| View previous topic :: View next topic |
| Author |
Message |
gshv
Joined: 01 Feb 2003
Posts: 7898
Location: Fairfax, VA USA
|
 Posted: Tue Jan 27, 2004 2:32 am Post subject: W32/MyDoom virus warning. |
 |
|
If you receive a message that says something like "The message contains Unicode characters and has been sent as a binary attachment.", or just an e-mail with a bunch of random characters and binary attachment - do not open the attachment. One of chip collectors got infected with this virus, so many of us may receive this message.
Genna |
|
| Back to top |
|
 |
CPUShack
Joined: 16 Jun 2003
Posts: 34259
Location: State of Jefferson, USA
|
|
| Back to top |
|
|
Borris70
Joined: 24 Apr 2003
Posts: 988
Location: Germany
|
| Posted: Tue Jan 27, 2004 10:07 am Post subject: |
|
|
my panda also killed one 
_________________
best regards borris
+++++++++++++++++
++ cpu-sammlung.de ++
+++++++++++++++++ |
|
| Back to top |
|
|
gshv
Joined: 01 Feb 2003
Posts: 7898
Location: Fairfax, VA USA
|
| Posted: Tue Jan 27, 2004 10:09 am Post subject: |
|
|
I received about 10 of them, and I had a pleasure of killing all of them manually
Another thing about this virus - the "From" field may contain an e-mail address you may know. This is not the person who sent you the virus! Use the first "Received" e-mail header to track the source of the virus.
Genna |
|
| Back to top |
|
|
fRaSsL
Joined: 31 Mar 2003
Posts: 1570
|
| Posted: Tue Jan 27, 2004 12:48 pm Post subject: |
|
|
These problems would not exist, if no one uses Outlook. The stupidity of the most computer users made these attacs possible.
_________________
Frank. |
|
| Back to top |
|
|
Trogdor
Joined: 26 Mar 2003
Posts: 166
Location: Denver, Colorado
|
| Posted: Tue Jan 27, 2004 12:59 pm Post subject: |
|
|
That reminds me.... I've been meaning to install Eudora Light.... 
_________________
 |
|
| Back to top |
|
|
Trogdor
Joined: 26 Mar 2003
Posts: 166
Location: Denver, Colorado
|
| Posted: Tue Jan 27, 2004 1:13 pm Post subject: |
|
|
Bah. I don't like it.
_________________
|
|
| Back to top |
|
|
CPUShack
Joined: 16 Jun 2003
Posts: 34259
Location: State of Jefferson, USA
|
| Posted: Tue Jan 27, 2004 2:53 pm Post subject: |
|
|
I have now recieved 35 of them
Anti-virus caught them all.
I use Outlook and love it..wont use anything else.
But I do keep it safe (with NAV)
_________________
New for 2025! The CPU Shack has a co-processor!
Visit The CPU Shack of microprocessor history and information. |
|
| Back to top |
|
|
jrmunro
Joined: 01 Feb 2003
Posts: 3149
Location: Vancouver, Canada
|
| Posted: Tue Jan 27, 2004 6:34 pm Post subject: |
|
|
Everyone
My NAV didn`t catch this one. Thanks to Genna for letting Me know that I
had the virus. I removed it with the fix from Symantec.
BTW I use the latest version of Eudora Pro.
John |
|
| Back to top |
|
|
morkork
Joined: 25 Feb 2003
Posts: 447
Location: Nuremberg, Germany
|
| Posted: Tue Jan 27, 2004 7:18 pm Post subject: |
|
|
Well, whatever e-mail program you use, you still get them, but they won't hurt, if you don't use Outlook or open them by double click I use Notes and I got about 40 today... hopefully our mail server virus wall will be updated tomorrow.
_________________
..::morkork::..
http://cpu-collection.de |
|
| Back to top |
|
|
fRaSsL
Joined: 31 Mar 2003
Posts: 1570
|
| Posted: Wed Jan 28, 2004 2:20 am Post subject: |
|
|
Gennadiy already has this virus and he seems to spread it out. I received a faked email by him this morning.
_________________
Frank. |
|
| Back to top |
|
|
gshv
Joined: 01 Feb 2003
Posts: 7898
Location: Fairfax, VA USA
|
| Posted: Wed Jan 28, 2004 10:01 am Post subject: |
|
|
| fRaSsL wrote: | | Gennadiy already has this virus and he seems to spread it out. I received a faked email by him this morning. |
"From" field is forged. Each time the virus sends itself it retrieves two e-mail addresses from infected computer: one is forged into the "From" field, and then the virus sends itself to the second e-mail. To identify the source of the virus please get an IP address from the first "Received" header, then search old e-mails on your computer for this IP address.
Genna |
|
| Back to top |
|
|
fRaSsL
Joined: 31 Mar 2003
Posts: 1570
|
| Posted: Wed Jan 28, 2004 10:07 am Post subject: |
|
|
Then somebody with your email in the address book spreads it :-/
_________________
Frank. |
|
| Back to top |
|
|
gshv
Joined: 01 Feb 2003
Posts: 7898
Location: Fairfax, VA USA
|
| Posted: Wed Jan 28, 2004 10:15 am Post subject: |
|
|
| fRaSsL wrote: | | Then somebody with your email in the address book spreads it :-/ |
If you still have the e-mail and you can send me full headers I can try to determine who sends it.
Genna |
|
| Back to top |
|
|
fRaSsL
Joined: 31 Mar 2003
Posts: 1570
|
| Posted: Wed Jan 28, 2004 10:53 am Post subject: |
|
|
Return-Path: <---removed--->
Received: from yahoo.com ([142.179.26.206]) by mailin05.sul.t-online.de
with esmtp id 1Alboq-0ntYCu0; Tue, 27 Jan 2004 23:36:28 +0100
From: ---removed---
To: ---removed---
Subject: Hello
Date: Tue, 27 Jan 2004 14:38:12 -0800
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_NextPart_000_0013_2C5BD52E.B1EB7056"
X-Priority: 3
X-MSMail-Priority: Normal
X-Seen: false
X-TOI-SPAM: n;0;2004-01-27T22:36:41Z
Edit: Removed e-mail addresses. Genna
_________________
Frank. |
|
| Back to top |
|
|
|
![[ Hidden ]](https://cdn.cpu-world.com/forum/templates/CPUWorld/images/lang_english/icon_email.gif "[ Hidden ]"){kind=icon}
