that easy to find. I've had another Hotmail account for about a year which has an equally cryptic name and that has never been spammed. Additionally, all these pornospams are addressed to csullivan@nitcentral.com rather than to my Hotmail address.

Interesting.

I've never had my nitcentral account get spammed. Unless it did while I still had it set to Spammail.

I do get an awful lot of spam that has a whole list of names, not just mine.

Even more interesting.

I just got an identical email as Mikey, except this file name is S6.xls.pif - same email account, though (nehor90210).

Time to trash the sucker.

It was the nitcentral account, too.

Luigi, did you actually run the program, or just scan it? I ask because intentionally opening a virus on a library computer is a BIG no-no. Do you have any idea how much trouble those things cause us?

not "Callie@hotmail" or anything that easy to find.

If it's "close" to a real name (or name/number combo), you probably just got hit with a dictionary search.

Try Junkbusters if you're interested in trying to kill spam. Of course, on HotMail, it's pretty futile.

"We are the Borg. Resistance is futile. You will be spammed."

Callie, I used to get the EXACT same pornospam on Hotmail, even when I would create a brand new address that NO ONE had. I have my junk mail filter set to EXCLUSIVE now, so I only get mail from people whose addresses are in my address book. (And it works too, MJ.)

Merat, I clicked on the attachment, and I knew that Hotmail scans all attachments with McAffee Virus Scanner.

Benn and Merat: I had no idea what the email was. I only understood that it COULD'VE been something like a virus, but figured it was probably something along the lines of that self-portrait of Peter that he posted a link to several months ago. If it turns out to be a virus, isn't the legal liability on the person who sent it?

Lucky you, Luigi. Mine doesn't work worth...well, it'd be censored. Suffice it to say it just royally bites.

And I don't believe the legal liability would be on the one who sent it - rather, it'd be on the one who wrote it. (I liken it to suing a car dealership for selling a car that has a problem rather then going to the factory.)

But...don't take my word for it.

Luigi-

The problem I have is that whether you merely scanned it or whether you opened it, you specifically did not want to do so on your own computer, because you percieved at least the possibility of infecting it, but you were quite willing to risk infecting someone else's computer. Resposibility does attach (morally definitely, and I think legally, too) when you specifically act with the awareness of the likelihood of a problem without acting to mitigate that problem.

My user name on NetZero is nehor90210 ! I imagine therefore that nehor90210@netzero.net is an email address of mine, though I've never used it before to my recollection. Duke

That is why it is important to have all the information, especially the binary coded stuff, from the header. It may not have come from your e-mail account. I had a membership to a website once, and one of the priveleges was the ability to e-mail other members. The site, however, did not have its own post office. Instead, it sent e-mails that , if you went only by the "from" and "reply to" lines appeared to come from the address I used when I signed up for the site.

In the midst of all of this, I'd like to point out that it is very unlikely the Sircam virus is some kind of retribution from Your Friend, since I'm definitely on the top of his s-list and I've personally gotten nothing at any account.

Sircam self-propagates very effectively and it's probably just gotten a nitpicker and is making the rounds.

Callie, I've gotten the pornospam to my nitcentral account. Darn spambots!

Peter would not distribute a virus under his own name, if for no other reason than it's very illegal.

Callie, I use both an AOL account and a free Yahoo e-mail account and have never had a pornospam problem. I do very little e-mailing which I suspect helps. Fewer chances for my e-mail addresses to end up on someone elses e-mail list.

Callie, I used to get the EXACT same pornospam on Hotmail, even when I would create a brand new address that NO ONE had. I have my junk mail filter set to EXCLUSIVE now, so I only get mail from people whose addresses are in my address book. (And it works too, MJ.)
Ditto, here. That's why I tell prospective new RM/PM members to post their addresses so I can write to them first, then add them to my address book, so I can get email with them if need be.

Callie, I use both an AOL account and a free Yahoo e-mail account and have never had a pornospam problem.
You're lucky then, cuz my Yahoo account gets tons of emails like MJ's described before, so I hardly go there anymore. I can't get it to filter out unwanted junkmail. It's only got a folder for what it considers junkmail, but unfortunately I still get lots of junk in my regular folder, too.

"Peter would not distribute a virus under his own name, if for no other reason than it's very illegal." - Matt Pesti

Good point. (Can't believe it. I agree with Pesti.)

Well, I certainly transferred to the Hotmail account at the right time - in four days I've had fifty offers of porno websites!! FIFTY!!!

It just seems intriguing to me that all this stuff started being sent to me and not many other moderators immediately after I wrote (and submitted evidence of Your Friend's identity) to the college in Darlington. Also I don't get anything like that number (usually no more than three a week) to other Hotmail accounts. Also they started arriving immediately I set up the new account whereas - as I said before - another account which I've had for ages has never been spammed.

I just can't help coming to conclusions, whether they're accurate or not. But the whole lot can be easily deleted with just two clicks, so no problem at all. If anyone was trying to cause me problems, he's wasted his time.

Callie,

The Porno spam may not be "Friend". There can be any number of semi-computer-literate students at Darlington who sold you're address to a porn site.

My experience with the pornospams to my nitcentral account predates Peter's recent meltdown. I use my other account so much, and so publicly, if someone wanted to really spam me they'd just send it there.

Well WHAT a surprise. I just opened some of the pornospams on my Hotmail account and found that they believed that I had asked to be signed up to their websites. The person who signed me up has the IP number 62.254.64.4, which amazingly (or not ...) is the same address as the person who posted a large number of the Your Friend spammails (the second address, not the one at Queen Elizabeth College, so presumably his home address).

Peter, dear, you are beyond pathetic. I will, of course, immediately be reporting you to NTLworld.

What will your mummy and daddy say?

Oh, good grief.

Addendum: I can confirm, from my server logs, that's Peter's account. My logs associate the IP with the user's membername.

It's official. Peter's an assho1e.

I wonder what Oxford would have to say about some of Peter's extra-curricular activities... assuming he was being truthful about that (and I suspect he was).

Well...

All the universities in the UK are connected to the net through a network called JANET. 'JANET' imposes a series of extremely tough guidelines on each individual university and if these guidelines are breached - the university (in theory) could lose access to the network (i.e. they are ***********) One lecturer in my school very nearly lost his job for searching for porn sites and b) asking his students to do so - he claimed in his defence they were needed for something he was doing for one of his units that he taught.

What i am basically saying is that if anyone tried the type of stunt via the university network - they would be severely reprimanded and probably lose all network privileges (at the very least)

Fingers

I hadn't planned to post here again, but I thought it sensible to clear the air.

Yes, of course I did post as "Your Friend in High Places", which was obvious months ago. No, I am not a liar, and what I said about not posting anonymously or with other names in order to express secretly held views is true. If any of you who accused me had the intelligence to see that that had nothing to do with posting anonymously or with other names for other purposes, well, we'd probably have got on better. No, I did not send anyone a virus. No, I did not sign anyone up to porn mailing lists or anything of the sort. The IP address given was not the same as that Phil pointed out a while back. The fact that it is similar proves nothing except that I am on NTL, all of whose users have similar IP addresses. Nonetheless, I do confess to having, when downloading free old games from sites that demanded an email address for each download, instead of my usual way of typing "dfiohfuifh@diohdfh.com" or something, I entered "csullivan@nitcentral.com" three or four times. I know from personal experience how big a mistake giving an email address to any site can be, and it sounds like you have learned the same thing. I am amused by your pettiness, and Mikey's too, of course. (Mikey, first of all your facts are very wrong. Secondly, home computer work is no one else's business unless laws are broken. Third, I genuinely wish you a nice life, because, well, if you are anything like those you sound like, you really do need all the help you can get.)

You can email NTL, which is indeed my ISP, if you like. My parents won't be interested in my righting a few wrongs done me by a gang of bigoted eccentrics. I am not sorry for what I have done, and I feel no guilt or regrets. But you can all be assured that I'll not trouble anyone here again. I am above it, and above just about all who attacked me.

Mark Morgan, I understand why you think you must be on some "hitlist" of mine, but I can assure you that isn't the case. Your attitudes and methods were appreciated, and although your debating style was anathema to me (you seemed to think that debates should consist entirely of pasting long streams of "evidence" and then adding underneath how undecided everyone was), the only criticism I ever had of you was your blaming of me for everything. Your every post always went either "Peter attacked x [without mention of any provocation]; blame Peter!" or "X attacked Peter; blame Peter!". I think you were absolutely right when you told me that Nitcentral had gone down the pan because the only ones remaining on the main boards were peculiar people who tolerated vehement insults.

ScottN, I have to admit I felt I'd let you down when you defended me for something I had indeed done. Like Mark Morgan, you were a good poster and I haven't any complaints about you. The one time I think we did fall out, through my own carelessness in making a general, social point personal, I didn't apologise, as I should have done, so I offer a belated apology now.

TomN, we haven't ever got on, but you speak a lot of sense a lot of the time, so keep it up.

Pesti, your posts were rare but always good. I say the same to you.

Cynical Chick, good luck with your ambitions, which parallel mine. I offer some sincere advice. Read up on politics and on what you believe. Memorising "West Wing" scripts won't cut it. The holes I exposed in what you said would be nothing compared to those a serious, mature politician could, and you will need to fill them to get ahead... Oh and "tolerance" does not mean reserving all moral judgement and believing that nothing is wrong, but almost exactly the opposite - it means abiding that you do think is wrong and immoral.

William Berry, good luck and keep that sense of humour. ;)

Brian Webber, you aren't the smartest man in the world, but I am sure that you are really a nice guy. The internet is no real test of character, as the perceptions of me all over the `net have proved, so I choose to think the best of you.

To anyone else, I either foolishly left you out or bear no grudges. Mikey, Benn, Luigi, MarkN, Callie, that applies to you too. If (and that really that means if) you are really like your online names, than having any dislike for you would be perverse and petty, and the only response from any good person would be pity.

As I said, I am above disputes with people who do not exist except on the internet, and I need to find whatever faith I once had, which starts by letting petty conflicts go.

Ciao for good, everyone.

Peter.

Nonetheless, I do confess to having, when downloading free old games from sites that demanded an email address for each download, instead of my usual way of typing "dfiohfuifh@diohdfh.com" or something, I entered "csullivan@nitcentral.com" three or four times.

Does this already qualify as computer fraud?

I know from personal experience how big a mistake giving an email address to any site can be, and it sounds like you have learned the same thing.

Spelunker was right, completely right. And you are a highly arrogant one.

And that's hopefully the last thing I'll add to the "Peter" topic.

Keith, this thread needs to go.

Any further Peter bashing won't do any good here - if Callie wants to pursue this matter of Peter impersonating her with his ISP, that's up to her.

But please delete this thread. It's pointless.

Keith - before you do delete it (if you do), please could you let me have the IP address from Peter's last posting in case I do decide to take up the matter of the arrogant little **** admitting to impersonating me. Thanks.

I think we've all been hurt by Peter in one way or another and we deserve a parting shot.

I'd like to see him try the folks in the JREF Forum over at www.randi.org. They're not as nice as we have been.

I think we've all been hurt by Peter in one way or another and we deserve a parting shot.

Because after all, that will do so much to show how much more mature and responsible we are than he is.

If we are giving out IPs then I'll take Callie's and Electron's too.

My final offering on the subject is simply this: the IP addresses of the person who signed me up for my recent bout of pornospam and the IP address from Peter’s latest statement were very similar, sometimes just one digit different from each other. Regardless of whether or not the actual home address can be identified, each of the above numbers is identified as coming from a site in Middlesbrough. Middlesbrough is about twenty miles away from Darlington.

But maybe it’s just all a great big coincidence.

Peter: ***I hadn't planned to post here again, but I thought it sensible to clear the air. ***

"... Baby One More Time"


Peter: ***Yes, of course I did post as "Your Friend in High Places", which was obvious months ago. No, I am not a liar, and what I said about not posting anonymously or with other names in order to express secretly held views is true. If any of you who accused me had the intelligence to see that that had nothing to do with posting anonymously or with other names for other purposes, well, we'd probably have got on better.***

"The Beat Goes On"


Peter: ***No, I did not send anyone a virus. No, I did not sign anyone up to porn mailing lists or anything of the sort. The IP address given was not the same as that Phil pointed out a while back. The fact that it is similar proves nothing except that I am on NTL, all of whose users have similar IP addresses. ***

"Don't Go Knockin' On My Door"


Peter: ***Nonetheless, I do confess to having, when downloading free old games from sites that demanded an email address for each download, instead of my usual way of typing "dfiohfuifh@diohdfh.com" or something, I entered "csullivan@nitcentral.com" three or four times. I know from personal experience how big a mistake giving an email address to any site can be, and it sounds like you have learned the same thing.***

"E-Mail My Heart"


Peter: ***I am amused by your pettiness, and Mikey's too, of course. ***

"(You Drive Me) Crazy"


Peter: ***(Mikey, first of all your facts are very wrong. ***

"I'm Not A Girl, Not Yet A Woman"


Peter: ***Secondly, home computer work is no one else's business unless laws are broken.***

"Let Me Be"


Peter: ***Third, I genuinely wish you a nice life, because, well, if you are anything like those you sound like, you really do need all the help you can get.) ***

"I Will Still Love You"


Peter: ***You can email NTL, which is indeed my ISP, if you like. My parents won't be interested in my righting a few wrongs done me by a gang of bigoted eccentrics. I am not sorry for what I have done, and I feel no guilt or regrets. But you can all be assured that I'll not trouble anyone here again. I am above it, and above just about all who attacked me. ***

"Can't Make You Love Me"


Peter: ***To anyone else, I either foolishly left you out or bear no grudges. Mikey, Benn, Luigi, MarkN, Callie, that applies to you too. If (and that really that means if) you are really like your online names, than having any dislike for you would be perverse and petty, and the only response from any good person would be pity.***

"That's Where You Take Me"


Peter: ***As I said, I am above disputes with people who do not exist except on the internet, and I need to find whatever faith I once had, which starts by letting petty conflicts go. ***

"What U See Is What U Get"


Peter: ***Ciao for good, everyone. ***

"Bye, Bye, Bye"

OK. That was petty. But it was sure fun.

But since Peter had some things to say directly to me, I thought it only fair that I respond to his assertions, allegations, and attacks.

I call this response:

"Oops!... I Did It Again"


Peter: ***I am amused by your pettiness, and Mikey's too, of course. ***

I guess it depends on how you define "pettiness". See, to me, getting angry and possibly seeking reparations because someone fraudulently used your email address to protect themselves from being spammed isn't petty. (Incidentally, this admission defines you as a "liar"). And it's certainly less petty than, say, throwing a cyber-tantrum, flooding a discussion group with obnoxious messages for the sake of interrupting the flow of the discussion just because you didn't like a decision made by concensus.


Peter: ***Mikey, first of all your facts are very wrong. ***

What facts are those? I've looked back on these last posts of mine and find very few facts, just some speculations which I define as such. I never accused you of sending me a virus. I wasn't even the person who opened up this discussion. In fact, the only reference I even made to you here is by saying that you were one of a couple of suspects. Truth be told, I had a more likely suspect.


Peter: ***Secondly, home computer work is no one else's business unless laws are broken.***

Ah... But I wasn't talking about legal issues.

I had no business knowing about the (legal) sexual relationships my President engaged in behind closed doors. But that didn't stop anyone from tarnishing an administration (not to mention the world's perception of the US) by exposing a factoid that was none of anyone's business, seriously hampering forward progress on some very important issues, just to further their agendas.

Your extra-curricular activities may not be anyone's business. But that doesn't mean that they wouldn't be interested in it.

Or are you suggesting that your admittance into Oxford is entirely dependent on your schoolwork? And recommendations, your involvement in your community, etc. had nothing to do with it?


Peter: *** Third, I genuinely wish you a nice life, because, well, if you are anything like those you sound like, you really do need all the help you can get. ***

I am so touched.


Peter: ***Ciao for good, everyone. ***

Yeah, I believe you.

Why don't you bait him some more?

One of the more depressing days of my online life was when I had to reset Peter's password to my site because, apparently, "stop calling people names" wasn't clear enough.

This entire thread, and the incidents that provoked it, and the constant urges to get just one more dig in, are equally depressing.

"Hey, didn't everyone realize that the Bath Scene in Insurrection was two people having SEX! Liberal Hollywood glorifying immorality again!"

"And D. Stuart is a ***** ******** ****!"

To be honest, "Give it a rest"-type posts are equally frustrating and are another example of someone posting just to have the last word.

Peter addressed me directly and publicly. I have the right to respond to that. I got what I felt needed to be said out in the open. If that's "baiting," so be it.

Maybe you do have the right to respond. However, I'd like to remind you of the 76th Rule of Acquisition: "Every once in a while, declare peace. It confuses the hell out of your enemies."

I'm getting IM messages that are porn adverts. Of course, as long as you don't reply, you can just warn them and block them. I suggest everyone place a "New patrons block in their profiles."

By IM, do you mean AOL's IM, or MSN or Yahoo! or ICQ or some obscure company?

And if it's AOL, what's your username?

(ICQ's been having pornspam through them for quite a few years.)

Uh, Mikey,

In horror movies the dead villan just lays next to his discarded gun while everyone dances with joy or something. Then all of a sudden he's alive and has picked up the gun.

I mention this because you are dancing. Quick, someone get the gun!

Pesti,

I've gotten IM porno spam too. They shotgun it out to any and all accounts they can reach. It is not Peter. (Oh, MJ, it is AIM.)

I got spam on my cell phone today.

Chew with your mouth closed.

And you shouldn't be eating while you're on the phone, anyway. It's rude.

AIM has porno spam? Interesting.

I always get it through Spammail and ICQ.

I got so tired of pornospam that I set my email box to "Exclusive," and can now only get email from addresses that I already have in my address book.

My AOLIM name? It's here. Add my username +E-mail.

Just a warning. I recieved an e-mail from "bcattell@nitcentral.com" that had an infected zip file attachment "HREF.zip". It unzips itself when downloaded. My virus scan picked it up when I downloaded it to a floppy and it automatically unzipped itself. I immediately deleted it and reformatted the disc. Hopefully this got rid of it.

Who's bcattell? Anyone know?

I doubt it's a nitpicker. Some spammers use other people's names to try and get your attention.

I recently had a couple of notifications to my Hotmail accounts telling me that a couple of my emails had bounced back. One had been sent to Declan Quinn, the former moderator of Stargate SG-1 and the other one had been to Ed Jefferson. To the best of my recollection I've never ever sent an email to Ed. And when I looked at what I'd apparently sent, they were spam emails!

So if anyone else has had a spam email from me, it wasn't really me, honest!

I got that too, Callie, but I knew it wasn't you.

Just a friendly warning. My Nitcentral account has been used to send a spam/virus e-mail. It has the file name 'Novelide.eml'. It'll show as being from bbrookshier@nitcentral

Thanks for the warning, Butch.

The Novelide.eml is still going around. Just got another undeliverable mail message concerning it. It is a virus so if you get it, just delete it without opening.

RE: spam, viruses, trojans and 'how'd I get THIS?'

It sounds as though many here know that the average unsolicited e-mail has a message header that can be (and usually is) faked, so looking at a sender's alledged e-mail address is no good. Looking at IP addresses can be helpful, but it still doesn't explain where the spam originated, because spammers often exploit security vulnerabilities in servers that aren't even closely related to where they are. For example, I had some crummy spammer hammering at me until I back-traced him to a server at US Navy site (I won't say where). I contacted the person at that Navy base who handles their IT, and she looked into it and, sure enough, this person had found a hole in the base's server security and was originating the spam from there. (Attention potential spammers: it's probably not a good idea to hack military computers unless you WANT to see the inside of a federal prison.)

As to why so many here are getting pornospam and the like, scummy little jerks will use automated 'bots that scan tons of webpages looking for prospective e-mail addresses. Anyone who has an address that appears anywhere on any page here at Nitcentral has probably had your e-mail address harvested: particularly those of you who are moderators and have to have some way of participants contacting you. It's why I don't put an e-mail address with my username.

Those harvested addresses are sold to solicitors who then spam the living daylights out of you, or script kiddies get hold of them to unleash their latest bit of malicious code (code that is blisteringly unoriginal, but merely a small variation on someone else's work).

The secret to getting your e-mail address out is to post it in such a way that someone has to remove something from the address to get it to work. Past examples have been username.nospam@domain. However, many automated bots are getting good at detecting phrases such as "no spam" or "nojunk". Get creative but keep it simple - that way the average person will know to remove that string of characters before e-mailing you.

As to the spam we all already get: we just have to inhale-sharply it up (since the automated system doesn't like a four-letter word beginning with 's', rhyming with duck and meaning a sudden intake, like through a straw) and take it like a user.

One method a newsletter I subscribe to uses is to put spaces before & after the name, such as "name @ domain." That may help too.

president@whitehouse.gov
That ought to be fun for the spammers to have. Set up a site like that and see what happens to them

I just found this out about Ad-Aware. If you use it, read this article.

Ad-Aware is in development for version 6. They are completely rewriting the engine. V6 is due out in Jan 2003, with the freeware version due in Feb. This guy sounds like he has an axe to grind.

I noticed that ref. update did nothing. I noticed Vagetta (The computer that has gotten Kazaaed) slowing down. I downloaded "Spy-bot" from MarkN's link above. I'll post again how it works.

Both computers (Sailor Moon and Vagetta, 2 kids that fight over everything - you figure it out) using Spy-bot found stuff. (Sailor Moon-76, Vageta-25, mostly registry entries) I especially liked the feature that told me a description of what the file does in regular English. ("Tracks web pages you've gone to for such and such adverting clearinghouse" is more understandable than "forwards browser history to web based marketer.")

Much spy-ware must have not been Kazaa related, BTW.

I don’t think I damaged anything on my computer. (It booted and I got here OK, but I can’t be sure of Barbie^TM Fashion Designer.)

DANGER!! Old Virus Resurfaces!
Just got this in from a reliable source. It seems that there is a virus out there called the Senile Virus that even the most advanced antivirus programs cannot take care of. It appears to affect those of us who were born before 1964.

Symptoms of Senile Virus:
1. Causes you to send same e-mail twice.
2. Causes you to send blank e-mail.
3. Causes you to send to wrong person.
4. Causes you to send back to person who sent it to you.
5. Causes you to forget to attach the attachment.
6. Causes you to hit "SEND" before you’ve finished the

Here's another urgent warning:

Dear Receiver,

You have just received an Albanian computer virus. Since we are not so technologically advanced in Albania, this is a MANUAL virus. Please delete all the files on your hard disk yourself and send this mail to everyone you know. Thank you very much for helping me.

Albanian hacker

That's a variant of the honor code virus. We'd better report it!

The senile virus is a fake!

The senile virus is a fake!

It won't let me double post. The joke is ruined.

Another symptom of the senile virus:
* Causes you to forward an email to loads of people who were already on the distribution list. grrr..

NEW E-MAIL HOAX!

Somebody out on the web is sending a "fraud alert" from BestBuy.Com. DO NOT SEND ANY CRITICAL INFORMATION TO THIS INDIVIDUAL! BestBuy says, "This is just a hoax" Therefore, it's a cheap attempt to try & rip off people's credit card info.


However, to be on the safe side, let your credit card company know anyway.

When you get an email about a "new internet virus", check Hoaxbusters at CIAC (affiliated with LLNL).

You've no doubt read and vulnerability in Windows. When I read of it I got the patch. I was too late. Some pimply faced pimple on the but of humity must have put a back door into my computer. My software fire wall was going nuts as idiot hackers tried to pounce. My software firewall was corageous, but is only software. When the pimple came back he was able to disable it and Norton AV. I'm going to format the hard drive and re-install everything behind a hardware fire wall. I know, I should've had one long ago.

I'm writing this because there is someone saying, "what is a hardware fire wall."

To that person I say that ignorance is not bliss. Well, actually if your easier to get at than me...

It's happening again. People are receiving an e-mail supposedly from me here at Nitcentral. It has an attached PIF file which is apparently a virus or some such. If you get it, delete it without opening.

I got one too. It blames ME for putting a worm virus in their computer hard drive. I did no such thing. Their "retaliation" is the worm virus worse than the one I supposedly sent them. (My e-mail was from a woman)

Well, it's happening yet again. I've received an e-mail supposedly from one of the posters here at NitCentral. It has msg reply in the subject line and an attachment called moreinfo.cpl that is a virus. The virus is W32.Beagle.x@mm (whatever that might be). Delete without opening.

What indication was given that it was supposedly from another Nit-C poster?

Used the name of a prominent poster here as the sender name. (Not you, Luigi)

All that means is that said poster is in the address book of the infected sender.

You need to look at the entire header to find where it really came from, but since it's a virus/worm rather than spam, it's not really worth it, since you can only track the IP of the sender, not his name.

Which is why I said supposedly.

Post the relevant parts of the header here and we'll try to find out on which continent the sender was.

Sorry, already deleted it.