Mudcat Café Message Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafeawe



User Name Thread Name Subject Posted
aussiebloke BS: Amish virus (15) RE: BS: Amish virus 24 Mar 01


Virus hoaxes and chain letters drive me bananas - and I feel a moral obligation to debunk them or ignore them on every occasion - anything but pass them on. I got a classic of the genre recently, from a newbie who became sufficiently anxious that he retyped pages and pages of the nonsense, poor feller - I tried to let him down gently, and he appreciated the information - but not all who get similar feedback take it so graciously. Some folks seems to thinks that they are saving me from the boogie-man, and are dissapointed that I no longer believe in him/her/it.

If you feel moved to forward 'to every one on your list' every breathless hoax and chain-letter that lands in your e-mail box - you may have Compulsive Forwarding Syndrome - therapy is available.

The particular hoax I recieved mentioned not just one big bad nasty virus - it had a mish-mash of numerous hoaxes and infoblah about some real viruses all rolled into one...

If you get a virus hoax, you might consider returning to the sender something like the guff below - with the suggestion that they forward similar debunking and empowering info - and a 'virus hoax retraction notice' to every one on THEIR bloody list.



Dear "insert name of person who sent you the hoax"

While I appreciate all the trouble that you have gone to in forwarding this information about viruses (?virii), sorry to inform you that you have been the victim of a hoax. There are dozens of these hoaxes that circulate, and they do worry people... Virus hoaxes are really interesting in themselves - part of email & internet culture.

I've taken the opportunity to do some current virus research based on this list - below are the findings and some comments about hoaxes, viruses and the world in general. Hope this is of some interest to you.

Of the viruses (with repeats) mentioned - it appears that only five (5) are real viruses, 20 or so are hoaxes. Some of the names are very close to the names of real viruses. It is a great letter, a classic of the hoax genre, but not a scholarly work.

Here is a reference to the letter you retyped. http://www.stiller.com/perrin.htm

The best thing to do when you get a hysterical warning about this-or-that virus is to just ignore it, or if you are keen to check to see whether it really exists or not at a reputable virus information site - I use and recommend: http://www.symantec.com/ or http://www.datafellows.com/

They each have an on-line encyclopaedia of viruses, and if between them they don't list the virus, it probably doesn't exist. I ran each of the virus names through the search function at both sites.

They both list perrin.exe as essentially a hoax.

Datafellows offer a FREEBIE download of f-prot (a virus checker) and regular virus free definition updates.
Symantec offers the service of doing a FREEBIE live scan of your hard-drive looking for viruses and trojan horses.



>>>Please, send this information to every person in your address book!!!!!!
Anything that says 'please send this to everyone in your address book' is usually a hoax, written in the breathless and hysterical language of an excitable 14 year old, the usually excessive number of exclamation marks are also a bit of a giveaway.

>>>If you receive an e-mail that reads "Upgrade Internet" do not open it, as it contains an executable file named "perrin.exe" it will erase all the data in your hard drive and it will stay in your memory.
All hoaxes use big big threats, or does 'stay in your memory' that mean that I won't forget the event?

>>>Every time that you upload any data, that data will be automatically erased and you will not be able to use your computer again.
Not even as a paperweight?

>>>This information was published yesterday in the CNN site.
Hoaxers quote 'pseudo-respectable' 'recognise-the-brand-name' type sources - I have searched the CNN web site, they don't mention the perrin.exe virus.

>>>This is a very dangerous virus.
Oooh, be scared... Hoaxers want to scare you...
This is not just a dangerous virus, but a very dangerous virus - the difference being?

>>>To this date. There is no known antivirus program for this particular virus please, forward this information to your friends, so that they will be on the alert, also check the list below, sent by IBM with the names of some e-mails that, if received. SHOULD NOT BE OPENED and must be deleted immediately. Because they contain attached viruses.
Again the use of a reputable source to give credibility to the hoax.
There's that 'recognise-the-brand-name' - IBM this time.
I searched the IBM site - no reference to perrin.exe
Isn't the grammar spectacular?

>>>This way your computer will be safe.
I keep my computer safe by locking the front door when I go out, but seriously folks...



Virus Prevention, as described by Symantec
Never open email from people who you don't recognize, and download only from sources with which you are familiar. Scan all email attachments and downloads before opening them. And, since new viruses are created daily, update your virus definitions frequently.

This is what I do with attachments...
If I get an attachment sent to me - word *.doc, excel spreadsheet *.xls, *.gif, *.jpg, especially *.exe or *.vbs or whatever, I move the file from the e-mail system, (either Outlook Express or Hotmail), to the desktop WITHOUT opening it, and I don't double-click it to open it until I have run my virus checker over it - even if it comes from a friend or a so-called reputable source. I've found virii from mates and from other sources by this method. If the document scans as having a virus I just drop it in the bin, and give feedback to the sender.



The hoax then went on and on and listed a heap of virussy sounding names...
I did a search for each of these so-called viruses at the two virus info sites:

1) buddylst.exe
Symantec: not listed
Datafellows: hoax

2) calcul8r.exe
Symantec: not listed
Datafellows: not listed

3) deathpr.exe
Symantec: hoax
Datafellows: not listed

4) einstein.exe
Symantec: hoax
Datafellows: not listed

5) happ.exe
Symantec: hoax
Datafellows: not listed

6) girls.exe
Symantec: possible name for the hybris worm virus
http://www.europe.f-secure.com/v-descs/sonic.shtml
Datafellows: possible name for the hybris worm virus

7) happy99.exe
Genuine Trojan!
Info here:
http://www.stiller.com/happy99.htm
http://www.symantec.com/avcenter/venc/data/happy99.worm.html

8) japanese.exe
Symantec: close, it lists Japanese Xmas, but not japanese.exe
as a Non-resident COM-files virus
Datafellows: hoax

9) keypress.exe
Genuine virus!
Symantec: hoax
Datafellows: Resident COM/EXE-files
http://www.europe.f-secure.com/v-descs/keypress.shtml

10) kitty.exe
Symantec: hoax
Datafellows: close again...
lists kit.exe as a virus, not kitty.exe

11) monday.exe
Symantec:
Datafellows: lists one called Monday 1st -
a rare Russian nuisance virus
http://www.europe.f-secure.com/v-descs/beware.shtml

12) teletubb.exe
Symantec: hoax
Datafellows: not listed

13) The Phantom Menace
Symantec: hoax
Datafellows: lists a Phantom, not Phantom Menace virus.

14) prettypark.exe
Worm virus!
Symantec:
http://www.symantec.com/ns-search/techsupp/bulletin/archive/nav/0699navspc1.html?NS-search-set=/3a891/aaac7aidm8912d0&NS-doc-offset=12

Datafellows:
http://www.europe.f-secure.com/v-descs/prettyp.shtml

15) UP-GRADE INTERNET
Very current - travels in a picture of Anna Kournikova
filename: AnnaKournikova.jpg.vbs
Symantec: http://www.symantec.com/avcenter/venc/data/vbs.sst@mm.html
Datafellows: not listed

16) perrin.exe
Symantec: no listing
Datafellows: no listing

17) I love You
Genuine VBScript Worm!
Info here:
http://www.stiller.com/lovelet.htm
Datafellows:
http://www.europe.f-secure.com/v-descs/love.shtml

18) Snow White and the Seven Dwarfs
Symantec: not listed
Datafellows: not listed
Is this the hahaha virus now doing the rounds?

19) CELCOM Screen Saver or CELSAVER.EX
Symantec: not listed
Datafellows: not listed

20) Win a Holiday (e-mail)
Symantec: not listed as win a holiday, just 'holiday'
http://www.symantec.com/avcenter/cgi-bin/virauto.cgi?vid=3282
Datafellows: not listed

21) JOIN THE CREW 0 PENPALS Subject: Virus
Symantec: 'Crew' virus is listed, not 'join the crew'
Datafellows: hoax
http://www.europe.f-secure.com/v-descs/jtcrew.shtml

As if the endless list of hoax and real viruses wasn't enough, this hoax went on and on...

>>>Announced by Microsoft
There's that reference to an 'authority'

>>>This is VERY SERIOUS!! Please forward to everyone you know.
There's that phrase again...

>>>There is a virus out flow being sent to peopIe via E-mail. lt is considered the A.l.D.S. VIRUS of computers. It will destroy your memory, sound card and speakers, your drive and it will infect your mouse or pointing device as well as your keyboards, making it so that you can't type and it will not register on the screen. It seIf-terminates onIy after it eats 5MB of hard drive space and will delete all programs.
Ah sure, and it will make my ice-cream go all squishy.


>>>It will come via an E-mail called "(OPEN. VERY COOL!:)"
Very cool not listed anywhere.

>>>Pass it on QUICKLY AND TO AS MANY PEOPLE AS POSSIBLE.
Classic ingredient of the hoax...

>>>Very Urgent-Must Read
Sure...

>>>Please. If you receive an E-mail Titled Win A Holiday' DO NOT open it. >It wilI erase everything on your hard drive.
OK - now I'm really scared...

>>>Forward this letter out to as many people as you can.
Nope, they deserve better information than this nonsense.

>>>This is a new, very malicious virus and not many people know about it.
Oo-ooh a 'secret virus?'

>>>This information was announced yesterday morning from Microsoft.
Reference to authority again.

>>>Niel Ferrick
Izzat how you spell Neil? I know Niel - he doesn't work there...

>>>Compaq Computer Corporation
Reference to authority again.


So how come, when you actually go to the trouble of looking on the Microsoft, , Compaq, IBM websites they each know nothing about most of this stuff? Cos it simply isn't true. Mostly it is a hoax.

While some of the names above may be actual viruses, what is the purpose of circulating or reading an inaccurate and incomplete partial list out of the 53 000 known viruses - you gonna start writing them down?

Take universal precautions against all viruses at all times, and you can't go wrong. When any disc is handed to you - think virus. If you download a file from the net - think virus. Use your virus checker with up to date definitions on any floppy disc, and on any other incoming file - particularly from an unknown email sender.

Quarantine and check files before opening - even from known sources.

Or, to figure out when to run a virus checker, think of it this way: at what point do you put the condom on?
The night before is a bit keen - the morning after and you are a bit late...

cheers

aussiebloke




Back to the Main Forum Page

By clicking on the User Name, you will requery the forum for that user. You will see everything that he or she has posted with that Mudcat name.

By clicking on the Thread Name, you will be sent to the Forum on that thread as if you selected it from the main Mudcat Forum page.

By clicking on the Subject, you will also go to the thread as if you selected it from the original Forum page, but also go directly to that particular message.

By clicking on the Date (Posted), you will dig out every message posted that day.

Try it all, you will see.