Friendship Screensaver Virus, Part 2

Dennis Faas's picture

Greetings to all! I have some good news and some bad news.

The good news is that I'm officially on vacation! Last Saturday, I left for Toronto and am currently visiting my friend, Frank. On May 3rd, I will be flying out of Pearson Airport in Toronto and will later arrive in Cancun, Mexico. I won't be back until May 12th.

The bad news is that I have limited access to the Internet and cannot retrieve personal files and old emails from the office. Before I left for the trip, I planned to route all incoming emails to the office computer, and then later download them via FTP server (to another computer). Regrettably, I am unable to transfer my files because I did not set the office computer firewall permissions correctly.

What a sec -- what is an FTP and a Firewall?

FTP stands for File Transfer Protocol. FTP is simply a method of communication used to transfer files from computer to computer over the Internet.

On the other hand, a firewall is a program used to block intruders (IE: hackers) from gaining access to your computer. If configured properly, an FTP Server and Firewall can be used in tandem to block hack attempts and yet allow safe password-protected access to a remote computer.

Side note: If you don't have a firewall installed on your computer, you should read my free report on how to Stop Hackers and Viruses from Malicious Intent. It explains how hackers gain access to your computer and provides a link to free anti-hacker Firewall and free anti-Virus software.

With that said, I'd like to address something that has been a thorn in my side.

Since I could not access my files via FTP, I elected to divert all incoming emails to my temporary location. After making the change, I was surprised to see over 150 virus-infected emails download to my Inbox in the past 24 hours, courtesy of the Friendship Screensaver Virus!

Judging by the mail headers, it appeared that all infected mails propagated from the same person / computer every 2 ~ 5 minutes. I knew that if something was not done immediately, the ISP (Internet Service Provider) Mail Server would overflow and block any new emails from reaching me. To alleviate the pressure caused by the virus, I set my workstation to check-and-receive emails every 5 minutes.

Side note: A mail header is information contained in an email which shows where an email originated and its delivery route. Unfortunately, some spammers and mail-born viruses are able to manipulate mail headers to falsify the origin.

Now that my mails were coming through, I had another dilemma on my hands: the virus kept downloading to my Inbox and it became difficult to weed through legitimate emails.

Since the workstation I'm using has Windows XP equipped with Outlook Express 6, I implemented a message rule to sort all incoming emails. The newly created message rule was configured to delete all messages which contain the words "" and "friendship screensaver" in the Message Body, but does not contain the word "infopackets" in the From Field.

In case I decide write a follow-up to this current article, this message rule won't delete an Infopackets Newsletter containing the words "Friendship Screensaver" or "", but will safely route all infected mails to the Deleted Items Folder automatically. If you decide to do the same, please make sure that your message rule meets this criteria or the newsletter will end up in your Deleted Items Folder.

Rate this article: 
No votes yet