Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
For the last couple weeks I have been getting a couple messages a day from
NIS telling me that a file is infected on my computer.  It deletes it every
time.  It seems to happen when I get my mail.  Should I be worried?  The
files in question are named something like cc42.tmp.  Im using winxp with
service pack 2, OE 6.00, and NIS2005.  I suspect it is 'just' someone
sending me virus spam which is then blocked by norton, but I worry because
this only just started the last few weeks.  Should I be worried, and is
there a way to stop it?

Re: W32.Netsky.P@mm

In news: Adam Russell typed:
Quoted text here. Click to load it

No as long as NIS is blocking it.

Quoted text here. Click to load it

Adam, the only way to stop it is to report the IP address of the infected PC
to the ISP that the virus is sent from.

You will have to learn how to read email headers and learn how to decode
where the virus came from.

Helpful tools are SamSpade and emailabuse.org:
http://www.samspade.org/t /
http://www.emailabuse.org /

Re: W32.Netsky.P@mm

Adam Russell wrote:
Quoted text here. Click to load it

Start using Firefox for your browser and Thunderbird for your e-mail.
Here is a quote from Panda-
"Netsky.P is automatically activated when the e-mail message is viewed
through Outlook's Preview Pane. It does this by exploiting a
vulnerability in Internet Explorer, which allows e-mail attachments to
be automatically run. This vulnerability exploit is known as
Virus Removal Instructions: http://home.neo.rr.com/manna4u /
You can find my e-mail address on my pages.

Re: W32.Netsky.P@mm

What's in a name?,

Since the OP is using IE version 6.x, the issue you discuss is not
applicable. The following is quoted from the text available at;


(Begin Quote)
Microsoft Security Bulletin (MS01-020)
Incorrect MIME Header Can Cause IE to Execute E-mail Attachment
  Does this vulnerability affect IE 6?
No. You can eliminate the vulnerability by upgrading to IE 6. However, if
you are running Windows 95, 98, 98SE or ME, you should be aware that you
will need to install IE 6 in a certain way. Specifically, you will need to
choose either the Full Install or Typical Install option. (The default
installation type is Typical Install). If you choose Minimal Install or
Custom Install, the files containing the vulnerability might not be
upgraded, and your system could remain vulnerable.
Customers running Windows NT 4.0, Windows 2000, or Windows XP do not need to
concern themselves with this contingency, as IE 6 does not provide either a
Minimal or Custom Install option when installing on these systems. Any
upgrade to IE 6 on one of these systems would fully eliminate the
vulnerability. More information on this is available in Knowledge Base
article Q308411.
(End Quote)


Quoted text here. Click to load it

Re: W32.Netsky.P@mm

Sir_George wrote:
Quoted text here. Click to load it

That still doesn't change the fact that the OP would be safer using
another browser(Firefox) and e-mail client(Thunderbird).
Virus Removal Instructions: http://home.neo.rr.com/manna4u /
You can find my e-mail address on my pages.

Site Timeline