newsbin.com

Some of the groups I follow have been all gunked up lately by someone who appears to be casting a net for more zombies. The posts all claim to be various keygens, cracks, etc.
Here's a regex to put in your reject list

(?#hide trojans)(\b\d*crack\b)|(\b\d*key\b)|(keygen)|(keymaker)|(\b\w+\.exe\b)

Of course, if you run an exe you dl'ed from usenet, you deserve what you get - but it's irritating having the bogus posts there.
And if you really have to run something you dl'ed, do it in a VM. A virus scan is not going to protect you.

would a filter like the end of your string (\b\w+\.exe\b) work for the stupid .exe files that have been popping up?

im not versed in regex so any help would be greatly appreciated.

cosmo4u

You might try
\.exe\b
or even
[a-z0-9_-+=\[\]"']\.exe\b
Which is a sort of half-assed "one legal windows file character followed by .exe and then a word boundary.
Half-assed because I'm being lazy with the legal file chars. the rules are:

You may use any character in the current code page (Unicode/ANSI above 127), except:

< > : " / \ | ? *
Characters whose integer representations are 0-31 (less than ASCII space)
Any of the DOS names: CON, PRN, AUX, NUL, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, LPT9 (and avoid AUX.txt, etc)
The file name is all periods

so I'm just covering the "typical" chars...