Author Topic: Do NOT install the new open source explorer "patch" !  (Read 21371 times)

0 Members and 1 Guest are viewing this topic.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67269
Re:Do NOT install the new open source explorer "patch" !
« Reply #15 on: December 21, 2003, 05:48:53 PM »
Technical...hello and Happy Holidays!

I just received another message from my isp:
edylg.exe was infected with the malicious virus W32.FunLove.4099 and has been deleted because the file cannot be cleaned

so apparently something is working?? I don't let any attachments to come through...several months ago I got a virus from an unknowing friend who sent me a picture. ever since then, I have blocked any attachments...I may miss an occasional pretty thing, but I'd rather this happen then to get infected again :'(

cojo

Have you already tried MailWasher application? You can 'see' the email without downloading it and decide if you want to receive or not. You can delete it before you receive it. (www.mailwasher.net). The free application allows only one email account. In the pro version, the number of email accounts is unlimited.

Merry Christmas for you too.
The best things in life are free.

Offline Waldo

  • Sr. Member
  • ****
  • Posts: 397
  • Avast does the ownage
Re:Do NOT install the new open source explorer "patch" !
« Reply #16 on: December 21, 2003, 06:19:00 PM »
Seems they released a updated (without bugs) so called "patch"...my advice :

Don't be an idiot, and stay away from it !

It's the same crap as before.

http://www.openwares.org/index.php?option=com_remository&Itemid=&func=fileinfo&parent=folder&filecatid=17

Kind regards,

Waldo

« Last Edit: December 21, 2003, 06:20:50 PM by Waldo »
**Guns are for show, knifes for a pro**

CoJo

  • Guest
Re:Do NOT install the new open source explorer "patch" !
« Reply #17 on: December 21, 2003, 06:20:52 PM »
Hi Technical!

no, I haven't tried MailWasher ???   and I don't remember why not...
but my isp has a spam guard folder that I can view what it caught and I can delete it...that way, I don't miss an occasional friendly one and I can delete all the rest...is that just as good?

by the way, I just tried to download a test and Avast! blasted me with a warning...so I deleted it and am going to run a scan in a few minutes.

cojo

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67269
Re:Do NOT install the new open source explorer "patch" !
« Reply #18 on: December 21, 2003, 06:29:56 PM »
Hi Technical!
no, I haven't tried MailWasher ???   and I don't remember why not...
but my isp has a spam guard folder that I can view what it caught and I can delete it...that way, I don't miss an occasional friendly one and I can delete all the rest...is that just as good?

I think so  ;D

by the way, I just tried to download a test and Avast! blasted me with a warning... so I deleted it and am going to run a scan in a few minutes.
cojo

What test? What is the name and extension of the file?
The best things in life are free.

CoJo

  • Guest
Re:Do NOT install the new open source explorer "patch" !
« Reply #19 on: December 21, 2003, 07:16:01 PM »
Technical. I think my ignorance is showing again! :-[
it is an IRC worm killer tool...from clickteam.com
and I think Avast! did its usual great job and detected it as a worm when it was actually part of the test...
it installs as test.exe and a file that has the same ending but with test\$$A...
so I think I just panicked and deleted it...sigh
cojo

Offline MikeBCda

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 2251
Re:Do NOT install the new open source explorer "patch" !
« Reply #20 on: December 21, 2003, 07:18:11 PM »
I guess I'm lucky here -- my ISP uses VirusGuard, which "quarantines" anything suspicious incoming.  (I use avast's email provider too, just in case something slips through).

And it'll let me go to the site and view any plain-text contents (not HTML or attachments) without the message ever "seeing" my own system.  At that point I have the options to:
- delete
- clean (if possible) and deliver
- deliver as-is

Interestingly, "clean" isn't capable of simply deleting an attachment (the most common problem area) and delivering the message itself.
Intel Atom D2700, 2 gig RAM, Win 7 x64 SP1 & IE-11, Firefox 51.0
(default). 320 gig HD, 15Mb DSL, Win firewall, Avast 12.3.2280 free, SpywareBlaster, MBAM Prem., Crypto-Prevent

Offline Hornus Continuum

  • Full Member
  • ***
  • Posts: 119
  • If you only remember one thing, it's this ...
Re:Do NOT install the new open source explorer "patch" !
« Reply #21 on: January 09, 2004, 01:47:44 PM »
Hi Gang,

A better option than Outlook Express/Outlook's attachment blocking feature, which many disable because it interferes with normal and sometimes frequent file transfers, is the Outpost firewall.  It includes an Attachments Filter plug-in that renames attachments by appending a harmless extension to their filenames.  This allows you to receive all the attachments but prevents you from running executables accidentally and becoming infected with new, rapidly spreading malware.  The original extension remains part of the name so you don't have to be concerned about knowing what type of file is involved.   You can use the files after saving them and restoring their original names.  The default configuration includes all the usual suspects: executables, screensavers, scripts, and so on, along with a slew of file types that many are unaware can be dangerous.  You can add more extensions to monitor if you want.  In addition to making an entry in its log, the plug-in also can be configured to report any attachments that are renamed in a pop-up window.

Part of my safe hex regimen is to always include a moniker in any e-mail I send that has an attachment.  A custom signature states that the presence of the moniker guarantees that I actually sent the message and deliberately inserted any attachments, and it specifies their number.  (Of course the avast! status lines are included.   :)  )  It also includes a warning to never open an attachment in an e-mail from me if the moniker is missing.  Using this technique results in a little extra work up front, but that is more than offset by eliminating the need for independent confirmations.  If more people adopted a similar practice and encouraged others to do the same, the number of infections from malware that propagates through e-mail could be dramatically reduced.

Regards,
Hornus
« Last Edit: January 09, 2004, 01:50:18 PM by Hornus Continuum »

"Quote me as saying I was misquoted." -- Groucho Marx  ;D

CoJo

  • Guest
Re:Do NOT install the new open source explorer "patch" !
« Reply #22 on: January 09, 2004, 04:42:24 PM »
Hornus, I challenge you to explain that to the simple mind of cojo ;D

what I think I understand is I can add somthing at the end of my attachments to make them safe for my friends...but I can also do something to check mine. I am using EZguard firewall...it also has--without scanning--an option to accept of deny certain extensions in an email. I can turn this on or off as needed...

am I even close ???

cojo

Ogw

  • Guest
Re:Do NOT install the new open source explorer "patch" !
« Reply #23 on: January 09, 2004, 06:20:18 PM »
Hornus, I challenge you to explain that to the simple mind of cojo ;D

what I think I understand is I can add somthing at the end of my attachments to make them safe for my friends...but I can also do something to check mine. I am using EZguard firewall...it also has--without scanning--an option to accept of deny certain extensions in an email. I can turn this on or off as needed...

am I even close ???

cojo

cojo, you caugh my feelings. hornus, could you explain for us, not so technically, what is that 'moniker' you talked about? thank you.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67269
Re:Do NOT install the new open source explorer "patch" !
« Reply #24 on: January 09, 2004, 07:28:26 PM »
Hornus, wellcome back from your vacations! We are curious about your 'security' system, can you post some links for download the application?  ;D
The best things in life are free.

Offline Hornus Continuum

  • Full Member
  • ***
  • Posts: 119
  • If you only remember one thing, it's this ...
Re:Do NOT install the new open source explorer "patch" !
« Reply #25 on: January 10, 2004, 01:10:44 AM »
Hi Guys,

Thanks for the interest.  I'll try to clarify things.  There's no application, it's a procedure.

A moniker is just a nickname or identifying mark.  I use it as a crude form of authentication, like the wax impressed with a dignitary's unique symbol used to seal a document in Medieval times.  I created a small graphic file with MS Paint containing a unique symbol that my family and friends can identify as being associated with me.

Whenever I send someone an e-mail with one or more attachments, I always include the moniker.  If recipients display e-mail in HTML format, the moniker is prominently displayed in the body of the message; if they display it in text format, they can recognize the filename.  In either case, if anyone receives an e-mail from me with only one attachment, they know immediately to be suspicious.  In that event, the 3 most likely reasons are:  the e-mail has a spoofed sender address, it was sent by someone infected with a worm that got my e-mail address from their address book, contact list, etc, or I myself have been infected   :'(.

Because I realize that most people would just be confused by the presence of the extra attachment, I created a signature that explains why it is there and what its presence or absence means.  The signature also specifies the total number of attachments, including the moniker.  That way, if a worm manages to piggy-back on an otherwise legitimate e-mail, the recipients are alerted that something isn't kosher.  I always insert this signature along with the moniker.

A worm propagating through e-mail or a stranger pretending to be me wouldn't be able do this.

The use of a graphic moniker is overkill, admittedly.  A simple text string or even using the signature by itself would suffice.  But, I use the graphic as an attention getter and the explanation in the signature in the hopes that it promotes the practice.

Regards,
Hornus

"Quote me as saying I was misquoted." -- Groucho Marx  ;D

CoJo

  • Guest
Re:Do NOT install the new open source explorer "patch" !
« Reply #26 on: January 10, 2004, 01:24:32 AM »
well, thanks, Hornus!! ;D

ya expect me to understand *how* to do that???
especially since I am sitting here drinking special hot chocolate and listening to Bocelli...if I were any more mellow, I couldn't stand up :-*

sorry...just being crazy for a moment...I'll reread it when I'm not so "mellow"...

cojo

Offline Hornus Continuum

  • Full Member
  • ***
  • Posts: 119
  • If you only remember one thing, it's this ...
Re:Do NOT install the new open source explorer "patch" !
« Reply #27 on: January 10, 2004, 02:03:44 AM »
CoJo,

You don't have to create a graphic.  Download one from the Internet or use some clip art that you already have.  Save a copy of it with a unique name, like CoJo'sMoniker.gif, so someone can recognize the filename and associate it with you.

Creating and using a signature in your e-mail client isn't hard.  I expect that virtually all of them support this.  If yours doesn't, dump it.   ;D  No, what I meant to say is use Notepad to create one in a text file.  I'd be surprised, nay shocked, if your e-mail client doesn't allow you to insert text from a file into a message with just a few mouse click, in the right places of course.  ;)  If not, dump it.  ;D  Of course, you can use the clipboard to cut and paste it if necessary.

Regards,
Hornus

"Quote me as saying I was misquoted." -- Groucho Marx  ;D