[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: Virus warning
- From: "Tyler Nally" <tnally iquest net>
- To: <redhat-install-list redhat com>,"Steve Fernandez" <franline eth net>,"Ajith Kumar R" <joker13in yahoo com>, "Ali K" <alik super net pk>,"ALL" <majestic-c99 egroups com>, "Amal Chandran" <amalc eth net>,"Anand Swaminathan" <anandswaminathan vsnl com>,"Ann Meril Tom" <meriltom yahoo com>,"Arjun" <arjunk_007 rediffmail com>,"Ashok Chandran" <ashokmec hotmail com>,"Asif Iqbal Mooppan" <asif_mooppan yahoo com>,"Aysha Hasna" <ayshah eudoramail com>,"Biby Kuriakose" <bibykuriakose hotmail com>,"Bindia George" <bindia bigfoot com>,"Bittu Biji Eappen" <b2bg hotmail com>,"Bliss Cyriac" <blisscyriac yahoo com>,"Brinda Ramachandran" <brindu_2000 yahoo com>,"Danilin Franlklin" <danilin_99 yahoo com>,"Deepak Surie" <dksurie vsnl com>, "Dhinu Johnson" <dhinujk usa net>,"Dilip Baba" <dilsofhearts yahoo com>,"Fr. Joseph Van Leuwen" <joejxp yahoo com>,"Fr. Ken Breen" <frkenbreen yahoo com>,"Harish G" <harishg_in yahoo com>,"Issac John" <issac_john_123 yahoo com>,"Janosh George" <janosh_george yahoo com>,"Java - Linux" <java-linux java blackdown org>,"Jeny" <jenyspy hotmail com>, "Jeny Jose" <fourens eth net>,"Jinu Thomas" <jinu loveable com>,"Jisha Thomas" <jishathomas sify com>,"Joel Baby" <joel_b rediffmail com>,"Joseph Vinish D'silva" <j_v_dsilva yahoo com>,"Juby Jacob" <juby_roja usa net>, "Kaffe" <kaffe rufus w3 org>,"Kalum" <kalum delrom ro>, "Karthik Sharma" <ksharma_1999 yahoo com>,"Kasthuri Pillai" <kasthuri_pillai yahoo com>,"Kavya Gopi" <kavyag angelfire com>,"Lawrence Jude Almeida" <almeidalj hotmail com>,"Lifin T H" <lifin rediffmail com>, "Liju Rose" <lijurose yahoo com>,"Mahesh Sarma" <maheshsarma_a yahoo com>,"Malcolm Oliver" <malcolm md3 vsnl net in>,"Malini Nair" <malmdm yahoo com>,"Meera Joseph" <meeras007 yahoo com>,"Meghna N B" <friends_maggie yahoo com>,"Neelima Balakrishnan" <neelimabalakrishnan hotmail com>,"Neena Thomas" <cheetafox rediffmail com>,"Neil Barnard" <neilbarn yahoo com>,"Nirmal Unnikrishnan" <nirmaalu hotmail com>,"Nithin John" <njohn_82 yahoo com>, "Prem" <picstudio satyam net in>,"Prof. P. C. Thomas" <pcthomas vsnl com>,"R. K. Ajay" <ajaykrishnan eth net>,"Ranjith K. Y." <ranjithky yahoo com>,"Ranjitha Raja" <rr2507 yahoo com>,"Reshma Ramdas" <reshmaramdas yahoo com>,"Reshmi C. S." <yellow992000 yahoo com>,"RHL Developers" <redhat-devel-list redhat com>,"RHL List" <redhat-list redhat com>,"Riya Raju" <riya_raju yahoo com>, "Ronny" <renit eth net>,"Roshni Firoz" <phantomrosh hotmail com>,"Sajin Mathew" <trimarant eth net>,"Sanish N. S." <sanish_ns usa net>,"Shabana M" <shabana_m angelfire com>,"Shiney Subhas" <shiney_v satyam net in>,"Shyam Kumar" <shyamkumars yahoo com>,"Siby R Subhagan" <scorpio234 usa net>,"Soji V. P." <sojin england com>, "Soumya G Nair" <sgn999 yahoo com>,"Sreejith S." <sushamar eth net>,"Sreevisakh V. G." <sreevisakhvg yahoo com>,"Sudheesh Suresh" <sudheesh_99 yahoo com>,"Sumi Panicker" <sumi_mp rediffmail com>,"Susan George" <susan_mec usa net>,"Teena T. Rani" <teena_rani yahoo com>,"Thomman Korah" <korahs vsnl com>,"Vijay Venoo Thampy" <thampy postmark net>,"Siraj Sir" <ahmedsiraj rediffmail com>
- Subject: Re: Virus warning
- Date: Wed, 25 Jul 2001 16:45:43 -0500
This is a particularly bad internet worm that installs it's own
SMTP server on your machine and then starts e-mail those that are
referred to in documents and your local address book with the message
you described below *attached* to files that exist in your local
"My Documents" directory.
I've several times now received messages (glad I didn't open any of them)
from two different e-mail addresses on the 'net that I've no clue as to
who they are. One has sent me megabytes of documents w/ the SirCam
worm built into it and another has only sent me two pieces of e-mail.
More can be read at ...
http://www.sarc.com/avcenter/venc/data/w32 sircam worm mm html
.. about the worm/virus. It really is a nasty one. The friendly
folks at www.sarc.com (Symmantec Antivirus Research Center) rate
this one a "4" because of it's fast spreadability. A 4 is quite a
bit worse than most of the offending viri out there.
Tyler
----- Original Message -----
From: "Ramesh Narayanaswamy" <lellan eth net>
Sent: Wednesday, July 25, 2001 2:36 PM
Subject: Re: Virus warning
> Hey Steve man...
>
> Thanks a lot for the warning. I'm sure it'll serve more than a "digitally
> signed Steve message" to all who have been (un)fortunate enough to be in
> your Address Book. If you haven't already done this, install a good firewall
> (I strongly recommend ZoneAlarm) so that you have complete control of your
> Internet Activity. Plus, if you feel like it, get CookieMuncher v3.7 -- it
> does what it says it does. ;-) (Unless you intend on researching on the
> potentially dangerous properties of Net-Sensitive viri)
>
> I depart, O Traveller, with a simple message -- "Verbum Sapienti" (long
> story behind the message, ring/e-mail/talk for further details).
>
> Cheers,
> Ramesh
> "For the love of life."
>
>
> ----- Original Message -----
> From: "Steve Fernandez" <franline eth net>
> Sent: Wednesday, July 25, 2001 8:03 PM
> Subject: Virus warning
>
>
> > I found a virus on my system today, probably a new one, which
> > bypassed all my antivirus software, and since all of you have your email
> > ids in my address book, you all are potential targets, and so I'm
> > sending this warning to you.
> >
> > I received this virus twice in the past two days, from two
> > people completely unknown to me. The virus selects a random subject each
> > time it retransmits itself, but I've got the same message content on the
> > two occasions. The message content is:-
> >
> >
> > "Hi! How are you?
> >
> > I send you this file in order to have your advice
> >
> > See you later. Thanks"
> >
> >
> > After receiving this email, which has an attachment about
> > 120-140 KB in size, I noticed unnecessary traffic over my internet
> > connection. Also, two new threads, called Sirc32 and pstores, showed up
> > on the system (does not appear in the CTRL+ALT+DEL task list) When I
> > searched in my registry, I found that HKEY_LOCAL_MACHINE - Software -
> > Microsoft - Windows - CurrentVersion - Run (it's in one of the Run*
> > folders) has a key called "Driver32" which instructs my system to run a
> > file called C:\RECYCLED\TEST.EXE (you will find two .EXE files hidden in
> > your C:\RECYCLED directory) I have removed all these files from my
> > system. I advise you to take a backup before you do anything.
> >
> > Good Luck.
> >
> > Regards,
> > Steve Fernandez.
>
>
>
> _______________________________________________
> Redhat-install-list mailing list
> Redhat-install-list redhat com
> https://listman.redhat.com/mailman/listinfo/redhat-install-list
>
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]