RE: [Orb] trojan horse from orb-admin
What was the file name? I had one hit me that was basically html, which means that it doesn't need to be executed. You just open the e-mail and off it goes.
-----Original Message----- From: bi11i@yahoo.com [mailto:bi11i@yahoo.com] Sent: Friday, April 19, 2002 1:00 PM To: orb@mailman.xmission.com Subject: RE: [Orb] trojan horse from orb-admin
kind of interesting, outlook was ready to just open it right up, meaning that the virus was launched even as my email was checked, I didn't even try and open it up, my virus scanner just told me it was infected as it came in. It did, however, copy itself to my temporary internet files directory before Norton caught it so my advice to everyone out there who gets this is to A)avoid using outlook for a day or so and B)clear out your temp directories regardless.
--- Chris Dawson <ChrisD@productsafet.com> wrote:
Not yet...
-----Original Message----- From: bi11i@yahoo.com [mailto:bi11i@yahoo.com] Sent: Friday, April 19, 2002 12:21 PM To: orb@mailman.xmission.com Subject: [Orb] trojan horse from orb-admin
anyone else get that 130k email from orb-admin?
__________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/
_______________________________________________ Orb mailing list Orb@mailman.xmission.com http://mailman.xmission.com/cgi-bin/mailman/listinfo/orb
don't really know what the name was, my scanner just came up and said it was a trojan, but yes, the same email, i didn't open it, just ran by itself, even without any autopreview. --- Don Gagen <DGagen@EnsembleStudios.com> wrote:
What was the file name? I had one hit me that was basically html, which means that it doesn't need to be executed. You just open the e-mail and off it goes.
-----Original Message----- From: bi11i@yahoo.com [mailto:bi11i@yahoo.com] Sent: Friday, April 19, 2002 1:00 PM To: orb@mailman.xmission.com Subject: RE: [Orb] trojan horse from orb-admin
kind of interesting, outlook was ready to just open it right up, meaning that the virus was launched even as my email was checked, I didn't even try and open it up, my virus scanner just told me it was infected as it came in. It did, however, copy itself to my temporary internet files directory before Norton caught it so my advice to everyone out there who gets this is to A)avoid using outlook for a day or so and B)clear out your temp directories regardless.
--- Chris Dawson <ChrisD@productsafet.com> wrote:
Not yet...
-----Original Message----- From: bi11i@yahoo.com [mailto:bi11i@yahoo.com] Sent: Friday, April 19, 2002 12:21 PM To: orb@mailman.xmission.com Subject: [Orb] trojan horse from orb-admin
anyone else get that 130k email from orb-admin?
__________________________________________________ Do You Yahoo!? Yahoo! Tax Center - online filing with TurboTax http://taxes.yahoo.com/
heres a possible explanation for the virus in question given on the diabloii.net website. i would also recommend www.sarc.com for more info on this one. and a personal recommendation, use Eudora Light or a comparable email client to avoid all these auto executing microsoft specific virus. email was meant to be text anyway. lysergic EMail Virus Issues - Flux [12:08:PST] Not D2, but lately we are getting a tremendous amount (dozens a day) of email viruses to all@diabloii.net addresses. The most common one is W32.Klez.E@mm and note how it works; by redistributing itself by changing your outgoing mail name to a sender of a mail in your inbox. So hundreds of people are getting emails that appear to be from flux, gaile, or elly here, but aren't from us, they are the virus on someone else's machine, picking our names from a reply mail in that person's inbox. I got 4 virus mails this morning with myself as the return address! You need to look at the "Return Path" in the email header, to see where a mail really comes from, since it's child's play (or virus' play) to spoof someone else's name in the "Reply To" line. As with virtually every virus but measels, this one spreads wildly through security holes in Outlook Express. If you are using MSOE for your mail client and you haven't patched the latest security problems with it, you are guaranteed to be a virus victim, sooner or later. ********** Experimental Ambient Bliss! ********** The Lysergic Dream - Cult of the Dying Streetlamp The new album out NOW!!! on Uncle Buzz Records Sound Samples at http://www.zombieproject.com/lysergic
participants (3)
-
bi11i@yahoo.com -
Don Gagen -
the lysergic dream