Continue to Site

Welcome to our site!

Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

  • Welcome to our site! Electro Tech is an online community (with over 170,000 members) who enjoy talking about and building electronic circuits, projects and gadgets. To participate you need to register. Registration is free. Click here to register now.

New malicious email

Status
Not open for further replies.

4pyros

Well-Known Member
Most Helpful Member
We got a bad E-mail today at work. The suject was "RE: Merry Christmas and Happy New Year". It gave one computer the bule screen of death but seems OK now. The other one never opened the email but it started deleting system32 files. I have not seen anything about this on the web yet. Anyone else see it?
Thanks Andy
 
Last edited:
[Mod Edit: Please make your replies helpful. Post removed.]
 
Last edited by a moderator:
All my computers are XP, including the ones at work. I keep virus definitions current and scan my systems. I have no problems. XP works fine, and I see no good reason to swtich. WIN7 is too error prone for me to fool with.
 
Last edited:
4pyros, what did you see?
 
Last edited by a moderator:
[Mod Edit: Removed]
 
Last edited by a moderator:
If you get a virus from e-mail, the user should be shot on site, dragged out into the street along with the system admin and hog tied in public with balloons and a fan parade..
Still not vary helpfull. Take a pill and drag your own butt to the street. You sound vary bitter.
I am the user and there is no administrator. Just three computers at work. We start our email program and get emails from the server. This one was vary malicious. I never opened it. It was even scaned by AGV but still killed the PC I use at work.
 
Last edited:
[Mod Edit: Post removed - first and last warning issued]
 
Last edited by a moderator:
I've gotten two different viruses/malware on AGV (supposedly) protected computers, one on a computer running XP and the other on a computer running Windows 7. I removed AGV and downloaded the free copy of Windows Security Essentials to both computers. It found and removed both of the viruses.
 
Last edited by a moderator:
Hi Andy

I have yet to hear anything about it. Generally at work, aside from the regular security warnings we get notifications of anything new wreaking havoc. They seem to stay pretty much on top of things and for a serious alert we even get automatic voice mail. That sort of stuff goes corporate wide globally so if I hear anything on a new threat I'll post back.

Ron
 
Last edited by a moderator:
Thanks Ron; I found it weird that there is no mentoin of it on the web. I am hoping it was not a targeted attack.
 
Can you get a virus from an email, don't ya have to open an attachment or click a link?
 
What AGV(AudioGuru virus?) you both are seriously talking about? Is that AVG?
 
Last edited by a moderator:
Somewhat off topic but some may find this interesting. A virus, any virus relies on propagation. The life cycle of a virus is sort of two steps. Initially a good well written virus will have no problem doing damage and propagating, once it is discovered and patches, fixes released and AV software updated it will begin to die. Both the I Love You and Melissa viruses are good examples of viruses that within hours of release infected millions of systems. Hey, email is an excellent means of propagation. People will open anything.

However, discounting email and basic viruses there is a much deeper threat to what should be secure systems. People are their own worst enemies. I see and read security bulletins almost daily and this one I read sticks in my mind. As a test a series of DVD disk and USB Thumb drives were infected with some script. Nothing malicious or destructive but designed as a test, let's say they would "phone home". The DVDs had catchy titles and were printed nicely. They looked real official. They were intentionally left out in the open around assorted DoD (Department of Defense) and DoE (Department of Energy) facilities, this pertains to the US. The number of people who picked these things up and shoved them in classified system computers was astounding. Something like 80% were actually run. Go figure huh? My work system (networked systems) actually have the auto run disabled. I can manually run an executable. For these disk or thumb drives to run, people had to manually run them. Go figure.

Ron
 
That reminds me of a story from a couple years ago. There was a milicious virus sent via e-mail wiht the title of Anna Kournikova.jpg. It appeared to be pictures of the tennis hottie (picture here Word got out that the e-mail is transmitting a virus, but even knowing this, people openend it anyway. Evidently, they thought there might be a chance there would be a pic in the attachment, and were willing to take the chance on getting an infection.

People can be such dupes.
 
Thats what I thought.

Does your email client automatically open HTML messages? If so, you can be infected without clicking on a link via Remote Procedure Calls, ActiveX scripts, and various other means if they are enabled and capable of exploiting any security vulnerabilities. The windows RPC system under ME and prior to XP SP1 was riddled with security holes. I stuck to browsing under 98SE (which didn't support RPC) until XP SP1 was released.

I'd hesitate to call it an admin fail per se but AVG shouldn't be the first line of defense. That should be the end user followed by a system config appropriate to the typical end user followed by a decent backup system. Do your systems hide extensions for known file types? They shouldn't. They will display Anna Kournikova.jpg.exe as Anna Kournikova.jpg and further tempt users to open such attachments. Are any but the most experienced users able to login with administrative rights?

AV vendors are always playing catchup so the latest viruses are always around for days or weeks or even months before the scanners (especially the fast free ones) start detecting them. I'll have to look around and see if there are any new threats out there that caught a couple of AV vendors with their proverbial pants down.
 
Last edited:
Yup, just checked my email this morning and I had the same email. Said it was from "sales", with that same title. I ended up sending it to the spam folder and emptying it, so that it actually deletes it from my email. Thanks for the heads-up, Andy.
 
Status
Not open for further replies.

Latest threads

New Articles From Microcontroller Tips

Back
Top