Announcement

Collapse
No announcement yet.

Persons not that familiar with how viruses are snuck into emails

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Yup..bounced email saying I'm sending viruses...but I'm not. I'm on a Mac....
    Fan Club member for VBulletin Dev and Support Team ;)

    Hysterectomy - GirlsGetGoing.com - Fabulous Fifty

    I'm frequently asked about the skin designer for my forums. ForumSkin.com

    Comment


    • #17
      Hooray, I managed to get this virus on my computer Didn't take me long to remove it though

      Comment


      • #18
        Nortons new virus dats (released late night at 9:30pm-EST) now scan the compressed files and deletes the virus..

        I received about 25 more this morning, all automatically deleted..
        Attached Files
        MCSE, MVP, CCIE
        Microsoft Beta Team

        Comment


        • #19
          Originally posted by merk
          Unlike you, most people around here appeciate that Asendin takes his time to post articles on this forum to warn us / inform us about happening things.
          Don't thank me,, just send money
          j/k, happy to help

          The virus is also being posted to newsgroups with the title.
          "Company or Corporation(s)" site was hacked today

          eg: PayPal's site was hacked today
          Last edited by Joe Gronlund; Tue 27th Jan '04, 7:22am.
          MCSE, MVP, CCIE
          Microsoft Beta Team

          Comment


          • #20
            I had JUST started reciving this before I came across this post. Thankfully If I don't know the e-mail addy it gets deleted right then and there.

            I am now getting about 5 just in the morning check alone, and about a tottal of 15 a day now .. I ecpect it will climb higher yet as this thing hits it's peak. :P

            Thanks for these types of threads BTW. Sometimes I miss the new ones out there and this helps!

            Comment


            • #21
              Looks like this new virus was created to DDoS SCO: http://news.com.com/2100-7349_3-5147605.html?tag=st_lh
              Raz - KMC Forums

              Comment


              • #22
                gah, i hate beeing in someone else's addressbook.
                i got 500 Emails today, containing eithar a virus, or claiming that someone got an email from my address (althoug the addy anna at vb.org isn't my email addy ^^)
                The price of freedom is eternal vigilance!
                - Thomas Jefferson

                Comment


                • #23
                  You really should virus scan your messages with clamav at the gateway.
                  Raz - KMC Forums

                  Comment


                  • #24
                    I got this yesterday before anything was published. It came in the form of a malformed returned email that was sent. Well being an admin at more then one site and the email having made it through norton I dove in to investigate.

                    Now as I said, I approached this thinking norton had it covered and went to town. Who's sending what to whom. I opened it right up. What a surprise. It lit up OLE and started it's own smpt server and proxy as now advertised. Emails started flying like crazy...I hit reset and thought for a minute. Aparently not enough, I restarted. Bam it went to town again. Before I could hit reset I noticed NAV's auto update run and norton finally started spitting out some data I could use, abeit too late. Scribbled down the virus name, hit reset, and pulled the network cable form the computer.

                    Ok, so I grab the next computer and hit google. No hits for the virus name. I switch to yahoo and get a hit with removal instructions. Reboot the infected computer, repair the registry and delete the payload files.

                    All is good now except everyone in my maillist got send a copy. I hope they get their AV updates first.

                    If you've ever said, how dumb could you be to open that, well there's an example of how.
                    Computer Help Forum
                    An informed rider makes their first destination the motorcycle forum at rider info.

                    Comment


                    • #25
                      Not much happened here. It added all the files and registry keys, but afaik, it didn't send any e-mails, but I don't use OE/Outlook either, so it probably didn't have an addressbook to send e-mails to.

                      I didn't notice the proxy, but I killed the process pretty quick, so I didn't have enough time to analyze the virus in full.

                      Comment


                      • #26
                        I keep getting one every five minutes, now there coming in as straight exe files, but nortons is catching and nuking them
                        MCSE, MVP, CCIE
                        Microsoft Beta Team

                        Comment


                        • #27
                          Originally posted by Asendin
                          Nortons new virus dats (released late night at 9:30pm-EST) now scan the compressed files and deletes the virus..
                          It has been many years antivirus do scan compressed files. At least 10 years.
                          An easy test about compressed files exists since many years:
                          http://www.eicar.org/anti_virus_test_file.htm
                          Lumina, aventurière des mondes fantastiques et petite rédactrice au grand cœur
                          Cœur Lumière - vBulletin-fr
                          Join the vBulletin French community social group!

                          Comment


                          • #28
                            i do this to stop e-mail viruses
                            well , not to stop
                            but to let me know i have one

                            >>ADDRESS BOOK;
                            >>I learned a computer trick today that's really ingenious in it's
                            >>simplicity.
                            >>I received it from a friend.
                            >>
                            >>As you may know, when/if a worm virus gets into your computer it
                            >>heads straight for your e-mail address book, and sends itself to
                            >>everyone in there, thus infecting all your friends and associates.
                            >>This
                            >>trick won't keep the virus from getting into your computer,
                            >>but it will stop it from using your address book to spread
                            >>further, and it will alert you to the fact, that the
                            >>worm has gotten into your system.
                            >>
                            >>Here's what you do; first, open your address book and click on
                            >>"new contact", Just as you would do if you were adding a new
                            >>friend to your list of e-mail addresses.
                            >>
                            >>In the window where you would type your friend's first name,
                            >>type in AAAAAAA, Also use address [email protected]
                            >>
                            >>Now, Here's what you've done and why it works: The name
                            >>AAAAAAA will be placed at the top of your address book as entry
                            >>#1. This will be where the worm will start in an effort to send
                            >>itself to all your friends. But, when it tries to send itself to
                            >>AAAAAAA, it will be undeliverable because of the phony e-mail
                            >>address you entered.
                            >>
                            >>If the first attempt fails (which it will because of the phony
                            >>address), the worm goes no further and your friends will not be
                            >>infected.
                            >>
                            >>Here's the second great advantage of this method: If an e-mail
                            >>cannot be delivered, you will be notified of this in your IN BOX
                            >>almost
                            >>immediately.
                            >>
                            >>Hence, if you ever get an e-mail telling you that an e-mail
                            >>addressed to AAAAAAA could not be delivered, you know right away
                            >>that you have the worm virus in your system. You can then take
                            >>steps to
                            >>get rid of it!
                            >>
                            >>Pretty slick, huh?
                            >>If everybody you know does this then you need not ever worry
                            >>about opening mail from friends. Pass this on to all your friends.
                            >>Try It, It Really Works, God Bless You All.
                            Last edited by deano; Tue 27th Jan '04, 1:06pm.

                            Comment


                            • #29
                              Deano, what you received is called a "hoax". This contact list trick do not work at all of course, or maybee with just 0,001% of possible virus.
                              Lumina, aventurière des mondes fantastiques et petite rédactrice au grand cœur
                              Cœur Lumière - vBulletin-fr
                              Join the vBulletin French community social group!

                              Comment


                              • #30
                                ok
                                still a good trick thou
                                for real e-mail viruses
                                tanks and kisses
                                Last edited by deano; Tue 27th Jan '04, 1:06pm.

                                Comment

                                widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                                Working...
                                X