Last Thursday, I experienced a malicious attack on my e-mail account by unknown
perpetrators. When I logged on in the morning, my anti-virus program, Symantec's
Norton AntiVirus 2000, began alerting on incoming e-mails. The first alert screen
asked how I wanted to handle the detected virus. The choices were to repair
the problem, delete it, or quarantine it. When I selected repair it, the next
screen usually indicated that the program couldn't repair the file and asked
me if I wanted to quarantine it. When I said OK, I got a third screen that said
that the file had been quarantined. I received more than three hundred e-mails
on Thursday that contained viruses and I had to click on three screens for each
one. This overwhelmed my computer system and it crashed twice in the process.
Note: Mac and Linux users need not send me e-mails about the virtues of their
systems over the one I use. I realize the limitations of Windows-based PCs and
choose to stay with my current system.
I was so frustrated with the viruses that I didn't take time to look at the
choices available in Norton AntiVirus to see if I could reduce the selections
to eliminate the problem. I've since discovered that under Options, you can
tell the program how to respond when a virus is found. One of the choices, which
seems like the best and safest choice to me, is to try to repair and then quarantine
the file if unsuccessful. I could choose to just delete the file, but sometimes
people send files that aren't intentionally damaging but that contain viruses.
In this case, Norton AntiVirus might be able to repair the file so it's still
usable.
The virus I was receiving was identical in most instances, but the e-mails and
the attachments looked different. This virus is called "W95.hybris.gen" and
the e-mails contain subject lines such as "Snowhite and the Seven Dwarfs - The
REAL story!" The sender is usually hahaha@sexyfun.net. The attachments are called
"joke.exe", "dwarf4you.exe", or about a dozen other names. If you open the attachment,
the virus will attack your wsock32.dll file and will then start sending out
similar e-mails to people in your address list. This virus is described on Symantec's
Web site at www.symantec.com/avcenter/venc/data/w95.hybris.gen.html.
A second virus I received is from a new round of senders who are pretending
to send me a document that I had requested or that they want reviewed. The e-mail
might not have a subject line or could be the same as the attachment name. This
virus is called "W32.sircam.worm@mm" and if opened, will grab a file from your
My Documents folder, add its malicious code, and send out e-mails to people
in your address books. This virus is described on Symantec's Web site at www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html.
After my experience on Thursday, I decided to take the offensive against these
nasty viruses. I still don't know why I was attacked like I was, but I'm not
going to sit still and let it continue. Thankfully, I have one of the best (if
not the best) anti-virus programs on the market already installed on my system.
PC Magazine www.pcmag.com/article/0,2997,s%253D1594%2526a%253D1955,00.asp
named Norton AntiVirus as the Editor's Choice in June. I've been using it for
quite a while now and have been very pleased with the program. Since I have
a cable modem, the Live Update feature automatically updates my virus definitions
on a regular basis. If you don't have a current anti-virus program on your system,
with up-to-date virus definitions, you're running the risk of trouble on your
system and potentially passing on that trouble to others through e-mail.
Several months ago I wrote a column about "My
Personal Anti-Spam Campaign." In the column I discussed setting up filters
in my e-mail program, Eudora. All of the viruses I received from hahaha@sexyfun.net
were sent to the trash, after I told Norton AntiVirus how to treat them. So
I didn't have to deal with the e-mails any further. But I still found it irritating
that I had to receive these e-mails at all. Contacting my ISP gave no satisfaction
as it doesn't have the ability to filter for viruses. So, I decided to forward
my e-mails to a free account I have on AltaVista.com www.altavista.com. This
step has significantly reduced the number of virus and spam e-mails that I receive
daily. The reason I took this step is because AltaVista has filters set up that
keep you from even receiving e-mails that contain viruses, or e-mails that are
known to be spam. You can even send in junk e-mail candidates to AltaVista through
a link that is prominently displayed while you're reading your e-mail. Yahoo
www.yahoo.com has similar features in its free e-mail offering, although I've
found that site a lot slower in response time than AltaVista.
If you're tired of being bombarded with virus e-mails, or spam, you need to
take the offensive. The above solution worked well for me. I'm sure there are
different solutions that work well for others, and I encourage you to write
with solutions that work for you. I don't pretend to know the one best way to
solve any of the problems I write about and enjoy reading e-mails from people
who take the time to write constructive comments.
Elizabeth Kelley Kerstens, CGRS, CGL, is the managing editor of Genealogical
Computing, editor of the Board for Certification of Genealogists' newsletter
OnBoard, the creator of Clooz-the electronic filing cabinet for genealogical
records, co-creator of the new family health history program GeneWeaver, and
a frequent contributor to Ancestry. She can be reached via e-mail at gceditor@ancestry.com.
GC Extra
