Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Spam Operating Systems Software Windows

Am I a Spam Zombie? 160

Posted by Cliff
from the how-can-you-know-for-sure dept.
ReallyCurious asks: "Recently, I've noticed a lot of junk email in my inbox reporting 'Mail delivery failure' or 'Undeliverable'. Some of these had documents attached, so I figured this was just a worm variant. But these messages keep coming. I worry that my machine has been turned into a 'Spam Zombie'. I don't see any suspicious processes running, but maybe it only runs for a few seconds, and at irregular times. I run a Windows 98 laptop, sometimes wirelessly connected to broadband (a few hours a day, on average), but I had to remove my virus software years ago because it was locking my system up, so I'm wide open. I've tried to be a good citizen and have been shopping for new virus software, but prices are running $40-$70, and most of these are just for upgrades (not even counting the mandatory 'subscriptions')! Is there an open or free virus fighting solution that's reliable and available for Windows? I'd be happy to run it ASAP."
This discussion has been archived. No new comments can be posted.

Am I a Spam Zombie?

Comments Filter:
  • Well... (Score:5, Informative)

    by hookedup (630460) on Thursday September 02, 2004 @06:57AM (#10137227)
    It may not be your system spewing out spam, but simply someone spoofing your domain.. happens to me every once in a while
    • Oh yeah, click <a href="http://www.grisoft.com/us/us_index.php">here </a> for a free antivirus app
      • Re:Well... (Score:3, Informative)

        by tooth (111958)
        Yeap, AVG [grisoft.com] does a good job. It's certainly better than nothing.

        Also try the no cost version of Zone Alarm [zonelabs.com].

        These are basic and no cost bits of software I run on my parents machines (and Firefox ;-) ... Though I'd love to buy them a mac one day :)

      • Agreed - I've been running it at home for about a year and a half. AVG is a good AV with regular updates. Don't forget to update often.
    • Re:Well... (Score:4, Insightful)

      by walt-sjc (145127) on Thursday September 02, 2004 @07:15AM (#10137324)
      Exactly. Email worms and spammers frequently forge the sender. The problem is clueless mail adminitrators that configure their mail relays to accept mail to anyone (even unknown users) and then generate a bounce message when it can't be delivered (user unknown...) All scanning (spam and AV) and user verification really needs to be performed at initial SMTP reception and not after the fact.

      Unfortunately, older versions of Exchange are stupid in this respect, and accept pretty much anything. I believe you even have to specifically configure the newer versions of exchange too to behave correctly (someone correct me if I'm wrong here... I no longer use exchange, just read about how 2003 works...)

      IMHO, if you are running an older version of exchange without a good Unix relay in front of it that can do all this validation and scanning for you, you are a big part of the problem.

      • ("Frequently"? They always forge the sender. Anyhow...)

        I really like qmail, but it does make the braindead design of accepting mail, then processing it. (For reasons of efficiency or something; it's supposed to be a feature.)

        The folks at LinuxMagic make a replacement [linuxmagic.com] that's a bitch to get working, but does all kinds of checking during the SMTP transaction, like valid user checking, virus scanning, etc. You're supposed to be able to plug in arbitrary checkers, but I never got around to trying. The

        • Postfix has a load of builtin capabilities to do RBL and RHSRBL checks and other cool stuff before accepting a mail message.

          Check it out.
        • It's possible to reconfigure qmail, atleast i used a hacked up qmail-scanner that rejects spam or virus content.. I want to make it reject invalid users too, but that's hard to do on the secondary mailservers that don't know which accounts exist on the primary server, and most spams are relayed through the secondaries.
      • Re:Well... (Score:4, Informative)

        by sheddd (592499) <jmeadlock AT perdidobeachresort DOT com> on Thursday September 02, 2004 @11:03AM (#10139825)
        Instructions on how to do recipient filtering w/exchange:

        Here [asp.net] and here [msexchange.org]

        (btw filtering is off by default)

      • Yup, if you use your undisguised hotmail address on every one of your slashdot postings-- hypothetically, of course--you will see many bounce notices that dutifully land in your hotmail junk mail folder, using up your meager 2MB quota 40KB at a time.
      • Isn't this how the RFC states mail servers *should* behave? It may not be the correct behavior anymore, but you can't blame ms for following the standards (for once)
    • Yup, this is just spoofing... don't give it a second thought.

      Most probably some virus/worm somewhere.

      I just got a bounce message today where I allegedly sent a message to someone that bounced. Strange thing it was sent from a dormant e-mail of mine which is not configured anywhere in any of my local programs and only an old 'official' contact on the web. (A mail alias on my domain...)

      So I would not worry.

      I'm running this XP box, with SP 4 (Using Kerio Personal Firewall 2.1.5 instead of windows's one) as
      • <i>Yup, this is just spoofing... don't give it a second thought.</i>

        I would give it a second thought, it is likley someone you have had an email corispondence with and can therfore warn.

        The best bet is to find out what virus it is (scan the email). And tracert the originating IP address. this should give you the ISP and maybe a state. Look up the virus to find the file names it creates and tell your family/friends that match the ISP/location to search for the file.

        Most Virii can be removed
        • Re:Well... (Score:2, Informative)

          by Anonymous Coward
          As he said, the email address is inactive, but is displayed on the web. Spammers don't just look on the web for email address to spam, but also address to spoof spam from. The only connection he had with the spammer was an http connection for 1/2 a second.
      • SP4 for XP? WOW!
        Are you from the future? ;)
        • SP4 for XP? WOW!

          Are you from the future? ;)
          ... aka mandrake 16 or suse 14.2, (2009, when Microsoft abandons their "services for unix", fires all their coders, and sells a rebranded linux :-)
      • Re:Well... (Score:3, Informative)

        by Idealius (688975) *
        The story submitter is worried about his machine, not someone elses and if he wants to be sure he has no spyware on his system he should use HijackThis by Merjin:

        http://www.spywareinfo.com/~merijn/ (official site, down ATM)

        http://www.tomcoyote.org/hjt/

        Many popular anti-spyware forums accept posting a HijackThis log their HijackThis expert members can examine and advise you on. (e.g. The LavaSoft AdAware forums allow this but they require you post an AdAware log first :)

        Anyway, HijackThis is fairly manua
      • How do you know your machine isn't infected with something none of the anti spyware programs detect yet? It is trivial for a spyware author to recompile his program and change some of the strings around so that it's no longer detected by antivirus software, or even compress it with a new/modified executeable packer. Remember malware has to be released to the wild and actually infect a rather large number of people before the antivirus/spyware authors will get hold of a copy, analyse it and include a signatu
        • Because I have a firewall (NON-XP-SP2) and a Linux gateway with another firewall and packet sniffers... I would see the traffic.

          Sure one could get polymorphic virii, and do all sorta funny stuff. But mostly their memory footprint (or key parts thereof) remain the same or similar to existing virii and spyware. Good Virii and spyware detection software can detect derivatives even before they were programmed to.

          But this is irrelevant, as it's a network issue.
    • I think that someone is spoofing a delivery failure email because the body is almost always a virus of somekind. Perhaps the spoofer is thinking that a delivery failure will make it past Bayesian filters.
  • Most of those are forged to look like bounces.
  • No (Score:4, Insightful)

    by sa3 (628661) on Thursday September 02, 2004 @06:59AM (#10137234)
    The bounces you're getting are from other spam using you as the From address. Spam sent from your machine would have random addresses not necessarily your own. But you might still have a trojan running that could be used to send spam so you should check.
  • Why? (Score:3, Insightful)

    by Anonymous Coward on Thursday September 02, 2004 @06:59AM (#10137236)
    What makes you think you're going to get delivery failures for outgoing spam? If you're a spam zombie, I doubt it is going out with your email in the from: field.
  • eh (Score:2, Insightful)

    by doofusclam (528746)
    Why not run a free firewall and watch for any alerts that something is trying to connect to the internet? Zonealarm will do fine.

    If you're a bit more techie you can use winpcap or similar to capture the traffic.

    There's no excuse to be wide open. You'll soon do something about it when your ISP wakes up to the problem and cuts you off. I appreciate how people can get caught inadvertantly by malware (I was hosting a trojan for a few hours last week inbetween upgrades) but I don't appreciate you leaving it th
  • You're not infected (Score:2, Interesting)

    by oKtosiTe (793555)
    I've been having the same, and I know for a fact I'm not infected. This is just another worm.
  • You should be fine. (Score:5, Informative)

    by FrenZon (65408) * on Thursday September 02, 2004 @07:00AM (#10137244) Homepage

    Most likely your email address is getting used as the return address and little more - the returned mail thing affects everyone to some degree. If you were being used as a spam zombie, you'd probably not notice any change in returned mails, as the zombies generally use someone else's address again as the return addy. I'm fairly sure the return addresses aren't always randomised, as on my domains I see a bucketload of spam all from the same email address, so whoever lives there must be getting a bucketful of bounces.

    Still, you really should get an antivirus solution to ease your worries. I use AVG from Grisoft [grisoft.com], which is available in a free edition.

    Of course, the bounces are plain annoying - when I get ACTUAL bounces from mail I send, I often delete them based on subject line, not realising that the person I was trying to contact is none the wiser. Booo

    • My e-mail address keebler@mindspring.com [mailto], has been around since 1994, and very often used unobscured during those early years. It is quite well known to spammers and is often used as a forged header. My father recently recieved an ActiveX virus sent using my address in the "From:" field. He was suspicious, as I know how to spell and form sentences like a native English speaker, and don't send him attachments other than amusing .jpegs

      But I'm scared of my more technically naive mother getting zapped this

  • by cuiousyellow (89995) <grant@nOSPam.jokerbone.com> on Thursday September 02, 2004 @07:01AM (#10137247) Homepage
    The poster sounds like a good candidate for MJR's ultimately secure firewall [216.239.39.104].

    Try Zonealarm [zonelabs.com]?
    • The poster sounds like a good candidate for MJR's ultimately secure firewall.

      The poster is "wirelessly connected", you dolt! ;-)

      Try Zonealarm?

      That's more like it. Or better yet, Kerio Personal Firewall [kerio.com].

      • You know you've been IMing too long when you almost say 'lol' out loud to a non-geeky friend...

        You know, that used to be "You know you've been MUDding too long when.."
  • OMG (Score:2, Informative)

    by cL0h (624108)
    You're running Windows 98 with no virus software. I'm surprised you can use the machine at all. I constantly get requests from people to clean up their Win98 machines. They are usually riddled with spyware, trojans and diallers. Don't bother with new antivirus. Get a new operating system.
    • Re:OMG (Score:2, Interesting)

      by Reene (808293)
      For a long time (5+ years) I ran Windows 98 because I couldn't get online under any other operating system (and I tried a lot of them) and couldn't afford a $60 dialup modem that would allow me to do so.

      For a large part of that time I ran no firewall, used an online remote virus scanner sporadically at best, and reinstalled only once. In all that time, my computer contracted only one virus (a non-serious one at that), and this was due to a less computer-savvy relation of mine browsing the internet using I
    • You're running Windows 98 with no virus software. I'm surprised you can use the machine at all.

      I run MS Windows 95 with no anitvirus or firewall, and don't have any problem at all with viruses, etc.
      All I did was turn off everything that can be used to compromise my machine (e.g., closed port 135, turned off NetBIOS over TCP/IP, etc.).
      I also have disabled scripting, plugins, etc., in my browser (Mozilla) and in my mail and news readers (Outlook Express, Mozilla and Forte Free Agent).
      (I do have a proxy serv

  • maybe... (Score:5, Informative)

    by johnjones (14274) on Thursday September 02, 2004 @07:02AM (#10137259) Homepage Journal
    ok if you run windows you need a virus checker

    are you a home user ?
    if so

    http://free.grisoft.com/freeweb.php/doc/2/ [grisoft.com]

    and get avg for free
    Now you need a firewall

    http://www.free-firewall.org/ [free-firewall.org]

    then I would advice get rid of spyware with spybot
    donate something to the project if you like it...

    http://www.safer-networking.org/en/download/ [safer-networking.org]


    regards

    John Jones
    • dshield (Score:3, Informative)

      by j1m+5n0w (749199)
      It's also a good idea to look you ip up [dshield.org] on dshield [dshield.org]. They aggregate firewall logs from many sources. If your IP is causing someone trouble, it is likely to show up there. Another similar service is mynetwatchman [mynetwatchman.com].

      -jim

  • maybe not. (Score:4, Informative)

    by gl4ss (559668) on Thursday September 02, 2004 @07:03AM (#10137261) Homepage Journal
    but if you're running a win98 without firewalling/serious tweaking.. ..you're probably owned or at least at risk. though in all fairness they're probably some other spammers who just happen to use your mail add as the sender.

    go with FREE solutions, they exist.

    http://www.free-av.com/ free virus scanning [free-av.com]

    http://www.free-firewall.org/ some free firewalling [free-firewall.org]

    • Re:maybe not. (Score:3, Insightful)

      by mbourgon (186257)
      Why is he owned if he uses 98? My impression has been that 98 is _safer_ - WinNT/2k/XP all have all these fun services that can be exploited, where 98 doesn't. Granted, if you run IE or the like all bets are off.

      Or is there something I'm missing?
  • AVG AntiVirus (Score:3, Informative)

    by Green Light (32766) on Thursday September 02, 2004 @07:03AM (#10137266) Journal
    Here is the link to their free version [grisoft.com] This works well, and is completely free for personal use.
  • AVAST (Score:4, Informative)

    by chadkiser (653920) on Thursday September 02, 2004 @07:07AM (#10137280)
    http://www.avast.com/eng/avast_4_home.html [avast.com] Home version is free
  • We get bounces to the support address at the company I work at all the time. Someone has decided to use our support address as the 'from:' address in their crappy spam. Anytime they send it to a non-existant address, we get the bounce. Our system is updated and locked down, so they aren't coming from us, but YMMV.

    Either way, I'd suggest running that address through a spam block of some kind to filter out the crud or just give it up entirely if you can.
  • Yes (Score:3, Informative)

    by noselasd (594905) on Thursday September 02, 2004 @07:13AM (#10137310)
    antivir [free-av.com] seems to work ok,
    and is updated afaik.
    Spyware removal software [lavasoft.com] is obligatory on windwos as well.
  • I don't get it.... (Score:5, Insightful)

    by Apreche (239272) on Thursday September 02, 2004 @07:17AM (#10137331) Homepage Journal
    OK. I'm a dual booting guy. Obviously my linux, which I use mostly, has no problems. However, my windows install also has no problems. I only got a virus once ever because after a clean XP install a worm got to me before I got to windowsupdate.

    The point is that you do NOT need anti-virus software. Anti-virus anti-spyware software should be used only to cleanup already busted systems. Your system cannot be infected if you take proper care to prevent it. Even if you are running windows on a cable modem all day.

    1) NEVER download an e-mail attachment.
    2) Use Firefox instead of IE.
    3) Use Thunderbird instead of Outlook
    4) Do NOT visit untrustworthy websites
    5) Do NOT download any software from the internet and install it. Even if it looks trusty from tucows or download.com do a google search to see if it it spyware first.
    6) Have a firewall like zone alarm or sygate, or better have another computer between you and the net with a firewall on it. Or have a hardware firewall. Proper network level security keeps the worms out almost guaranteed.
    7) If you have wireless lock it down. You don't want a drive by person to start sending spam out your pipe.
    8) DO get all the windows updates that are security fixes. The ones that aren't security fixes you can choose to get or not get at your own discretion.

    If you do those things then there is almost no way you can get hit. It's really that simple. And if you DO get hit, its usually easier to re-install due to the degrading nature of windows. Any windows install, even a clean one, falls apart over time. The registry fills with more and more junk. Improperly uninstalled apps leave files behind here and there. Hidden variables change and are not changed back. Even the cleanest installs seem to last at most 18 to 24 months except in very controlled business environments.

    Dont pay for anti-virus software, its a ripoff. Just re-install and then take proper preventative measures so it doesn't happen again.
    • If I might amend that a little because they are all good points but missing something:

      0) Do not run Windows 98. This is the year 2004. 1998 was released 6 years ago. Microsoft have released three (3!) major desktop operating system revisions since then. If you thought MS was bad for security now, try and remember what they were like 6 years ago!

      If you won't pay for Windows XP, I am certain that you can get a free operating system that will do all the things you can do with your Windows 98 install. Y
      • by R2.0 (532027) on Thursday September 02, 2004 @08:49AM (#10138127)
        "Microsoft have released three (3!) major desktop operating system revisions since then"

        Windows ME: Oh, it was major, alright - a major failure. The "Upgrade" path at the time was to revert Back to 98SE.

        Windows 2000: Remember, this was marketed as "not for home use". That was what ME was for. 2000 wouldn't support many legacy apps.

        So there has really only been 1 major desktop OS revision that is relevant, and given XP's poor rep, there are plenty of reasons not to upgrade.

        Also, the comparison between then and now isn't valid. A large number of the exploits now target services in 2000 & XP that 98 doesn't have.

        98 certainly isn't state of the art, but I don't know that I'd call 2000 or XP that either. Your most compelling argument seems to be "98 is OLD!!"

        BFD.
      • He is carrying already too much dosh for the good of his soul and we don't want to lumber him with more than he can handle.

        Use a Win emulator in Linux, there are several very good out there that allow you to use your cranky copy of W98 if you need to do so.

        No reason to shell out more money for the guys in Redmond.

        You wanna play games? Get a PS2, a Gamecube or a GBA. They are cheaper than a full version of Windows XP.

    • Almost right (Score:3, Interesting)

      by Mycroft_514 (701676)
      Except for the part about degradation of the registry. Look, I've got systems that are running Win 98SE and even 2 still running Win 95.

      One of the Win 95 machines has been running for 7 YEARS without having to reload the OS. I have swapped hardware in and out, and changed drivers. The last time the OS was changed was when I put the 6 Gig drive in (1997) and I needed to upgrade from Win 95 ver B to ver C (B didn't support drives that big).

      One of the Win 98 machines is now 4 years old, with no reloads, t
    • by Godeke (32895) *
      Insufficient. If you hook Windows directly up to broadband to get WindowsUpdate running, you have a good chance of being infected before you are patched. Software firewalls don't block everything, so Step 6 is insufficient, unless you have a machine proxying, NATting firewall or a true firewall. Even then you put a vulnerable machine on your local network, which may have unpleasant surprises in store for you.

      A better option is for step 8 becomes: get all windows updates and security fixes ON CD, because ot
    • NEVER download an email attachment.
      Then how are you supposed to open it? People do send legitimate attachments.

      Do NOT visit untrustworthy sites
      What exactly is a trustworthy site these days? Javascript and even HTML have been used to download malicious code. Even well known and respected sites have been affected.

      Proper network level security keeps the worms out almost guaranteed.
      Worms yes, because they infect networks. But viruses and trojan horses infect machines.

      -Do beware of emails with sin
    • Unfortunately Firefox isn't the cure-all for avoiding web viruses. I haven't had a virus on a machine for years, but just last week a site somehow opened Internet Explorer from Firefox and thus installed some dialers and crap.
  • http://www.clamwin.net/ [clamwin.net] is an allegedly good antivirus program.

    Also, http://www.spybot.info/ [spybot.info] has been alleged to be a good antispyware program.

  • Since the SMTP protocol doesn't have any authentication of the sender (except within an ISP/Domain with SMTP-AUTH), it's easy for a spammer/virus to send mail pretending to be you. That's called a 'joe-job' after one of the early occurrences of it.
    A recently proposed solution (though not without it's problems) is SPF (Sender Policy Framework) http://spf.pobox.com/ [pobox.com] where a domain owner can publish the list of servers which are authorized to send mail as being from a user of their domain.
    Until it's widely deployed, not just on the publishing side, but on the checking side, it won't be real useful. However it's nearly trivial for the DNS owner to publish the records and since big ISPs like AOL and Yahoo are starting to check them it does protect you from being Joe-Jobbed to a large number of mailboxes.
  • by kyhwana (18093)
    AVG [grisoft.com] works pretty well, i've found. I used it on all the machines that came in when I used to work at a computer shop and it caught pretty much all of them.

    I run it on my windows systems at home, too.
    So consider this as another vote for AVG. :)

    You should probably also consider a firewall, there are couple of free ones out there, including Zone Alarm and so on.
  • Housecall (Score:3, Interesting)

    by jgaynor (205453) <jon@@@gaynor...org> on Thursday September 02, 2004 @08:02AM (#10137595) Homepage
    Bah. Im suprised no one has mentioned housecall yet:

    http://housecall.antivirus.com [antivirus.com]

    Housecall is a web-based virus scanner that, since it is loaded anew every time, always has the latest virus definitions. Since it installs nothing but temporary cache files, you dont have to worry about it slowing down your machine.

    Because of the nature of the application it can't always clean the offending virii/malware, but it will at least alert you to their presence and give you their names so that you can manually remove them. When combined with stinger [nai.com], spybot [safer-networking.org] and google [google.com] it's an excellent choice for on-site calls to machines without AV or for your old boxen that just cant afford the extra cycles for full-time AV bloat.

    If you prefer to do the offline thing, try the Knoppix anti-virus distribution [oreillynet.com] (weak link I know). Once again it isn't a permanently installed application and since the OS isn't running it can slap down bugs before they're loaded into memory.

    Cheers!
    • Re:Housecall (Score:2, Interesting)

      by Anonymous Coward
      (Posting AC so I don't undo my mods)

      I've used housecall a few times to scan some machines. I works pretty well, and since it's web based you don't have to install anything. The downside is that it's for IE only so it may not be an option for some (hopefully many).

      For offline scanning, I'll repeat the numerous recommendations for Grisoft's AVG free scanner
      http://www.grisoft.com/us/us_index.php
      A fter testing it on a few machines, were planning to purchase the server edition to scan all incoming email befo
  • Most of the posts haven't really been answering the question. Most of the posts have been helpful advice about how to stop being a spam-zombie, but haven't been answering whether or not he currently is one.

    With apologies, because the connection I just made to them was a bit slow, there are:
    http://openrbl.org/
    http://moensted.dk/spa m /
    http://www.dnsstuff.com/tools/ip4r.ch

    Unfortunately my domain is in there, because it really refers to my ISP-assigned IP, and their whole block is listed.
  • Everyone else already said you most likely aren't infected, but if your machine is totally unsecured, the first thing I'd recommend is getting a good software firewall installed and running. There are many different products out there with prices varying from free to darn expensive. I'll let someone else link to them for Karma. :)
    If you practice reasonably safe internet usage (e.g. not opening attachments you aren't expecting, not visiting websites from random links, not visiting shady websites) then your
  • If the originating ip address matches your ISP, there's a good chance, though as others here have said, most of the time, these bounces are from spam that uses one address from its mailing list for the "TO" header and another for the "FROM" header.

    NEVER run Windows without solid anti-virus. If something on your machine is interfering with the anti-virus, fix your machine until anti-virus runs. If your anti-virus interferes with something else, don't run that something else. Seriously. It's that dangerous.

  • by Bob Cat - NYMPHS (313647) on Thursday September 02, 2004 @10:27AM (#10139297) Homepage
    You are doing nothing to stop your PC from being abused because you can't find free as in beer software?

    Adaware SE Personal www.lavasoft.de
    Zone Alarm Firewall www.zonelabs.com
    F-Prot Antivirus www.f-prot.com

    All commercial products free for personal use.

    Now, install those and stop the spammers, please.
    Keep your definitions updated, okay?
  • by fmaxwell (249001) on Thursday September 02, 2004 @11:33AM (#10140211) Homepage Journal
    I run a Windows 98 laptop, sometimes wirelessly connected to broadband (a few hours a day, on average), but I had to remove my virus software years ago because it was locking my system up, so I'm wide open. I've tried to be a good citizen and have been shopping for new virus software, but prices are running $40-$70, and most of these are just for upgrades (not even counting the mandatory 'subscriptions')!

    If you have a Windows 98 machine with no anti-virus software, then stay off of the Internet. Period. You have no right to endanger and inconvenience others just because you're too cheap/poor to buy anti-virus software and too computer-illiterate to type "free antivirus software" into Google (hint).

    It reminds me of someone with 20/200 vision operating a car without glasses because glasses cost too much. "Oops! Sorry about your poodle! Didn't mean to run over your kid; sorry. Uh oh, hit another parked car."

    • If you have a Windows 98 machine with no anti-virus software, then stay off of the Internet. Period.

      I've had anti-virus software for years and kept it up to date and it never once blocked a virus.

      However, I've spent many hours undoing the damage done to my machine by the virus scanners themselves. And I've spent a lot of money buying new versions.

      Which person is the sucker? The one who is constantly spending time and money maintaining virus scanner installations that never block an infection or the o

      • I don't see anything wrong with making a risk assessment and deciding that you're better off without a scanner.

        It's not your place to make a "risk assessment" for your potential victims. All it takes is one f***-up by you and thousands of people end up being bombarded with viruses/worms from your infected PC.

        And I've spent a lot of money buying new versions.

        And I've spent a lot of money buying auto insurance. Maybe I should just make a "risk assessment" and decide that anyone I run into can just lum
        • Again with the hint: Type "free antivirus software" into Google.

          So you are the guy telling people to download random software from the internet and install it. Thank you very much.
          • So you are the guy telling people to download random software from the internet and install it. Thank you very much.

            Ever heard of a review? How goddamned hard is it to do a little research on your own? Apparently too hard, so here' a link [pcworld.com] to a PC World review of free anti-virus software. But you're too clever to fall for that, aren't you? You figured out that Grisoft, Alwil, and H+BEDV Datentechnik GmbH (makers of AVG, Avast, and AntiVir anti-virus software respectively) are all providing free-for-per
            • i was not referring to that software, just your suggestions to use google. Just because something comes up high in the google results does not mean it is safe.
              • i was not referring to that software, just your suggestions to use google.

                What's wrong with using a search engine to search for things? That seems pretty logical to me. You search for "free antivirus software", click on the links, search for reviews of packages that look promising, and choose one based on your research.

                Just because something comes up high in the google results does not mean it is safe.

                I never said that a high rank in Google meant something was safe, did I?
    • I was on a mailing list once where a guy claimed to have never had a virus and to have never run AV software. He's run Windows 95, right upto WIndows XP.
  • Not necessarily (Score:4, Informative)

    by renehollan (138013) <rhollan@noSpaM.clearwire.net> on Thursday September 02, 2004 @11:40AM (#10140307) Homepage Journal
    While running Win98 naked is about as wise as, well, running naked, this may not be the source of those bounce messages. IOW, by themselves they do not indicate that your box is a spam zombie.

    I get boatloads of these things, as well as spam (filtering is your friend) -- my email address is fairly public and in a lot of address books. I'm not about to abandon it as it's within a domain I lease.

    I run behind a fairly hardened firewall, and am moving towared a Linux iptables-based firewall/router/home server.

    What ticks me off is when such a message bounce indicates that the original message contained a virus. How dare someone accuse me of sending a virus just because their mail daemon received a spoofed From: header? They could at least check the route the mail took against that header to get an idea if it's bogus. But, often automatic smam/virus filters are pretty stupid and trust the From: address. Still, I wonder if someone, somewhere, "out there" is blacklisting me because someone else forged my identity. Sounds like a defamation suit if I could find the bastards.

    And that's the rub. Often when I've received such bounces, when the originator can be identified, they refuse to help in providing a copy of the original email, headers intact, that might permit tracking down the source: either a spammer, or a spam-zombie. I wonder if I could sucessfully file "theft of computer services" charges against such an organization: they're sending me unsolicited bounces, and furthermore, refusing to backup the allegation that they're bouncing messages from me. I wonder if the anti-spam legislation that's out there can be used as a club against those who send bounces to spoofed From: addresses and refuse to acknowledge or correct their mistake.

  • Windows Security Software [akerman.ca]

    I've used AVG. Some people prefer AntiVir.

  • I've never found virus programs to be worth it - if a new worm comes out, they are rarely quick enough to update and in the meantime they always seem to really slow down your computer.

    Instead, I run a web-based anitvirus program (http://housecall.antivirus.com/ [antivirus.com]) about once a month.

    Obviously I also take other precautions - only connect to the internet via a NAT router, never open email attachments, etcetera but Housecall is good, and it's free.
  • As part of Windows XP SP2, Microsoft is offering free trails [microsoft.com] of various anti-virus products: Norton, McAfee, CA, etc. You don't have to upgrade to XP SP2 to qualify.

    This was mentioned on /. a while back, but /. search is down and I couldn't find it quickly on Google.

  • Heh (Score:2, Informative)

    by itwerx (165526)
    If you're running Windows 98 with no antivirus and you're posting a question like this on Ask Slashdot, then yes, you are a spam zombie...

    (Okay, mod me flamebait now, it was worth it! :)
  • Spoofage, I get these all the time, just look at the headers. NEXT!

  • Stop Using Microsoft Products!

  • I've found the following helpful for the no-budget set:

    Avast Home Edition Virus Scanner [avast.com]

    Spybot Search and Destroy [safer-networking.org]

    HijackTHIS - Find out whats in your PC. (semi-advanced)
    The site for HiJackThis [spywareinfo.com] seems to be down for now. THere are a few other little nifty freebie aps in there, too. Heres a mirror download site [spychecker.com]

    AdAware [lavasoftusa.com] - picks up a lot of crap in your PC

    (Anyone wanna offer up a few opinions on this stuff? You know you do.)

    Of course, the obligatory comment of "Use Mozilla, keep your shit patched, don

Physician: One upon whom we set our hopes when ill and our dogs when well. -- Ambrose Bierce

Working...