Sign in to follow this  
Guest Motormouse

Someone's got a virus,please check your systems

Recommended Posts

Heads up gang,In my e-mail box today I got some returned 'spoofed' mailswith both one of my e-mail addresses and Chris Low'se-mail address in the header.Now, I'm not pointing a finger here at anyone in particular, butmy guess is the only person likely to have both of those addresses on their system is also likely to frequent this here forum.You need to be checking for the 'Win32.Netsky.P@mm' virus, and a remover can be downloaded from herehttp://securityresponse.symantec.com/avcen...moval.tool.htmlThere's lots of variants to this one :-(Thanks:-wavePete

Share this post


Link to post
Share on other sites
Help AVSIM continue to serve you!
Please donate today!

I have my e-mail box under UNIX & I got many letters with virus, but they have strange topic so they are easy seen as infected. I can't open attachment - I have to save it and send via ftp to my computer & then I can open to infect my computer. So I don't have to care about viruses.B.Adamski

Share this post


Link to post
Share on other sites

Hi Bogdan,Yes the mails have a strange topic!I didn't have to worry about it either, my e-mail scanner deleted the virus files, so I had to look at the 'log' file to check which viruswas coming in!:-wavePete

Share this post


Link to post
Share on other sites

Pete,I have just run an updated virus check on my PC, but none were detected. In addition, your e-mail address is NOT currently included on my list ! Therefore, it is unlikely that the virus came from me.Chris Low.

Share this post


Link to post
Share on other sites

I also ran the test and checked clean.glidernut

Share this post


Link to post
Share on other sites

Hello.I ran tests of both my computers, and they are updated and clean.Viruses is knocking on the door every day, so I receive and install upgrades of the "NORMAN" antivirus every week.Lars Peter.:-wave

Share this post


Link to post
Share on other sites

I have Panda antivirus and latest updates ,ran chk and is clean .CaptRolo

Share this post


Link to post
Share on other sites

No problems here (right now...) ;)Mind you, we use a 3rd party email quarantine system ;) If you 'just' reply to one of my office emails, it falls into a black hole! You HAVE to type it in the header - or else. Great system, really :-waveRegards,**************Jonathan Point**************"I'd rather be down here wishing I was up there than up there wishing I was down here"

Share this post


Link to post
Share on other sites

Right now I need a shower but otherwise I'm "clean" :-)It could be anyone and it's no big deal to those of us that are protected. I know that I sound conceited now but I believe that viruses are mostly a non-issue. Yes, the latest "Sasser" was different but in 99% of cases it takes the launching of a real obvious attachment to get infected. In any event, even if one would be prone to look at any attachment someone dumps in your mailbox an updated AV will trap it before you ever get a chance to see it.Hans Petter

Share this post


Link to post
Share on other sites

Just fired up regedit to look for the keys but I came up clean. I also checked clean on the files it dumps into %WINDIR% too. I'm running my weekly NAV scan now in case I've picked something else up but that'll take a couple of hours to complete.I've only received two email virii in my life, both of which were caught by NAV. The worms cause me more trouble but I've not had one past my firewall yet.

Share this post


Link to post
Share on other sites

Like I said, I'm not in the business of pointing fingers, and my own a.v software is blocking and deleting infected files, my only concern is that someone 'out there' has a machine busily sending out infected mails while he/she remains, dare I say it 'blissfuly ignorant'.The latest bunch of spoofed mail addresses in my in-boxalso included such worthy names among the flt sim community asDavid Copley and Bill Rambow, as well as one Ansgar Avermeyer.:-wavePete

Share this post


Link to post
Share on other sites

Ahh, so it isn't only my name that you have seen ? That's a relief. I was feeling somewhat vulnerable :-)I have a regularly updated version of the AVG 6.0 virus checker on my PC, and my e-mails are automatically protected by SpamGuard (courtesy of my BT Yahoo Anytime connection).Chris Low.

Share this post


Link to post
Share on other sites

Today I've got :swimingpool.zipsexy.zipwith w32/netskyC@mm found by F-Secure.B.Adamski

Share this post


Link to post
Share on other sites

Well, it's obviously someone who frequents Avsim then!I have been a victim of this before, in the early broadband days. Switching to 100% on-line opens up the possibility of someone using your PC as an 'open relay'. This is where 95% of those viagra and xxx spams come from! People hack into your PC, grab your 'contacts' folder, then use your PC to relay their addresses back to their server. Meanwhile, they upload messages to your PC and it sends them out to the thousands of hacked email addresses they've garnered from yours and others' PCs.I stopped using my Hotmail address some time ago for regular communications. This hasn't stopped my inbox filling with bounced-back spams and virii. The fact that other names from the 'group' are appearing means it's definitely someone who has conversed with us via email. I won't mention the names as I'm 100% sure nobody here would deliberately participate in such a thing.Of course, it's possible that they **may** have hacked the Avsim servers too - it's just too late to find a 'smoking gun'.If you have broadband (or even an office dialup that's on-line all the time), use a traffic analyser to see what's happening. Apart from getting email every 30 minutes or so (set your mail system to only download mail periodically, not when it arrives - this kills most open relays), the only traffic you should see is if someone's surfing the 'net. If you see message headers scrolling past, simply pull the plug (and don't plug it in until you've cleaned the PC).:-waveRegards,**************Jonathan Point**************"I'd rather be down here wishing I was up there than up there wishing I was down here"

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this