hahaha! I got sent a virus/worm..... puhahaha

[CMonster]

someone sent me an email titled:

"re That movie" with an application.pif attachment ....no problem, I'm always in Linux anyway, but here was my reply:

Quote:

It appears that you have sent a virus or worm to me as an attachment to an
email titled "re That Movie". I am not affected because I use the Linux
operating system. I am sending you this return email as a courtesy to let you
know. You may not even be aware that your system is sending out these
emails.

[NeoStarO1]

Good one CMonster
Im cleaning out an office computer today, been bogging down and it the one computer I don't use. I use the lappy back and forth. anyways im a bit shocked to see all the stuff they downloaded and backdoors and virus and worms.

Still doing scans. AVG got some, Housecall got some more. Now im doing the Norton Online free scan to double ensure its all gone.

Told him things are changing with the computer. found out they shut off the av's and firewalls.

this all got on there via the free netzero dialup.

Change change change.

[DanGrease]

CMonster, that was IMO a master piece of email!
I would pay 50 bucks to see the face of trhe sender when he recieves your mail! Or maybe its one of those "automatic" sender that sends to thousands of people, but anyways, nice job!

dan

[John Prophet]

yeah..the local sort of "smallish" companies like realty offices, churches, insurance places etc with several computers....they are getting to where they almost need to fork up some money to have someone come in and do the basic security stuff for them.

These virus things are a hassle, but I did realize the other day that, hassle or not, techs can make some good money right now because there would seem to be increasing oppurtunity for selling/installing/configuring antivirus, firewalls, routers etc.

I do some tech work for a realty place here..they have about 15 comps or so....most of the comps are owned by the individuals not the company....so it is a little weirded out since there is no standardization of antivirus or best practices or anything...lol...they are all sharing braodband behind a router, so that acts as a firewall but several of them share files etc so a virus could spread....last year they all got klez....they mostly use AVG cuz its free......so I guess some money could be made right now pulling together an office like that...getting everyone one one page with some method for the constant patches, updates etc etc.

Of course the problem is the age old one....they want the safety and peace of mind, but they dont want to pay the piper.

JP

[Telexen]

I had to send a similar email to the sender of the Sobig.B virus to me ... the administrations office at the college I'm attending

[paul9]

cmonster, i believe that some viruses, just like spammers, forge an email address in the header. this means that it did not necessarily come from whomever you replied to. for example the virus opens the address book on the infected system, picks an address, sticks it in the header of the email it will send, and then posts to all the other addresses in the book. meanwhile, john doe who has the infection never knows any different and sits there smug in the knowledge that he has (slightly) better performance since he turned off his av and firewall (he was sick of clicking yes to allow every program to access the internet anyway) and he hasn't got any nasties on his system since he disabled them.

[SpookyEddy]

Quote:

Still doing scans. AVG got some, Housecall got some more. Now im doing the Norton Online free scan to double ensure its all gone.

... which you will never be sure of. For example... I (hypothetically) root your machine. I replace the binary responsible for "dir" with one that adds an account with full admin privs and spawns a shell every time a specific set of packets is received. Do you notice? I doubt it. Will a virus scanner see it? probably not.

If a box is compromised then you should bin it.

Regards

ed

[CMonster]

Quote:

cmonster, i believe that some viruses, just like spammers, forge an email address in the header. this means that it did not necessarily come from whomever you replied to

- I'm well aware of that, and in fact it was returned as an invalid user/address just a few moments ago ...alas, but I tried.

*this message brought to you via Redhat 9.0

[nukes]

I rarely get any virii sent to me, and when I do it doesn't matter either. My dad occasionally gets some, but AVG sorts that for him.
So long as its not too destructive, it can be quite fun cleaning out a virus from a network of systems, especially when its a cool one like sircam, you've gotta admit that these writers have some pretty good skills. If only they would put them to better use.

[eRaDicaTor]

I got that same stupid virus but on my windows machine. You gotta give it to these virus guys, they sure are persistent. Do you think most of them are disgruntled employes of a large corporation or are they just kids with bad attitudes that like to destroy?