Simviation Forum - Virus disguised as MS Email

Sep 19^th, 2003 at 11:07am

btbrossard Offline
Colonel
KMKE

Gender:
Posts: 22

I received a good number of the following e-mails today:

All were infected by a virus.

The e-mail is obviously not from Microsoft. The logo in the upper left corner is wrong. Also, the legal text on the bottom would be at least 100% longer

and harder to read.

Has anyone else received this? I usually do not get any Spam to this email account.

/Benjamin

Back to top

IP Logged

Reply #1 - Sep 19^th, 2003 at 11:11am

Scottler Offline
Colonel
Albany, New York USA

Gender:
Posts: 5989

Which virus is it infected with?

Great edit, Bob.&&&&&&Google it. &&&&www.google.com

Back to top

IP Logged

Reply #2 - Sep 19^th, 2003 at 11:14am

btbrossard Offline
Colonel
KMKE

Gender:
Posts: 22

These are the log entries from Norton:

Source: gydemn.exe
Description: The email attachment gydemn.exe is infected with the Worm.Automat.AHB virus.

Source: q778299.exe
Description: The email attachment q778299.exe is infected with the Worm.Automat.AHB virus.

Source: cebdzhs.exe
Description: The email attachment cebdzhs.exe is infected with the Worm.Automat.AHB virus.

Source: Q384939.exe
Description: The email attachment Q384939.exe is infected with the Worm.Automat.AHB virus.

Source: install.exe
Description: The email attachment install.exe is infected with the Worm.Automat.AHB virus.

/Benjamin

Back to top

IP Logged

Reply #3 - Sep 19^th, 2003 at 11:14am

Iroquois Offline
Colonel
Happy Halloween
Ontario Canada

Gender:
Posts: 3244

I got this, exept it was from my internet provider. This isn't a hoax, believe me. It's infected with the Blaster worm and another worm type virus that changes serial numbers, making it impossible to log onto Windows.

I only pretend to know what I'm talking about. Heck, that's what lawyers, car mechanics, and IT professionals do everyday. Wink

&&The Rig: &&AMD Athlon XP2000+ Palomino, ECS K7S5A 3.1, 1GB PC2700 DDR, Geforce FX5200 128mb, SB Live Platinum, 16xDVD, 16x10x40x CDRW, 40/60gb 7200rpm HDD, 325w Power, Windows XP Home SP1, Directx 9.0c with 66.81 Beta gfx drivers

Back to top

IP Logged

Reply #4 - Sep 19^th, 2003 at 12:16pm

Hagar Offline
Colonel
My Spitfire Girl
Costa Geriatrica

Posts: 33159

I've seen plenty of these some time ago. It appears they're doing the rounds again. At first sight they appear to be a genuine warning from M$. The message actually refers to a genuine security update. The links are also genuine but the attachment contains the virus. Delete it immediately.

M$ would never send out updates as an e-mail attachment. For the real thing, check the Windows Updates site regularly. Fortunately, it seems your anti-virus software dealt with it. Wink

Founder & Sole Member - Grumpy's Over the Hill Club for Veteran Virtual Aviators
Member of the Fox Four Group

Need help? Try Grumpy's Lair

My photo gallery

Back to top

IP Logged

Reply #5 - Sep 19^th, 2003 at 1:38pm

Birdie2112 Offline
Colonel
"They got that thing to
fly!?!?!?!?"

Posts: 70

I work in Internet Security, and deal with these things on a regular basis.

Hagar, your exactly right;
Microsoft will NEVER send out updates as patches, right now they use windows update for that, but that will soon be replaced as well.

In addition, that text is not the normal write up, but thats another story...

BOTTOM LINE:
NEVER DOWNLOAD ATTACHMENTS FROM E-MAIL, EVEN IF THEY LOOK LEGIT AND/OR APPEAR TO BE FROM MICROSOFT/SOMEONE YOU KNOW

Back to top

IP Logged

Reply #6 - Sep 19^th, 2003 at 1:51pm

Birdie2112 Offline
Colonel
"They got that thing to
fly!?!?!?!?"

Posts: 70

i just found this:

http://insight.zdnet.co.uk/0,39020415,39116512,00.htm

give you a bit more info about it

Back to top

IP Logged

Reply #7 - Sep 19^th, 2003 at 2:01pm

Scottler Offline
Colonel
Albany, New York USA

Gender:
Posts: 5989

Megastever you're my megahero. LOL

Great edit, Bob.&&&&&&Google it. &&&&www.google.com

Back to top

IP Logged

Reply #8 - Sep 19^th, 2003 at 2:37pm

Birdie2112 Offline
Colonel
"They got that thing to
fly!?!?!?!?"

Posts: 70

oh i am. i am. Kiss

Back to top

IP Logged

Reply #9 - Sep 19^th, 2003 at 11:23pm

Scottler Offline
Colonel
Albany, New York USA

Gender:
Posts: 5989

http://story.news.yahoo.com/fc?cid=34&tmpl=fc&in=Tech&cat=Computer_Viruses_and_W...

Great edit, Bob.&&&&&&Google it. &&&&www.google.com

Back to top

IP Logged

Reply #10 - Sep 19^th, 2003 at 11:27pm

Cherokee_6 Offline
Colonel
Calgary, Alberta, Canada

Gender:
Posts: 1298

Thanks for all the heads up guys!

P4 2.6 Ghz w/ 800Mhz FSB & HT Technology, XP Home, 512MB Dual Channel DDR SDRAM at 333 Mhz, 128MB GeForce FX 5200 Video Card, 80GB Ultra ATA/100 HD, Sound Blaster Live! 5.1 w/ Dolby Digital Sound Card.

Back to top

IP Logged

Reply #11 - Sep 19^th, 2003 at 11:35pm

BFMF Offline
Colonel
Pacific Northwest

Gender:
Posts: 19820

I've seen this over and over again.

just remember, don't ever open up an attachment unless your expecting it.

Always follow this rule Wink

COMPLETED: If Anyone Cares, Here's A Map Of My Current FSX Flight Around The World

My Reality Check Bounced

Back to top

IP Logged

Reply #12 - Sep 19^th, 2003 at 11:47pm

Cherokee_6 Offline
Colonel
Calgary, Alberta, Canada

Gender:
Posts: 1298

Quote:

I've seen this over and over again.

just remember, don't ever open up an attachment unless your expecting it.

Always follow this rule Wink

Try to tell my wife that! Roll Eyes

P4 2.6 Ghz w/ 800Mhz FSB & HT Technology, XP Home, 512MB Dual Channel DDR SDRAM at 333 Mhz, 128MB GeForce FX 5200 Video Card, 80GB Ultra ATA/100 HD, Sound Blaster Live! 5.1 w/ Dolby Digital Sound Card.

Back to top

IP Logged

Reply #13 - Sep 19^th, 2003 at 11:57pm

BFMF Offline
Colonel
Pacific Northwest

Gender:
Posts: 19820

lol

My mom once got woried about this and asked me about it.

My response was, "mom, you don't know enough to even run an attachment" Grin

and she really wouldn't know either Wink

COMPLETED: If Anyone Cares, Here's A Map Of My Current FSX Flight Around The World

My Reality Check Bounced

Back to top

IP Logged

Reply #14 - Sep 20^th, 2003 at 12:18am

btbrossard Offline
Colonel
KMKE

Gender:
Posts: 22

Quote:

just remember, don't ever open up an attachment unless your expecting it

Some e-mail programs will attempt to run the attactchment without user intervention.

For example, the web mail service I use on my server (OpenMail, I belive) ran the attatchment on a computer at work without any prompting.

Also, a good portion of people will try to open anything that gets sent to them via e-mail.

I'm sick of getting this crap. 10 messages at 142K each over dial up makes a slow e-mail experience Wink

.

/Benjamin

Back to top

IP Logged

Reply #15 - Sep 20^th, 2003 at 12:55am

Scottler Offline
Colonel
Albany, New York USA

Gender:
Posts: 5989

Quote:

For example, the web mail service I use on my server (OpenMail, I belive) ran the attatchment on a computer at work without any prompting.

And you still use it why? lol

Great edit, Bob.&&&&&&Google it. &&&&www.google.com

Back to top

IP Logged

Reply #16 - Sep 20^th, 2003 at 9:09pm

btbrossard Offline
Colonel
KMKE

Gender:
Posts: 22

Quote:

And you still use it why? lol

I don't have a choice if I want to check e-mail via the internet from my website. Thats the only webmail program offered by the web hosting provider.

Sorry if I bothered you.

/Benjamin

Back to top

IP Logged

Reply #17 - Sep 21^st, 2003 at 11:53am

Scottler Offline
Colonel
Albany, New York USA

Gender:
Posts: 5989

lol no you didn't bother me, I was just curious why you still use it if it does that, because it sounded like you didn't like that it does so...no worries. Wink

Great edit, Bob.&&&&&&Google it. &&&&www.google.com

Back to top

IP Logged

Reply #18 - Sep 21^st, 2003 at 1:36pm

Fozzer Offline
Colonel
An elderly FS 2004 addict!
Hereford. England. EGBS.

Posts: 24861

Quote:

I don't have a choice if I want to check e-mail via the internet from my website. Thats the only webmail program offered by the web hosting provider.

/Benjamin

Hi Ben...

...!
Can't you download Outlook Express 6, (mail service), directly from Microsoft...?
...and make this your mail program...?
Once your Server connects you to the Internet you should be able to download whatever program you want...?

Cheers mate... Grin

...!
Paul.
(England).

Dell Dimension 5000 BTX Tower. Win7 Home Edition, 32 Bit. Intel Pentium 4, dual 2.8 GHz. 2.5GB RAM, nVidia GF 9500GT 1GB. SATA 500GB + 80GB. Philips 17" LCD Monitor. Micronet ADSL Modem only. Saitek Cyborg Evo Force. FS 2004 + FSX. Briggs and Stratton Petrol Lawn Mower...Motor Bikes. Gas Cooker... and lots of musical instruments!.... ...!
Yamaha MO6,MM6,DX7,DX11,DX21,DX100,MK100,EMT10,PSR400,PSS780,Roland GW-8L v2,TR505,Casio MT-205,Korg CX3v2 dual manual,+ Leslie 760,M-Audio Prokeys88,KeyRig,Cubase,Keyfax4,Guitars,Orchestral,Baroque,Renaissance,Medieval Instruments.

Back to top

IP Logged

Reply #19 - Sep 21^st, 2003 at 6:58pm

btbrossard Offline
Colonel
KMKE

Gender:
Posts: 22

Quote:

Hi Ben...

...!
Can't you download Outlook Express 6, (mail service), directly from Microsoft...?
...and make this your mail program...?
Once your Server connects you to the Internet you should be able to download whatever program you want...?

Cheers mate... Grin

...!
Paul.
(England).

I use Outlook Express at home and it works great.

Howerver, when I want to check my e-mail without using any client side software (like at one of the computers at work), I use web mail.

I can not change the software that's loaded onto the server (it's a cheep hosting service).

For example, you can look at my website (www.btbrossard.com). ; The link at the bottom of the index page is for the web mail service.

/Benjamin

Back to top

IP Logged

Reply #20 - Sep 21^st, 2003 at 7:35pm

goball65 Offline
Colonel
Kitchener Ontario Canada

Gender:
Posts: 103

Getting this crap along with other suspicious e-mail on both yahoo and sympatico e-mail addresses for past few days.
As many as 10 per day in yahoo and 3 to 5 in sympatico.
Just delete this crap as MS doesn'r personalize and how many post masters are there for undeliverable mail?????????
Angry

Back to top

IP Logged

Reply #21 - Sep 21^st, 2003 at 7:42pm

Craig. Offline
Colonel
Birmingham

Gender:
Posts: 18590

havent recieved this one yet, thank god. After receiving hundreds of the last one a day i am thankful thats for sure

Back to top

IP Logged

	Search the archive: