Search the archive:
 YaBB - Yet another Bulletin Board
 
   
 
  Simviation ForumGeneral General Discussion › Virus disguised as MS Email
(Moderators: Mitch., Fly2e, ozzy72, beaky, Clipper, JBaymore, Bob70, BigTruck)
Previous Topic | Next Topic
Pages: 1 2 
Send Topic Print
Virus disguised as MS Email (Read 446 times)
Sep 19th, 2003 at 11:07am

btbrossard   Offline
Colonel
KMKE

Gender: male
 Posts: 22
 *****
 
I received a good number of the following e-mails today:

...

All were infected by a virus.

The e-mail is obviously not from Microsoft.  The logo in the upper left corner is wrong.  Also, the legal text on the bottom would be at least 100% longer Smiley and harder to read.

Has anyone else received this?  I usually do not get any Spam to this email account.

/Benjamin
 
...
Back to top 
IP Logged
 
Reply #1 - Sep 19th, 2003 at 11:11am

Scottler   Offline
Colonel
Albany, New York USA

Gender: male
 Posts: 5989
 *****
 
Which virus is it infected with?
 
Great edit, Bob.&&&&&&Google it. &&&&www.google.com
Back to top 
IP Logged
 
Reply #2 - Sep 19th, 2003 at 11:14am

btbrossard   Offline
Colonel
KMKE

Gender: male
 Posts: 22
 *****
 
These are the log entries from Norton:

Source: gydemn.exe
Description: The email attachment gydemn.exe is infected with the Worm.Automat.AHB virus.


Source: q778299.exe
Description: The email attachment q778299.exe is infected with the Worm.Automat.AHB virus.


Source: cebdzhs.exe
Description: The email attachment cebdzhs.exe is infected with the Worm.Automat.AHB virus.


Source: Q384939.exe
Description: The email attachment Q384939.exe is infected with the Worm.Automat.AHB virus.

Source: install.exe
Description: The email attachment install.exe is infected with the Worm.Automat.AHB virus.

/Benjamin
 
...
Back to top 
IP Logged
 
Reply #3 - Sep 19th, 2003 at 11:14am

Iroquois   Offline
Colonel
Happy Halloween
Ontario Canada

Gender: male
 Posts: 3244
 *****
 
I got this, exept it was from my internet provider. This isn't a hoax, believe me. It's infected with the Blaster worm and another worm type virus that changes serial numbers, making it impossible to log onto Windows.
 
I only pretend to know what I'm talking about. Heck, that's what lawyers, car mechanics, and IT professionals do everyday. Wink&&The Rig: &&AMD Athlon XP2000+ Palomino, ECS K7S5A 3.1, 1GB PC2700 DDR, Geforce FX5200 128mb, SB Live Platinum, 16xDVD, 16x10x40x CDRW, 40/60gb 7200rpm HDD, 325w Power, Windows XP Home SP1, Directx 9.0c with 66.81 Beta gfx drivers
Back to top 
IP Logged
 
Reply #4 - Sep 19th, 2003 at 12:16pm

Hagar   Offline
Colonel
My Spitfire Girl
Costa Geriatrica

Posts: 33159
 *****
 
I've seen plenty of these some time ago. It appears they're doing the rounds again. At first sight they appear to be a genuine warning from M$. The message actually refers to a genuine security update. The links are also genuine but the attachment contains the virus. Delete it immediately.

M$ would never send out updates as an e-mail attachment. For the real thing, check the Windows Updates site regularly. Fortunately, it seems your anti-virus software dealt with it. Wink
 
...

Founder & Sole Member - Grumpy's Over the Hill Club for Veteran Virtual Aviators
Member of the Fox Four Group

Need help? Try Grumpy's Lair

My photo gallery
Back to top 
IP Logged
 
Reply #5 - Sep 19th, 2003 at 1:38pm

Birdie2112   Offline
Colonel
"They got that thing to
fly!?!?!?!?"

Posts: 70
 *****
 
I work in Internet Security, and deal with these things on a regular basis.

Hagar, your exactly right;
Microsoft will NEVER send out updates as patches, right now they use windows update for that, but that will soon be replaced as well.

In addition, that text is not the normal write up, but thats another story...

BOTTOM LINE:
NEVER DOWNLOAD ATTACHMENTS FROM E-MAIL, EVEN IF THEY LOOK LEGIT AND/OR APPEAR TO BE FROM MICROSOFT/SOMEONE YOU KNOW
 
Back to top 
IP Logged
 
Reply #6 - Sep 19th, 2003 at 1:51pm

Birdie2112   Offline
Colonel
"They got that thing to
fly!?!?!?!?"

Posts: 70
 *****
 
i just found this:

http://insight.zdnet.co.uk/0,39020415,39116512,00.htm

give you a bit more info about it
 
Back to top 
IP Logged
 
Reply #7 - Sep 19th, 2003 at 2:01pm

Scottler   Offline
Colonel
Albany, New York USA

Gender: male
 Posts: 5989
 *****
 
Megastever you're my megahero.  LOL
 
Great edit, Bob.&&&&&&Google it. &&&&www.google.com
Back to top 
IP Logged
 
Reply #8 - Sep 19th, 2003 at 2:37pm

Birdie2112   Offline
Colonel
"They got that thing to
fly!?!?!?!?"

Posts: 70
 *****
 
oh i am. i am.  Kiss Kiss
 
Back to top 
IP Logged
 
Reply #9 - Sep 19th, 2003 at 11:23pm

Scottler   Offline
Colonel
Albany, New York USA

Gender: male
 Posts: 5989
 *****
 
http://story.news.yahoo.com/fc?cid=34&tmpl=fc&in=Tech&cat=Computer_Viruses_and_W...
 
Great edit, Bob.&&&&&&Google it. &&&&www.google.com
Back to top 
IP Logged
 
Reply #10 - Sep 19th, 2003 at 11:27pm

Cherokee_6   Offline
Colonel
Calgary, Alberta, Canada

Gender: male
 Posts: 1298
 *****
 
Thanks for all the heads up guys!
 
P4 2.6 Ghz w/ 800Mhz FSB & HT Technology, XP Home, 512MB Dual Channel DDR SDRAM at 333 Mhz, 128MB GeForce FX 5200 Video Card, 80GB Ultra ATA/100 HD, Sound Blaster Live! 5.1 w/ Dolby Digital Sound Card.
Back to top 
IP Logged
 
Reply #11 - Sep 19th, 2003 at 11:35pm

BFMF   Offline
Colonel
Pacific Northwest

Gender: male
 Posts: 19820
 *****
 
I've seen this over and over again.

just remember, don't ever open up an attachment unless your expecting it.

Always follow this rule Wink
 
Back to top 
IP Logged
 
Reply #12 - Sep 19th, 2003 at 11:47pm

Cherokee_6   Offline
Colonel
Calgary, Alberta, Canada

Gender: male
 Posts: 1298
 *****
 
Quote:
I've seen this over and over again.

just remember, don't ever open up an attachment unless your expecting it.

Always follow this rule Wink

Try to tell my wife that! Roll Eyes Roll Eyes


 
P4 2.6 Ghz w/ 800Mhz FSB & HT Technology, XP Home, 512MB Dual Channel DDR SDRAM at 333 Mhz, 128MB GeForce FX 5200 Video Card, 80GB Ultra ATA/100 HD, Sound Blaster Live! 5.1 w/ Dolby Digital Sound Card.
Back to top 
IP Logged
 
Reply #13 - Sep 19th, 2003 at 11:57pm

BFMF   Offline
Colonel
Pacific Northwest

Gender: male
 Posts: 19820
 *****
 
lol

My mom once got woried about this and asked me about it.

My response was, "mom, you don't know enough to even run an attachment" Grin Grin

and she really wouldn't know either Wink
 
Back to top 
IP Logged
 
Reply #14 - Sep 20th, 2003 at 12:18am

btbrossard   Offline
Colonel
KMKE

Gender: male
 Posts: 22
 *****
 
Quote:
just remember, don't ever open up an attachment unless your expecting it


Some e-mail programs will attempt to run the attactchment without user intervention.

For example, the web mail service I use on my server (OpenMail, I belive) ran the attatchment on a computer at work without any prompting.

Also, a good portion of people will try to open anything that gets sent to them via e-mail.

I'm sick of getting this crap.  10 messages at 142K each over dial up makes a slow e-mail experience  Wink .

/Benjamin
 
...
Back to top 
IP Logged
 
Pages: 1 2 
Send Topic Print
Previous Topic | Next Topic
  « Home ‹ Board Top of this page

Simviation Forum » Powered by YaBB 2.5 AE!
YaBB Forum Software © 2000-2010. All Rights Reserved.

Valid RSS Valid XHTML Valid CSS Powered by Perl Source Forge