Virus recieved in your email attachment

[ice_dog]

Have been getting lots of emails with virus embedded in the attachment with title being "Thank You", or " RE: That Movie", or "RE: The Details"

I have been receiving a least 3 per day since Friday.

In general, you should delete emails with attachment from somone you don't know. Use the anti-virus software to scan it if the you have the currenr version. Virus has to be embedded in an attachment. It cannot exist in the body of email in text form.


If you have been applying for jobs thru the internet, you should realize that many job sites require you to paste your resume and covering letter in ascii form into the space provided in the job site . They no longer accept email application with resume in the attachment.

I heard that the latest virus originated from some porn site. Shit, that is not a good reflection on me...lol

 

[LateComer]

I have been receiving a least 3 per day since Friday.

I heard that the latest virus originated from some porn site. Shit, that is not a good reflection on me...lol

I've received a lot more than that - lol.

 

[thecoolguyms72]

I received a few that were from the Mail Delivery or something like that saying something wasn't deliverable. There there was an attachment labelled "the details". I think it was this site that informed me of the problems with those particular titles. I wouldn't have opened it as it didn't look official enough, and they don't usually send file attachments with undelivered mail. But I do thank those of you that post this information here. Sad that I get most of my good information from an escort site, but oh well.

Coolguy.

 

[bobistheowl]

Also beware of any attachment with a double file extension, like goldfish.jpg.scr.

Links in emails can also give you a virus because .com can be either an internet page or an MS-DOS executable, equivelent to .exe in Windows.

 

[ice_dog]

Useful information

 

[Stumpy]

I got home tonight after a weekend away. 63 emails in my inbox, only 3 of which meant anything to me. The rest all had either 'Thank you' or 'Re: Thank You" or another form.

One of the emails DID however, contain the following, so I thought I'd pass it along.


Dear Rogers Hi-Speed Internet Customer,

With sudden increase of viruses circulating on the Internet this is a good opportunity to provide you with a summary of the most recent virus threats as well as information to help you avoid them and potentially remove them if your computer has been infected.

Here are 3 critical points that can help protect Rogers Hi-Speed Internet customers from viruses:

Keep your software updated
Always use an updated virus protection program to scan files and Email messages for viruses.
Regularly run Windows Update to ensure that your computer has the latest security patches.


Keep yourself updated
The Rogers Hi-Speed Internet Homepage and the Customer Support Website are regularly updated with the latest virus information that could potentially affect Rogers Hi-Speed Internet customers.


Use Common Sense when using Email No matter how trusted the source (from Microsoft or your best friend), never run programs sent to you as an Email attachment without scanning them for viruses first.


Virus Summary:


W32/Sobig.f@MM Virus

Key Points about this virus:
This virus arrives as an infected Email attachment with one of the following names: your_document.pif, document_all.pif, thank_you.pif, your_details.pif, details.pif, document_9446.pif, application.pif, wicked_scr.scr, movie0045.pif

The Subject line of this message may appear as one of the following: Your details, Thank you!, Re: Thank you!, Re: Details, Re: Re: My details, Re: Approved, Re: Your application, Re: Wicked screensaver, Re: That movie


How to avoid being infected:

Do not run any attachments that end with .pif or .scr.

Update your Virus Protection program and set it to scan incoming Email messages.

Delete this Email message immediately and empty your deleted items folder.

What happens if your computer gets infected?

The virus will send out copies of itself to everyone in your Email address book.


How to clean the virus if your computer is infected:

Use your updated virus protection program to scan your computer and clean this virus off your system.

If you do not have a virus protection program, a number of stand-alone Sobig Virus removal tools are available. Note that these programs are not a substitute for virus protection programs:
Sobig Virus Removal Tool From Symantec (Norton)

Click here to get additional information about the Sobig virus




W32.Dumaru@mm Virus

Key Points about this virus:
This virus arrives as an infected Email attachment named patch.exe.

The 'From' address appears as security@microsoft.com. (Microsoft did not send this Email message.)
The Subject line of this message appears as: Use this patch immediately!


How to avoid being infected:

Do not run the Patch.exe file

Update your Virus Protection program and set it to scan incoming Email messages.

Delete this Email message immediately and empty your deleted items folder.

What happens if your computer gets infected?

The virus will send out copies of itself to everyone in your Email address book.


How to clean the virus if your computer is infected:

Use your updated virus protection program to scan your computer and clean this virus off your system.

If you do not have a virus protection program, a number of stand-alone Dumaru Virus removal tools are available. Note that these programs are not a substitute for virus protection programs:
Dumaru Virus Removal Tool From Symantec (Norton) (Norton)

Click here to get additional information about the Dumaru virus


con't

 

[Stumpy]

cont'd

W32.Blaster.Worm Virus

Key Points about this virus:
Unlike typical computer viruses that arrive as Email attachments, Worm viruses attack open communication ports on vulnerable computers, often without your knowledge.
This particular virus has been designed to take advantage of security flaws within the Windows Operating System.
Rogers has put a number of network security measures in place to prevent computers from being infected.
To date, we have seen minimal impact from this particular virus. However, the best way to prevent your computer from becoming infected by this virus and future viruses designed to take advantage of the same security issues within Windows is to run Windows Update.


How to avoid being infected:

Ensure that your version of Windows has the latest security patches by running Windows Update.


What happens if your computer gets infected?

Your computer may repeatedly restart (about every 60 seconds).
Your computer (in conjunction with all other infected computers) may attempt to launch a Denial of Service attack on the Microsoft Windows Update Website without your knowledge.


How to clean the virus if your computer is infected:

Follow the instructions on the Customer Support Website.




W32.Welchia.Worm Virus

Key Points about this virus:
Similar to the Blaster Worm virus, the Welchia Worm Virus also attacks open communication ports on vulnerable computers, often without your knowledge.
This particular virus has been designed to take advantage of security flaws within the Windows Operating System.
Rogers has put a number of network security measures in place to prevent computers from being infected.
To date, we have seen minimal impact from this particular virus. However, the best way to prevent your computer from becoming infected by this virus and future viruses designed to take advantage of the same security issues within Windows is to run Windows Update.


How to avoid being infected:

Ensure that your version of Windows has the latest security patches by running Windows Update.


What happens if your computer gets infected?

Your computer may repeatedly restart (about every 60 seconds).
Your computer (in conjunction with all other infected computers) may attempt to launch a Denial of Service attack on the Microsoft Windows Update Website without your knowledge.


How to clean the virus if your computer is infected:

Follow the instructions on the Customer Support Website.




W32/Mimail.A@mm Virus

Key Points about this virus:
This virus arrives as an infected Email attachment named message.zip.

The 'From' address appears as Admin@yourdomain (For example, if you receive the virus Email in one of your @rogers.com email accounts, the 'From' field will appear as: Admin@rogers.com (Rogers did not send this Email message.)
The Subject line of this message appears as: Your account (username) Note that (username) is a variable. For example, if your email account is johnnyq@rogers.com, the subject line may appear as: Your account johnnyq.


How to avoid being infected:

Do not run the message.zip file.

Update your Virus Protection program and set it to scan incoming Email messages.

Delete this Email message immediately and empty your deleted items folder.

What happens if your computer gets infected?

The virus will send out copies of itself to everyone in your Email address book.


How to clean the virus if your computer is infected:

Use your updated virus protection program to scan your computer and clean this virus off your system.

If you do not have a virus protection program, a number of stand-alone Mimail Virus removal tools are available. Note that these programs are not a substitute for virus protection programs:
Mimail Virus Removal Tool From Symantec (Norton)

Click here to get additional information about the Mimail virus

 

[Stumpy]

Sorry about not being able to post the links properly, but at least it gives you a heads up on some of these buggers.

 

[WhOiSyOdAdDy?]

In my address book.. I put a name 0000 with an email address of 0000@0000.com If I ever see an email that says a message could not be delivered to this address.. I know that something has infected my computer.. fortunately this has not happened yet

 

[bobistheowl]

Be wary of the .bat and .cab extensions in Email attachments as well.

It's also possible to be infected by a downloaded html document.

I sometimes download complete web pages, which creates an html document and a file folder with .jpg, .gif, .js [Java Script document] files, etc. Individual files can be removed from the folder, if you want to take a graphic, for example. If either the html document or the folder is deleted, the other is as well.

I downloaded from one site that also had a file with the same name as the website, including the .com file extension. I noticed it when I tried to move the contents of that folder to a floppy disk - I received error messages stating that it could not be done. I decided to hide it in the Recycle Bin and perhaps try to figure out just what its' function was. A couple of days later, it was gone, along with the other files in the Recycle Bin. I didn't empty the Bin. I think it was a time released application that deleted all files in the folder in which it was kept.

Saved html documents will still execute any popup window attachments, even if you're not connected to the Internet. There's more to worry about than just Emails.