What number is your spam shit-o-meter up to today?

[Mr Jones]

Is it just me, or is there a new virus/spam campaign doing the rounds at the minute?

I've been bombarded with the following e-mail god knows how many times over the last two days....

"Hi! How are you?

I send you this file in order to have your advice

See you later. Thanks
"

Followed by some hokey .bat file attachment, had them in English, Spanish and Italian so far.

And yes they are all going to a mail box that is used in skins only , I don't mind so much, being web mail based, but it's making reading the real hate mail just that bit harder

Just thought I'd warn you guys

[simon snowflake]

Havn't seen them....yet

[garetjax]

I get it about 2 a day...the bat file is really a shortcut zip with an exe in it. (A Setup.exe)

Regarding what it is...who knows...I won't run anything like that (because, I'm not that stupid).

Anyways, yeah...it is for my skin accounts...

[simon snowflake]

I won't open those files either.

This promisses little good....

[The Only Lynx]

havent seen any

[Mr Jones]

Quote:

Originally posted by garetjax
I get it about 2 a day...

Lucky you , I've had five in the last hour and thirty, damd thing is making my cell phone battery flat with all the damd messages it's sending

[simon snowflake]

Quote:

Originally posted by Mr Jones
... the damd messages it's sending

that must be like really frustrating.
And at first you thought you became popular

[ampburner]

I've gotten 2 of those.
When I executed the attachments my puter locked up, and it's been acting weird ever since ( )

[simon snowflake]

that's not to smart amp.

Maybe you can fix it by pouring some of that allmighty vodka in your A: drive.

lol

[ampburner]

Quote:

Maybe you can fix it by pouring some of that allmighty vodka in your A: drive.

I only do that when my cpu is at too high a temperature...so I won't have to change my name to compburner

[dekt]

I had one in Spanish. Deleted it straight away (extension was .doc.bat ...well sussed). First really malicious one I've had from my known skins address but not the first weird foreign language one. That goes to the one with a blank message and an attachment in Hebrew!

[Lucid DM]

My comp never get's too hot. For two reasons.
1. It has no sides .
2. It has a turbo charged fridge/fan stuck up it's ass. (Just a big ass fan with coolant. Not really that special.)

I have this 'cos my computer's a Frankomputer. It's a mishmash of my past 4 computers. I think I've got 3 hardrives. But all together only 12 gig.

[dekt]

You need to experiment more Dr Lucid. My dad's PC has 17 gig and my wee iMac has 30. Still I suppose it's hard to get parts in Transylvania. Credit for putting it together though - memory upgrades are the extent of my maintenance prowess.

[Lucid DM]

I'm currently in the process of bringing it up to date.
I'm gonna bit by bit update it.
So far:
1. Bithcin' graphics tablet. ()
2. £3000 worth of graphics software.

Planned for the next week or so:

1. Memory, shitloads.
2. Processor, fast, much.
3. Speakers, small, good, many.

More and more over time, 'til it is bitchin' once more.

[ampburner]

I just got another 2

[Duk]

Just had one from a "Carlos Sosa" fall on me? Whatz up?

[Mr Jones]

Heh, it's been a busy old night, I wake to find another 10 of the fuckers arrived in my mailbox over night

I'm putting a block on my mailbox for file attachements for the time being, enuff is enuff, so if anyone has MikroSkins, funny ha ha jokes, naked pictures of their girlfriends to send me hit the mail button down there first and I'll send you an alternative box to use

[simon snowflake]

current system specs:

• Soltek 75KAV+
• AMD Athlon tunderbird 1000Mhz, fsb 266
• 256Mb SDRAM 133Mhz
• Soundblaster live 5.1 digital
• ASUS GeForce2 v7700 deluxe TV IN/OUT (32Mb DDR)
• 40gig + 6,4gig HD
• pioneer 16x-40x DVD-ROM drive
• 17" monitor
• 4speed CD-writer

near future upgrades:

• 2x 512Mb-SDRAM 133Mhz
• 16speed CD-writer
• 6-way digital speaker set
• 21" monitor
• Soundblaster live 5.1 deluxe upgrade

[Doggy Dog]

I didn't get nothing today like that, but everyone seems to love sending me Hybris's,today's virus is in French .

[garetjax]

These are actually worm applications...Essentially, somebody trying to get to your system using the wscript.exe host. I found in one of them a doc file that was intended to be opened by Word. However, I long ago disabled wscript.exe. I do not know exactly what this stupidity is doing but, I do believe there was a delete command executed in the code base. Where/what it deletes I do not know...I would say if it looks funny better delete.!!!

[macaroon]

I got four of these this morning, in various languages. For more info about it go to the symantic website.

http://www.symantec.com/avcenter/ven...m.worm@mm.html

[mrsbladez]

I got 4 of them delete, delete, delete, delete.. Buuuu Byeeeeee lol

[Mr Jones]

CP ym gnihtyna od t'ndid ti tub ,elif eht denepo I

[Lucid DM]

Hehe. Nice one Mr Jones.

I don't get any spam, ever. Thanks to super duper AI span deleter!

[cyana]

same here - got around 10 of those in several different languages and from several different sources - also with different attachments (either doc, exe or bat)
only to my skin address

Mr Jones, be aware that a irc bot does no harm to your local machine (at least for the moment) but is used for remote access while you're online (e.g. for spoofing or looging accounts in your name and with your ip address) - you should install a good firewall to check if the attachment was really harmless. Also, look at this article http://grc.com/dos/grcdos.htm

[e-blackadder]

Ran across this news item on LotsOf Skins.com, figured it was worth mentioning here.

Quote:

Posted by:lightstream

There's a new virus making the rounds. This one started yesterday (7/17) and has already found it's way into the skinning community.
It will appear to be from someone you know, it will have a file attached that also might look familiar and will have the following text in the message:
"Hi! How are you?"
a line similar to:"I would like your advice on this file"
and ends with:"See you later, Thanks"

Here's links to McAfee's page on it:
http://vil.nai.com/vil/virusChar.asp?virus_k=99141
and Norton's page: http://www.symantec.com/avcenter/ven...m.worm@mm.html

I figured since so many of us are getting nailed here the links were worth having. I'll leave it up to Mr J whether or not to have them in a seperate thread specific to the virus alert.

[Mr Jones]

Funny I don't know any of the names that I have had this virus from so far, that is unless it's picking random names from an address book and firing out mails to them and then them onto me, in which case one of you lot in here subscribes to donkeyporn.com

C'mon own up who is it

[Duk]

I never receive any type of virus by e-mail. Now look at this, I come back to the forum, and the deluge begins. Nah. Don't need the system problems. This little 'puter thing is my bread and butter. :: poof ::

[garetjax]

You guys that have opened these files with their various attachments are sending these files out to all your contacts and it will get worse with time. I suggest using a really good virus program to get rid of them. Just because, you think it isn't do anything to your system does not mean that it is isn't. I tracked some more info on one of the 'attachments' that I got and it sends data to a ftp server using port 21. Also, note that this is silent movement (meaning its not going to just login.) By my understanding it seems to be sending login account information and password combo's of web entered input boxes.

Also, it seems a derivitive of this also may remove files from the system using a deltree /y command for a given directory. Its seems that this is not only random but will happen without user intervention given time activation.

I would suggest going to mcaffee online and getting cleaned asap. (they provide their server for free for 30 days).


ie online web virus clean.

[simon snowflake]

that sounds wise garet, It's just that I havn't recieved any ......... yet.

[simon snowflake]

ETAPAS DE LA REVOLUCION INDUSTRIAL

hmmm look what I just found.
Is this the stuff you guy's mean?

[Forevever]

Based on a recent topic (check the list, I forget which one), I don't think you people who format once a month have too much to worry about

Note to simon on another thread: Just to save space (since I know you'll be coming back here likely), too bad I don't download (based on that same previously mentioned thread) but I would if I did

[garetjax]

An obscure message from an uknown...
With a File Attachment...

Usually containing two files. One Misnamed as one of the following or similar.

- .doc.bat
- .xls.lnk
- .exe.bat


etc etc.

and Another attachment that is a txt file.

This is a randomly generated macro txt file that will be used to 'fire' the macro virus.

Anyways...there you go...and yeah probably Simond.

[simon snowflake]

Quote:

Originally posted by Forevever
Based on a recent topic (check the list, I forget which one), I don't think you people who format once a month have too much to worry about

Note to simon on another thread: Just to save space (since I know you'll be coming back here likely), too bad I don't download (based on that same previously mentioned thread) but I would if I did

sorry i don't get it what was the topic?

[Forevever]

Sorry Simon, I didn't mean to lose you.
The topic I was referring to about reformating hard drives and I don't download is a misspelled curious (I think its closed now).

The second, we were talking about Garet's skin and you said I could download it before it was published, but I don't download (as previously mentioned)

Dig?

[ampburner]

Just got another shitload of those emails *sigh*

[garetjax]

Just got 3...its a really bad way of trying to move a virus through. Poorly written as well. Someone gonna get smacked for this....

[Mr Jones]

I had 4 while "on the job" with my girl earlier , damd cell phone,must remember to turn it off

[Lucid DM]

Haha. I just got two. That's quite pathetically stupid actually .
It didn't come with the file tho. 'cos my little email reader deleted it for me !

I could do better than that.

[garetjax]

If you ctrl-alt-del and find winword.exe in your task this the possibility of the virus already having infected your system is 100%.

To take measures against this activity do the following: remember however, that preview in outloook express and outlook 97+ will no longer work.

Rename the file located in c:\windows (wscript.exe) to hscript.exe.

This will prohibit the passing along of the virus.