Hello All,

Has anyone here been hit by the sobig.f virus?

I don't think I've been infected. My e-mail service blocked the first infected e-mail attachment that I tried to open, and I've deleted each message ever since. I looked up the virus on the internet, and searched my computer for any files that the virus may have installed. I did not find any questionable files.

I say that I "THINK" that my computer is not infected. I've received some e-mail messages from people and companies whose e-mail client or server says that it received an infected e-mail message from my address. Maybe one out of every 30 or 40 virus-related messages are like this. Being that other people or companies seem to be receiving [occasional] infected e-mail from my address, could this mean my address is "slightly" infected?

Although I "think" that I am not infected by the sobig.f virus, I definitely am affected by it. I've probably received and deleted 150 or so infected e-mail messages.

Anybody else affected, and to what extent?

I don't think I've been infected. My e-mail service blocked the first infected e-mail attachment that I tried to open, and I've deleted each message ever since.
Don't open attachments. Not unless you're expecting them. Not unless the message is from someone you know AND it's a detailed message that references that there is a file attached. Even then, get a virus scanner that checks attachments before you open them.

I looked up the virus on the internet, and searched my computer for any files that the virus may have installed. I did not find any questionable files.
You're probably okay then, but I'd still get a virus scanner, update it with the latest definitions, and run it.

I say that I "THINK" that my computer is not infected. I've received some e-mail messages from people and companies whose e-mail client or server says that it received an infected e-mail message from my address.
Frequently virus emails "spoof" the "from" address. So let's say person A's computer is infected. The virus will look through their address book, and send out more virus emails to all the people in the address book. But it might make it look like the email came from someone *else* in that address book. Note that viruses don't just look through address books, but also text files, etc, for email addresses to use.

Maybe one out of every 30 or 40 virus-related messages are like this. Being that other people or companies seem to be receiving [occasional] infected e-mail from my address, could this mean my address is "slightly" infected?
Either you are infected, or you're not. Run an up-to-date virus scanner to be sure.

Although I "think" that I am not infected by the sobig.f virus, I definitely am affected by it. I've probably received and deleted 150 or so infected e-mail messages.

Anybody else affected, and to what extent?
That's one of the annoying things about virus emails. Plus, knowing that it means that *somebody* was blindly opening attachments.

Another suggestion: Open up an explorer window. Go to Tools > Folder Options (this is for XP - search Help for "folder options" on older versions, I don't remember where it is). A multi-tabbed window should open up. Go to the "view" tab. Look for the "Hide extensions of known file types". Turn this setting OFF. Off off off. I can't stress it enough. Off.

If you get an attachement with an .exe (a program), a .pif, .scr, or a few other extensions you don't recognize, don't open it. Even if it came from someone you know. Especially .pif and .scr. I've NEVER been legitimately sent a file with these extensions.

One thing that some viruses do (not this one), is to send you a file that like "cuteimage.jpg.pif". If you have "Hide extensions" on, what happens is that all you'll see is "cuteimage.jpg", because it's hiding the .pif part. So it looks like a benign image file when it isn't.

It's one of the first settings I change on my computers (or my parents...)

My company's email servers have so far blocked 2500+ instances of the virus just since Tuesday. Nuts! Even if you aren't infected with the thing you still have to deal with huge chunks of bandwidth going POOF!

The way that many of these viruses work is by email "spoofing", which means that the virus is capable of capturing email addresses from an infected computer and then sending copies of itself out that spoof the "sender".

So if my address is in my friend's address book in Outlook, and he gets hit with the virus, a bunch of emails are sent that say they're from me. While my system is not infected, I still get a bunch of "undeliverable" or "rejected due to virus" emails coming back to ME, because the software that receives the infected mail thinks that I sent it.

Usually, when you're infected with a virus, there are certain files that they change, and you can go to the McAfee or Norton sites to find out what they are and then check your computer.

Personally, I don't open ANY attachment, for any reason, unless I'm expecting it, and know what it is. Period. I also don't use Outlook, I use "The Bat! (http://www.ritlabs.com/the_bat/index.html)", which is excellent and very powerful.

There are four simple steps for keeping virus free:

1) Install a firewall. Hardware is preferred, but even www.zonealarm.com has a free one that works. Windows XP has one too, but it's not very friendly.

2) Keep your Windows XP computer up to date with the automatic updates. If all Windows XP users had done this, Blaster would have had little impact. It drives me insane when I see people ignoring the critical update patches. I mean, how much more obvious can it be? If it says CRITICAL UPDATE, install it!

3) Use Outlook XP for email. It's far more secure than previous versions of Outlook, and blocks most of the virus carriers (.pif, .bat, etc.) by default. It's pure FUD that somehow Outlook is a "virus haven" - it's simply targeted the most often because it's the most popular.

4) Virus scanners are helpful, but not necessary if you're careful about what you open. I haven't had a virus in 5+ years, and I've never used a virus scanner. But I still recommend them for everyone else's computer. ;-)

3) Use Outlook XP for email. It's far more secure than previous versions of Outlook, and blocks most of the virus carriers (.pif, .bat, etc.) by default. It's pure FUD that somehow Outlook is a "virus haven" - it's simply targeted the most often because it's the most popular.
I haven't used Outlook (I use Mozilla) - a lot of the problem is that it seems to automatically open attachments when the email is opened to be read. Mozilla doesn't do that. Is there a way to turn that off so you can read the email w/o opening the attachment?

Thanks Kati and Surgical Snack for the suggestions.

That's one of the annoying things about virus emails. Plus, knowing that it means that *somebody* was blindly opening attachments.


I easily could have been one of those *somebodies*. Tuesday morning I opened one the these messages and clicked on the attachment, but my on-line e-mail client, Yahoo!, not only warned me about the virus, but also gave me the name of the virus it detected. If I had done this at home, I would have downloaded the message into Outlook, and then opened the attachment and gotten infected.

I rarely receive attachments in my e-mail messages (other than on junk mail...which I usually just delete without opening them). This message was something that I was kind of expecting, and that why I may have been quick to click on the attachment. However, it was quite suspicous to see that I had received 10 other messages within minutes of each other, and with similar attachments.

As computer literate that I think [or thought] I am [or was], I have yet to install a virus protection program on my computers. Call me extremely careful, extremely lucky, or just plain irresponsible, but I haven't been infected with anything serious [yet]. I know I have to do it, but I've been putting it off...(kinda like my doctor's appointments).

I haven't used Outlook (I use Mozilla) - a lot of the problem is that it seems to automatically open attachments when the email is opened to be read. Mozilla doesn't do that. Is there a way to turn that off so you can read the email w/o opening the attachment?

I don't recall any version of Outlook ever doing that - Outlook XP certainly doesn't to that in any way. It WILL load HTML, but it won't run ActiveX controls. So this does leave you vulnerable to JavaScript attacks, but those are pretty rare. I can't remember an instance where previewing an HTML message has caused any problems. That said, I use the autopreview function in my Inbox so I can tell when something is a legitimate email before opening it.

1) Install a firewall. Hardware is preferred, but even www.zonealarm.com has a free one that works. Windows XP has one too, but it's not very friendly.


[This might be deserving of a separate thread besides the sobig.f thread]

Being that I currenlty don't have a Firewall or Virus Scanner installed, are you saying I can get by with just a Firewall?

I installed Zonealarm when I first got my DSL Internet connection. Zonealarm seemed to work just fine, but it, along with Internet Connection Sharing (ICS), seemed to really slowdown my primary computer. I uninstalled Zonealarm (and turned off ICS) after I set up my Wi-Fi access point/router assuming that the router would act as a sufficient firewall. Is this a safe assumption, or should I consider installing a firewall on each computer attached to the router?

There are four simple steps for keeping virus free:

1) Install a firewall. Hardware is preferred, but even www.zonealarm.com has a free one that works. Windows XP has one too, but it's not very friendly.
Yes.

2) Keep your Windows XP computer up to date with the automatic updates. If all Windows XP users had done this, Blaster would have had little impact. It drives me insane when I see people ignoring the critical update patches. I mean, how much more obvious can it be? If it says CRITICAL UPDATE, install it!
YES. I would recommend another operating system, but if you're going to use Windows INSTALL THE PATCHES. Doing so ensures you have a relatively secure OS.

3) Use Outlook XP for email. It's far more secure than previous versions of Outlook, and blocks most of the virus carriers (.pif, .bat, etc.) by default. It's pure FUD that somehow Outlook is a "virus haven" - it's simply targeted the most often because it's the most popular.

I have to disagree with this.. Outlook is bloated, slow, and insecure (though it has lots of nifty features). If you don't make heavy use of Outlook's PIM functions, check out Mozilla Mail, Thunderbird, or The Bat.

4) Virus scanners are helpful, but not necessary if you're careful about what you open. I haven't had a virus in 5+ years, and I've never used a virus scanner. But I still recommend them for everyone else's computer. ;-)
Agreed.. I've never used a virus scanner... just be careful, don't ever open attachments that are executable, and you should be ok.

I uninstalled Zonealarm (and turned off ICS) after I set up my Wi-Fi access point/router assuming that the router would act as a sufficient firewall. Is this a safe assumption, or should I consider installing a firewall on each computer attached to the router?

If you have a gateway/router device with a Firewall, that's good enough - you don't need to have a software firewall on each computer behind that main firewall. The only advantage would be if you wanted to track/block OUTGOING packets (ie: watch which programs ask for Internet access, etc.), which hardware firewalls don't really do because they generally don't have client-side components. This is overkill for most people.

I have to disagree with this.. Outlook is bloated, slow, and insecure (though it has lots of nifty features). If you don't make heavy use of Outlook's PIM functions, check out Mozilla Mail, Thunderbird, or The Bat.

I think that's pure FUD and challenge you to proove it. :takethat:

Bloated? How so?
Slow? It loads in about 2 seconds for me, and that's with an 800 MB PST file.
Insecure? How so? Just because it's the target of some virus attacks doesn't mean it's insecure. It's been a while since I've seen an Outlook-specific virus anyway - Blaster

Besides, considering this is a Pocket PC site, don't you think that most people ARE making use of all the PIM functions in Outlook? ;-)

If you have a gateway/router device with a Firewall, that's good enough - you don't need to have a software firewall on each computer behind that main firewall.

Thanks for the advice. Now it seems that I can get by without having to buy firewall or virus scan software (as long as I am careful with opening attachments).

I haven't used Outlook (I use Mozilla) - a lot of the problem is that it seems to automatically open attachments when the email is opened to be read. Mozilla doesn't do that. Is there a way to turn that off so you can read the email w/o opening the attachment?
I don't recall any version of Outlook ever doing that - Outlook XP certainly doesn't to that in any way. It WILL load HTML, but it won't run ActiveX controls. So this does leave you vulnerable to JavaScript attacks, but those are pretty rare.
There were some worms that exploited bugs in the HTML renderer that would auto-open attachments, but as long as you're up to speed on critical updates, you should be OK.

XP uses zones, so it should block JavaScript vulnerabilities, if you're up-to-date on it.

--janak

1) Install a firewall. Hardware is preferred, but even www.zonealarm.com has a free one that works. Windows XP has one too, but it's not very friendly.
Well, you can live without a firewall, as long as you keep your computer patched and if you have good antivirus protection.

4) Virus scanners are helpful, but not necessary if you're careful about what you open. I haven't had a virus in 5+ years, and I've never used a virus scanner. But I still recommend them for everyone else's computer. ;-)
8O 8O 8O

You guys don't use virus scanners, at least as a backup? I must have gotten quite a few Word documents that are infected. While you can disable macros while opening, what if you want to pass that document on? Even better example -- I occasionally get Excel sheets I want to enable macros for. I've always used an antivirus program, and always will.

I guess the moral of the story is to have either #1, #4, or preferably, both. ;)

--janak

You guys don't use virus scanners, at least as a backup?
I just started using a router/firewall about a year ago, I've never used a virus scanner, and I've never gotten a virus. I also don't work with many documents that I don't create myself, so my risk is perhaps lower than it might be for others.

That being said, I think that a healthy dose of common sense goes a long way toward virus prevention. If something looks fishy, don't open it, or download it. And set the "fishy" bar very high. :mrgreen:

Well, you can live without a firewall, as long as you keep your computer patched and if you have good antivirus protection.

http://www.nd.edu/~anelson/mr%20T.jpg

<Mr. T Voice>Whatcha' talkin' 'bout fool??!</Mr. T Voice> I'd NEVER suggest that anyone with an always-on connection run without a firewall. There are just too many potential security holes, whether it's on an OS or application level. If some hacker finds your IP, he'll keep poking at you until he finds something he can exploit. Unlike virus protection, where common sense and knowledge can protect you from most viruses, that same knowledge can't protet your computer when you're away from it. Firewalls are a must-have IMO.

You guys don't use virus scanners, at least as a backup?

Nope. I'll sometimes go to www.antivirus.com and use their browser-based scanner if I'm suspicious of a disk or if I think I might have picked up a virus, but the system drag that most anti-virus scanners introduce sucks and I prefer to run lean 'n mean.

I can't understand not having a firewall and an antivirus program. If you don't have them both, at some point in time you WILL get a virus and you WILL be hacked. Even if you are OK with this, your computer could then be used in an attack against another computer. I believe it is a matter of time before you will be held legally accountable if your computer is used by a hacker if you have not taken some steps to secure your computer. I believe it will be found similar to leaving a loaded gun unsecured. You may not agree with me, but do you really want to be the test case? Especially when there are free solutions available. If you run AVG Anti-Virus (free) and ZoneAlarm (free) and periodically get the updates, you have gone a long way to protecting your computer.

I can't understand not having a firewall and an antivirus program.

Firewalls, yes. Anti-virus programs? They slow down system performance, at least a little, and I'm very, very picky about what I let run in RAM. I do, however, recommend anti-virus programs for 99% of the people I know, because I don't have confidence that they won't open up an email attachment they shouldn't.

Firewalls, yes. Anti-virus programs? They slow down system performance, at least a little, and I'm very, very picky about what I let run in RAM. I do, however, recommend anti-virus programs for 99% of the people I know, because I don't have confidence that they won't open up an email attachment they shouldn't.
Amen! My thoughts exactly. Every antivirus program I've seen is a memory hog.

It just doesn't seem a fair trade to me to slow my system down that much, CONSTANTLY, just so software can detect a virus in an attachment that I wasn't going to open anyway.

Firewalls, yes. Anti-virus programs? They slow down system performance, at least a little, and I'm very, very picky about what I let run in RAM. I do, however, recommend anti-virus programs for 99% of the people I know, because I don't have confidence that they won't open up an email attachment they shouldn't.

Not just e-mail, I would imagine that you load alot of software that you download from the web for testing. Do you trust every source you hit for software 100%? I even remember a DVD was issued a few years ago that had a virus on it.

If you are particular about system performance, AT LEAST have one and don't leave it on, but run it manually on any new files/media and run a total scan every once in a while.

<Mr. T Voice>Whatcha' talkin' 'bout fool??!</Mr. T Voice> I'd NEVER suggest that anyone with an always-on connection run without a firewall.
Not necessarily. I do networks for a living, I've programmed network services for a living, I've read and written papers on network security, and I know what services my machines are offering. Just like virus scanners are a backup line of defense, so are firewalls. I've had boxes of various flavors on the 'net for many years and they haven't gotten hacked, and I fully intend that they won't, either. In fact, exposed boxes makes it much easier for my research code to run (and, no, I'm not writing worms :lol:).

If some hacker finds your IP, he'll keep poking at you until he finds something he can exploit.
Not if you don't have anything exposed that he can't exploit. A firewall is not a panacea for everything! For example, if you're running IIS on port 80, and you want to offer services to the web, you must poke a hole in that firewall. It's also notable that about 50% of Windows remote exploits have been through IIS. Virtually no hardware firewall is going to help against that. (Yes, I know about DMZes, I'm simplifying the discussion, and I also know that there are special "firewall-like" tools for IIS, like URLScan, or reverse proxies; I'm not referring to those.) Another example: if you haven't patched your Windows box and you're using IE, receiving HTML mails or visiting certain sites can be disastrous, firewalls or no.

Now, for the average end-user, a firewall is a good idea. So is an antivirus program.

Nope. I'll sometimes go to www.antivirus.com and use their browser-based scanner if I'm suspicious of a disk or if I think I might have picked up a virus, but the system drag that most anti-virus scanners introduce sucks and I prefer to run lean 'n mean.
See... I take attitude towards antivirus programs that you guys take towards firewalls. I don't want to have to think extra about attachments. I have to exchange Word documents fairly frequently, and I strongly prefer the protection that Norton Antivirus gives me.

Not just e-mail, I would imagine that you load alot of software that you download from the web for testing. Do you trust every source you hit for software 100%? I even remember a DVD was issued a few years ago that had a virus on it.
Great point. :)

--janak

There is no 100% solution. I audit IT for a living. If the IT people at your bank said they did not use firewalls and anti-virus because they had properly configured their machines and knew exactly what services were enabled, had great user training so their users did not open or download anything excet that which was 100% trusted, would you feel comfortable? Firewalls and anti-virus are extra lines of defense. Again, it is not 100%, but if EVERYONE had antivirus and firewall and kept their software patched and up to date, we would not have anywhere near the incident of attacks that we have now.

If the IT people at your bank said they did not use firewalls and anti-virus because they had properly configured their machines and knew exactly what services were enabled, had great user training so their users did not open or download anything excet that which was 100% trusted, would you feel comfortable?
Note I was referring to myself. ;) Quite frankly, I would only really feel comfortable if the banking machines were 100% disconnected from the Internet. Firewalling and antivirus are far from enough for a banking environment.

Firewalls and anti-virus are extra lines of defense. Again, it is not 100%, but if EVERYONE had antivirus and firewall and kept their software patched and up to date, we would not have anywhere near the incident of attacks that we have now.
Absolutely.

--janak

Note I was referring to myself. ;)
--janak

I caught that. And it is probably true for you. But alot of people make that same arguement for themselves when it is not true. Like I said, I audit this stuff for a living, and would not dream of not having security in place. There are lots of good reasons to have firewall/anti-virus and not many not to have it.

There are lots of good reasons to have firewall/anti-virus and not many not to have it.
Agreed, and it'll be interesting to see what MS does in this regard. Rumor has it that XP SP2 will enable the firewall by default, and they just bought out an antivirus company. I think they're finally starting to recognize the cost of an out-of-box default XP install that someone brings home.

--janak

As much as I hate to say it, the only way to get Joe Blow to install security is to have it by default. Microsoft needs to install a firewall/anti-virus by default (and as you said, they may be preparing to do so). I also read somewhere that they are thinking about changing the default so Windows updates are automatically downloaded and installed.

As much as I hate to say it, the only way to get Joe Blow to install security is to have it by default.
Well, these are just first steps, frankly. The next step, and it's a biggie, is to not allow average users to run with Administrative permissions on a computer. Software installs should allow privilege elevation to Administrator just to finish, and then the user should be able to run in a nonprivileged environment; this way, worms/viruses or even spyware can't install themselves deep into the system. (Frequently, this is how UNIX machines are configured, and that's why they're a bit more secure against things like email-based viruses and worms.) But yes, I'm glad to see Microsoft finally starting to seize the initiative.

--janak

I haven't used Outlook (I use Mozilla) - a lot of the problem is that it seems to automatically open attachments when the email is opened to be read. Mozilla doesn't do that. Is there a way to turn that off so you can read the email w/o opening the attachment?

I don't recall any version of Outlook ever doing that - Outlook XP certainly doesn't to that in any way. It WILL load HTML, but it won't run ActiveX controls. So this does leave you vulnerable to JavaScript attacks, but those are pretty rare. I can't remember an instance where previewing an HTML message has caused any problems. That said, I use the autopreview function in my Inbox so I can tell when something is a legitimate email before opening it.

A while back, Outlook and Outlook Exprss had to be patched against a vulnerability wherein an EXE was imbedded and identified as, for example, a WAV file type which would be previewed. the HTML e-mail was read or previewed, and instead of the EXE being shown as an attachment, it was launched.

Can't remember the original virus which exploited this, but I've seen several examples hit my domain since 2002, maybe late 2001.

Not just e-mail, I would imagine that you load alot of software that you download from the web for testing. Do you trust every source you hit for software 100%?

Yes, as a matter of fact I do. :-) I've never had a virus come from an infected download in all the years I've been using a computer. I've heard of it happening, but never to me. ;-)

I've had boxes of various flavors on the 'net for many years and they haven't gotten hacked, and I fully intend that they won't, either. In fact, exposed boxes makes it much easier for my research code to run (and, no, I'm not writing worms :lol:).

Janak, if the recent Blaster outbreak has taught us anything it's these two things:

1) Not enough people have firewalls - too many computers have port 135 exposed

2) Not enough people are updating their systems via Windows Update

You can install a firewall once and solve problem #1, even if the user never updates their system again. Yes, they'll still be vunerable to email viruses, HTML exploits, etc., but not to something like Blaster. #2 should be easy enough you'd think, but it's obvious that people don't update their systems like they should. Be it bandwidth, ignorance, whatever - but they're not doing it.

If given the choice between putting up a firewall that will stay up and the person never needs to think about it, or constantly having to remember to apply the patches, the wisdom of a firewall becomes more apparent. Not everyone has the brag-list of computer skills that you have, nor are they capable of hardening a box to the degree that it can sit on a static IP and not get hacked at.

I'm not saying that firewalls are the answer to everything, but neither are anti-virus programs. I found it relatively easy to educate my mother-in-law on what types of attachments not to open, but installing a firewall was a much easier task than trying to explain to her what a virtual port was. ;-)

You can install a firewall once and solve problem #1, even if the user never updates their system again.
Assuming the user never gets another machine behind the firewall. One of the most common sources of the spread of Blaster was the introduction of an infected laptop "behind the firewall". Additionally, if you never update your system, you're vulnerable to "auto-opening" email attachments, again which a firewall does not stop. An example of this is Bugbear (http://www.symantec.com/avcenter/venc/data/[email protected]), which was extremely widespread a few months ago. Even if Outlook/Outlook Express was up-to-date, the attachment could autoexecute: it was a bug in the HTML renderer, which is an IE control. I predict that Blaster (or a future big worm) will one day reappear as a "hybrid" worm, which will transmit over email as well as RPC scanning, which it can do behind the firewall. I'm surprised no one has tried it yet.

I'm not saying that firewalls are the answer to everything, but neither are anti-virus programs. I found it relatively easy to educate my mother-in-law on what types of attachments not to open, but installing a firewall was a much easier task than trying to explain to her what a virtual port was. ;-)
Your mother-in-law is very smart then, compared to my customers. ;) We absolutely always install antivirus as a hard, absolute requirement.

Incidentally, Blaster will not infect your system if you have an up-to-date antivirus program installed -- it will quarantine it before it has a chance to run. :) I actually had a machine at a customer which was unpatched, but the virus software caught it and emailed me immediately. (The problem, of course, is if you got Blaster before the antivirus definitions were available.)

Have we come full circle on the argument yet? :lol: For those of you who are unsure, by all means make sure you install a firewall, have updated antivirus definitions, and keep your machine updated via Windows Update. For "experts" like Jason or I, you might be able to do without one or the other, but only if you really know what you're doing. ;)

--janak

To veer slightly towards the topic :wink:

There's a pretty good description of Sobig in the latest Woody's Office Watch (http://www.woodyswatch.com/office/archtemplate.asp?current). It explains why people are getting loads of messages that might make them think they're infected and are spreading the worm.

#2 should be easy enough you'd think, but it's obvious that people don't update their systems like they should. Be it bandwidth, ignorance, whatever - but they're not doing it.

I think this is a big problem. Most of my family has dial up. A few have purchased new computers this year. Vendors don't update their install of XP when new patches come out, so a new machine is just a vanilla install. They don't want to wait on the dialup download, so they usually just want to skip it. Instead, I usually go to their house and get the box, take it to my house, hook it up to my network and do a much quicker download. Why can't microsoft make the patches downloadable to a CD or make the vendors keep the systems up to date?

I started getting these a couple days ago. At first I didn't know what it was: I got a dozen messages from [email protected] saying I mailed some people and that the messages were undeliverable. Had topics like That Movie RE: Details and such, so I knew something was up.

Thankfully, I'm not stupid enough to open them. And even if I wanted to, the attachments seemed to be filtered out already, so that's a good thing.

This one seems really nasty: i've never seen one spread so fast.. goes to show there's plenty of stupid people out there who, despite all warnings, still open these attachments. They should fu**ing know better by now!

***Post edited by moderator SJC for language 8/22/03 9:25 EDT

I do, however, recommend anti-virus programs for 99% of the people I know, because I don't have confidence that they won't open up an email attachment they shouldn't.

How right you are Mr. Dunn. I don't run an antivirus program, because I know that you can't catch everything, and things like that Blaster worm or this Sobig thing will get past it on occasion unless you update it like every other day. For the record, I've never had a virus in all my years of computing.

Common sense goes a long way in computing: if it looks fishy, it gets trashed. Unless someone told me they were sending me something, and the email specifically has my name in it, the name of the sender, the name of the file that's attached, and a good explenation of why they're sending it to me: It's bye bye file.

This one seems really nasty: i've never seen one spread so fast.. goes to show there's plenty of stupid people out there who, despite all warnings, still open these attachments. They should fu**ing know better by now!

Unfortunately these latest worms are very sneaky. Yesterday I found a really good deal on Norton SystemWorks and Firewall. So I uninstalled ZoneAlarm last night and installed NF. After the installation and reboot NF asked me to go online to register. But it doesn't activate itself first! In the 40 seconds it took to register I'd caught the Welchia worm. Luckily NAV splattered it before it could do anything. But it just goes to show how easy it is to get got.

I have to disagree with this.. Outlook is bloated, slow, and insecure (though it has lots of nifty features). If you don't make heavy use of Outlook's PIM functions, check out Mozilla Mail, Thunderbird, or The Bat.

I think that's pure FUD and challenge you to proove it. :takethat:

Bloated? How so?
Slow? It loads in about 2 seconds for me, and that's with an 800 MB PST file.
Insecure? How so? Just because it's the target of some virus attacks doesn't mean it's insecure. It's been a while since I've seen an Outlook-specific virus anyway - Blaster

Besides, considering this is a Pocket PC site, don't you think that most people ARE making use of all the PIM functions in Outlook? ;-)

'FUD'? Oh please. I don't deal in such things.

Bloated. Uhm.. yes, very.

Slow? Takes around four seconds to load on my machine, and frequently hangs. (2.4GHz P4b, 2 gigabytes secded DDR RAM). Let's compare this with mutt and PINE, which load immediately. (Yea, yea, not for everyone) We can also compare it with Mozilla Mail, Thunderbird, The Bat, etc. All much faster programs, with all of Outlook's features. (aside from 'syncing').

Secure? No, it's not. (http://www.microsoft.com/downloads/results.aspx?productID=50663FD1-DBAD-4705-B915-E4CF683E70FE&freetext=security&DisplayLang=en) Sorry.