posted on August 20, 2003 02:00:42 PM new
This is another one to be on the lookout for. This is the email text sent to me by Mcafee. They also offer a free web scan.
Free Web Scan Link: http://us.mcafee.com/root/mfs/default.asp
___________-eMail text
A new variant of W32/Sobig, W32/Sobig.f@MM is a High Risk mass-mailing worm. It arrives as an email attachment with a .pif or .scr extension. When run, it infects the host computer, then emails itself (using its own SMTP engine) to harvested email addresses from the victim's machine. In addition, when it propagates, the worm "spoofs" the "from: field", using one of the harvested email addresses.
Note: The worm copies itself onto the infected machine as: C:\WINNT\WINPPR32.EXE
Caution: An infected email can come from addresses you recognize and may contain the following information:
WHAT TO LOOK FOR:
Subject: [content varies]
- Your details
- Thank you!
- Re: Thank you!
- Re: Details
- Re: Re: My details
- Re: Approved
- Re: Your application
- Re: Wicked screensaver
- Re: That movie
Body: [content varies]
- See the attached file for details
- Please see the attached file for details
posted on August 20, 2003 06:23:57 PM new
I just had 2 mailer daemon messages in my inbox. They bounced back to me because the ISP's detected a virus in the attachments. Problem is, I never sent the emails in the first place. Apparently my email address is on someone's infected computer and was picked as the spoof address. The subject line was "That Movie".
The light at the end of the tunnel will turn out to be an oncoming train.
posted on August 20, 2003 06:30:50 PM new
Sparkz - I posted info yesterday on the virus including the detail that it hijacks systemd using them to send out additional spam under spoofed addresses
~~~ • ~~~ • ~~~ • ~~~ • ~~~
Men Are Like Grapes. If You Stomp on Them and Keep Them in the Dark Long Enough, They Might Turn Into Something That You Would Take to Dinner
posted on August 20, 2003 06:40:52 PM new
Fenix03...Yes I know. I'm one of those who thought it couldn't happen to me. A little logic however dictates that every time someone wins one of my auctions, between the eoa's from me and Ebay plus the shipping notifications and other email exchanges, a sellers email address could appear 4-5 times on someon else's hard drive. Multiply that times several hundred transactions and an active seller could have quite an exposure to this virus. Even though I read your post and was aware of it, it was a little unnerving to read those daemon messages the first time
The light at the end of the tunnel will turn out to be an oncoming train.
posted on August 21, 2003 09:43:25 AM new
My brother says he has the blaster worm on his computer. I looked at the Microsoft Download page and all I see are patches. Since the worm is already in there, what can he do? Aren't patches too late?
posted on August 21, 2003 10:16:13 AM new
He has downloaded the patch. He has WindowsXP. He is running the information. There has been the little timer icon on the screen for a very very long time. The horizontal line that normally appears during this type of procedure has never shown up. I think it indicates how much of the procedure has been completed. Should he start over or still wait? Thank you.
posted on August 21, 2003 06:26:01 PM new
Hi,
I would recommend that he get rid of the virus before downloading anything. Here is a link to Norton. They have virus removal tools. As for me, I am updating Norton on a daily basis - first thing in the morning - kind of like brushing my teeth! There are too many worms/bugs out there! Norton has caught them all for me as soon as they enter my outlook - they are zapped & deleted. I never need to open them - immediate response! (Now that is a commercial)
posted on August 22, 2003 05:59:56 PM new
I have a question for Outlook users. Every time someone emails me or I email them, their address gets stored in my address book. Is there a way to turn that off? 3/4 of the addresses in there are useless to me and I'd hate to accidentally send anyone something. Thanks!
Cheryl
Power to the people. Power to the people, right on. - John Lennon
