grayhaze

Join Date 07/2001

Let's play the 'name the virus spreader' game! :)

Okay, I'm getting heaps of these damn virus e-mails as a result of the latest idiot virus creation 'Doom'. However, I think I can at least help one person to realise they have the virus on their machine.

Today I got an e-mail to my PayPal donations e-mail account with a spoofed from address of 'ian @ stardock.com' (note the spaces to prevent further spread). So if you have made a donation to me in the past for my skinning work (and let's face it, that narrows it down a heck of a lot

) and also know an Ian who works at Stardock, you might want to scan your machine for the virus.

This public service has been brought to you by grayhaze.com and the letter 'V'.

Locked Post

Advanced Search

Watch this post

Do not email me updates for this post Email me updates for this post

Successfully updated karma reason!

unfortunately its probably from someone elses address book that has you and ian's address.

Successfully updated karma reason!

Erm... yes... that's actually what I was saying IR. Hmm...

The point is, it's highly unlikely that someone would accidentally have those two addresses stored on their machines unless they had previously sent mail to them, or received mail from them. Both addresses do not appear online for the casual web browser.

Successfully updated karma reason!

kona0197

Join Date 02/2003

+86

Hi Grayhaze. Long time no see. Thanks for the warning but i have never got one yet. I haven't had but 1 email this week.

Successfully updated karma reason!

Sign Up or Login and this ad disappears!
There are many great features available to you once you register. Sign Up for a free account and browse the forums without ads.

goodmorphing

Join Date 03/2002

Well, the other day I clicked on a link and my firewall started going off. I ran an indepth scan from AdAware and found two malicious files which I deleted. I also ran an online virus scan which came up clean. Norton is up-to-date. I keep OE closed and seldom use it, my other mail program warns me of silent messages being sent (and I also keep it closed most of the time. Since all these viri have been going on, I have started using web-based mail).

..... and I don't think I have ian's address either (but didn't the information say that the virus tries to guess addresses?).

Successfully updated karma reason!

sorry grayhaze...I missed a word or two in your post...DOH!

Successfully updated karma reason!

Jafo

Join Date 03/2001

+1845

GM...'up to date' means now, not a few days ago.

This virus and its second version are bloody annoying.....my ratio of valid emails to virii is about 1 to 20 at the moment....Norton is only 9 hours old from last manual update check....scanned my system for tell-tale signs...and am clean...but someone [or more] out there is seriously dirty....

Successfully updated karma reason!

Virus making will be a hate crime.

http://www.satirewire.com/news/0112/hate_crime.shtml

[Message Edited]

Successfully updated karma reason!

1 to 20

Had that happen a few months back and had to change my email address it got so bad. I think it was in a 72hr period I got hit with upwards of 16-20 attacks. Don't exactly remember, just understand the annoyance you are now going through. Fortunately Nortons snagged them all before any got loose on my computer.

This thread is giving me the willies...going back to Norton's again

...now downloading the latest definitions

Successfully updated karma reason!

The addresses are spoofed, not only that, they are guesses. I have my own domain with a catchall account. I have recieved over 50 messages to users that don't exist on my domain. I also get messages that state these same users have sent the virus on to other domains. Again, they are non-existant users. So they can't be in anyones address book, they have to of been made-up.

[Message Edited]

Successfully updated karma reason!

Jafo

Join Date 03/2001

+1845

"Hate crime statutes are specifically designed to protect minority groups," said ACLU President Nadine Strossen. "I'm not sure the number of stupid computer users meets that criterion."

Hehehehehehehehehehe.....

Successfully updated karma reason!

goodmorphing

Join Date 03/2002

GM...'up to date' means now, not a few days ago.

hehe... now, I am cumpulsive (read getting real paranoid) about it. I check every few hours! I check for updates on the firewall and AdAware too. Last I checked Norton it said I was up to date, then within two hours I caught it updating again! This thing is bad!

Successfully updated karma reason!

Jafo

Join Date 03/2001

+1845

"The message contains Unicode characters and has been sent as a binary attachment."

Yeah, right....and I'm the Pope....

Successfully updated karma reason!

Glad you said that. I updated Norton first thing this evening, just done it again and yet another 316k of updates

Not that it would matter. My ISP intercepts all viruses before they reach me, and 99% of spam too.

Successfully updated karma reason!

goodmorphing

Join Date 03/2002

Microsoft has now offered a big reward for whoever helps catch the author.

Successfully updated karma reason!

I don't get them because I have no friends

Successfully updated karma reason!

with digital_trucker. I don't get very many of them because my email server is crazy. Sometimes it even let me send an email.

I guess in this case its a good thing.

Successfully updated karma reason!

goodmorphing

Join Date 03/2002

Awhile ago I got fed up with my ISP mail. I decided to pay for a server that had better functions. I decided on fastmail.fm http://www.fastmail.fm as much for the storage as anything else. It has a lot of other features including the ability to make alias, storage, the ability to host my own domain (if i had one and paid just a little more a year), rigorous virus and spam filtering. I get some spam now and then, not a lot. And I have never gotten a virus through the mail.

No matter where I go, or what ISP I have (or don't) I can always have this address, or an alias. The storage is also very nice.

Successfully updated karma reason!

i'm also getting emails from admin@ on my email.. funny because i'm the admin, and thats not my addie. they just see a domain name and spoof a user. been getting a few emails from my mother's addie, norton's killing them on sight.. something runs through someone's address book, in this case its probobly my sister's in SC, and sends it self out as one of the people on her list. i havn't had a virus myself in a long time though.. tip is to keep your virus software up to date.

paying a norton subscription is something i've never second-guessed. you see more then ever where your money goes.. it pays these people to figure out ways to detect and destroy all types of crazy little things.

Successfully updated karma reason!

HG_Eliminator

Join Date 07/2002

+354

ok a good way catch a e mail virus is to put aaa@aaa.com this is an invalid e mail adress ..put it in your adress book if you start recieving *returned or undeliverable messages** that were sent to that adress u know theres a virus sendin hidden e mailout.....

Successfully updated karma reason!

Here is something I found on Symantec's web site:
http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html

The worm also prepends any of the following names to the domain name obtained:

adam
alex
alice
andrew
anna
bill
bob
brenda
brent
brian
claudia
dan
dave
david
debby
fred
george
helen
jack
james
jane
jerry
jim
jimmy
joe
john
jose
julie
kevin
leo
linda
maria
mary
matt
michael
mike
peter
ray
robert
sam
sandra
serg
smith
stan
steve
ted
tom

Yesterday I recieved over 100 messages to these different names on my domain.

paying a norton subscription is something i've never second-guessed

I couldn't agree more. Norton has protected me against every virus that has come around. It's auto-update feature updates my definitions within hours after they publish a new set.

#21 by Mr HG_Eliminator -

The problem with this virus, is that messages are spoofed with your email address on some else's computer. They aren't necessarily sent from your computer.

By the way some of the anti-virus programs out there, including Norton Anti-Virus, now scan emails on the way out for viruses. So, if I somehow did become infected, I shouldn't be able to spread it via email.

Successfully updated karma reason!

The problem is twofold: 1) some idiot enjoys harrassing people through virii; and 2) there are a lot of people who need to get send to "how do I prevent myself from getting virii" school.

As usual, I haven't gotten one. I feel so left out. Maybe I should invet in an anti-virus app and hope that some will be sent my way.

Successfully updated karma reason!

goodmorphing

Join Date 03/2002

Dear Crae:

Hi.

I am a poor person's virus. I am so poor I don't have the technology or the knowledge to harm your computer. Please be kind enough to assist me by deleting important files in your windows directory. And then, if you would, send a copy of this note to all your friends.

I thank you for your kind assistance,
Poor Person

Successfully updated karma reason!

HG_Eliminator

Join Date 07/2002

+354

Successfully updated karma reason!

KarmaGirl

Join Date 03/2001

+118

The problem is that virus spoofs email addresses like crazy. I got an email from an admin that said that an email address of mine sent a virus. the beauty of that is that it listed an alias name, not one that actually can send email. I also Use PMMail, which doesn't have the same vulnerabilities.... gack

I hate those things......

Successfully updated karma reason!

Oh yeah, I do get those. Mail servers claiming I sent them virii. Nasty.

Back when I still worked in a large organisation, I would also get dozens of emails from 'helpfull' colleagues warning everyone of potential virii.

Now, Poor Person's Virus, which files would you like me to delete? I'd be glad to assist, 'cause now I'd finally fit in with the crowd. I'm so excited!

Successfully updated karma reason!