They'll stop at nothing

[Norm]

To infect you.

I got this from a customer today, wondering if it is legitamately from our ISP.


"Dear user, the management of Cogeco.ca mailing system wants to let you know that,

Our antivirus software has detected a large ammount of viruses outgoing
from your email account, you may use our free anti-virus tool to clean up
your computer software.

Pay attention on attached file.

Note: Use password to open archive.

Best wishes,
The Cogeco.ca team http://www.cogeco.ca"


The attachment was a zipped file and it was passworded.
Now, in order to infect yourself, you have to have a freakin password


I get a kick out of the tactics these writers come up with.

[Roody]

I had a consulting job last year where they gave them their password.

You are right though man they will do just about anything to get to people.

[qball15j]

Their pretty smart but stupid at the same time. lol
A password on the ZIP, that's just funny!

[Grimson]

It's a secure file, must be safe to open.

[Norm]

They supplied the password as well.

See, they aren't ALL bad lol

This particular customer of mine gets everything under the sun in her email. If there's a virus out there, she gets a copy.

I don't know how many times I'll have to tell her again "Legit companies don't send file attachments to customers" before it sinks in.
Good thing she sends me a copy before opening them, or I'd be too busy cleaning viruses/worms to get to my other clients lol

[RoundEye]

I just got back from a friend's house about an hour ago, fixing a problem like this. Except it's on the cox network now too.

I installed a newer version of Norton's for him and when I called a few minutes ago he was at over 2500 infected files with Netsky.

[Blisster]

Originally posted by RoundEye
I just got back from a friend's house about an hour ago, fixing a problem like this. Except it's on the cox network now too.

I installed a newer version of Norton's for him and when I called a few minutes ago he was at over 2500 infected files with Netsky.

yeah, Netsky flew around a little netowrk my boss and I just started working with, as did the MyDoom.F variant. That little sucker erased all Word and Excel doc's on the freakin' machines! Sucked really bad for them, but locked us in on the contract. It's been a real mess to clean up.

[Roody]

Agreed. We have finally started to get the Teacher's at the school I work at to not open things they shouldn't.

[iaus10]

Sounds like the beagle virus that has been going around. Our work is fairly secure. Postini spam/virus filter offsite, virus scan at our email gateway, and anti-virus on all machines that auto-updates often. Now, if we could just get all the people to stop opening their hotmail and yahoo on thier work machines...

[minir]

Hi Norm

I have been screwing around for 3 days now and finally had to format and reinstall my Win2k pro because of a Nachi.B worm.

I'm very careful and have no idea how it got their.

I had first be advised that i had a corrupted file NTOSKRNL.EXE in System32 and after trying to Repair, or Replace it, all of a sudden up pops AVG with the AntiVirus Warning of the Nachi.B

It simply kept coming back so i wiped it clean. Real pain in the butt as i keep everything updated and never accept an attachment from someone i don't know.

I also keep getting the one from Sprint advising me to open their Patch as well as several others. It really is crazy anymore.

regards

minir

[Mehmet]

The problem you have is named "Windows."

[Norm]

Minir, you should have posted about it here.

That worm is also known as W32.Welchia.Worm and Symantec has a removal tool for it.

http://securityresponse.symantec.com/av ... .list.html

Do yourself a favor and download all those removal tools, and keep them on CD for when/if the time comes you need them.

[minir]

Hi Norm

I used one called Nachigui from i think Sophos. It cleaned it, but somehow it kept returning. damndest thing.

AVG has it 6 times in it's Virus Vault???

Thanks for the Tip i will do that with the Tools.

Have a Good one & Thanks


regards

minir

[SGTMAJRET]

My boss got two of those yesterday. Our email filtering deleted the payload.

[iaus10]

Originally posted by Mehmet
The problem you have is named "Windows."

I'm a huge proponent of open-source, but really if Mac OS or *nix were as popular as Windows, there'd be rampant virus problems with them as well.

[The_Lurker]

they're like terrorist damnit!

shoot 'em all !!!!!!

[Blisster]

Originally posted by iaus10
I'm a huge proponent of open-source, but really if Mac OS or *nix were as popular as Windows, there'd be rampant virus problems with them as well.

if pOS-X were as popular an office suite as WXP it would have the same problems.

[Mehmet]

Originally posted by iaus10
I'm a huge proponent of open-source, but really if Mac OS or *nix were as popular as Windows, there'd be rampant virus problems with them as well.

not really, as microsoft just seems to make more problems as it tries to release security updates.

Sure, small user base might make it so that we don't need to find holes and fix them.

wrong, as apple releases security updates all the time, even though many people have not exploited them, not like MS where, the hole is exploited, and then they release an update. Oh, and there are viruses that are cross-platform, made using macro's in word and what not that do affect os X as well as windows. Pretty funny how microsoft can spread it's security holes to other OS's.

also, *nix is pretty damn popular man, more than half of the servers on the web run on *nix). But they haven't been attacked on a major scale. Oh, and blisster, pOS X? im guessing you haven't used it yet.