*
Maybe this ought to be posted elsewhere, but I wanted to be sure to pass it along asap.
I recieved an email virus today from someone I emailed months ago. It comes as a reply to an email sent out earlier and has a DOC, MP3, or PIF file extension to it.
I’ve recieved this thing 3 times today (came from someone I recognized titled “Re: Voyageur and North country Canoes”) I recieved the virus in 3 separate mailings from the same computer each about 15 min apart. (I was only dumb enough to open the first one)
If you recieve an email from me today please do not open it. I haven’t sent out any emails today at all.
Thanks,
Chris
Replies
*
Yeah, I also got a the Magistr from another Breaktime Poster a week ago. A description of it and a fix can be found at:
http://www.symantec.com/avcenter/venc/data/[email protected]
Briefly, it sends itself to people in your email boxes. The title of the message and the body of the message are snippets of your Word documents. So it looks like something you could have written because it IS something you wrote. So the receipent writes back, "I don't think you meant this for me." If they open an attachment to try to figure it out, they get infected. It is moderately bad in the short term. After a month, it starts to do really nasty things.
There is never a valid reason to send, receive, or open an executable file. Don't.
*Chris, thanks for the heads up!A couple of weeks ago, Tara d/l'ed Norton antivirus and when she loaded it, it deleted most of her hard drive!! The short story is that I determined that her puter had been infected by the SIRCAM worm, and she didn't even know it. Then Norton scanned and deleted infected files...That worm sends e-mails also (I got one from her here at my shop, but yahoo mail automatically scans before d/ling, and found it), usually with an attachment. The easy way to spot it is the subject/first line. It was written in spanish and translates itself to whatever language you use, this usually results in bad grammar/nonsense. The e-mail I got from her pc said something like: "I send this photo album to you for your opinion of what you think." This is a NASTY worm, very infectious.Your antivirus software should be updated regularly(the manufacturer usually offers free online updates), and should scan ALL incoming e-mail.Mike
*Everyone,None of these came from me did they ?I got an email yesterday with the magistr virus in an attatchment to it. It was found immmediately, and I deleted it just as immediately. Wasn't even from anyone I know.
*I use Eudora Light as my Email program, mostly because most viruses are aimed at Outlook. This is only the second virus I've ever gotten (in about 5 yrs - I don't do alot of email or downloading either) is it likely that this is the magistr since that virus is aimed at Outlook??
*JAG,Go here, and download the trial version of the software. In my opinion, one of the best anti-viral programs out there. I wish that I could afford to buy it myself. To most people though, it's really cheap.Try the trial version. If you have been infected with a virus, it will find it, and disinfect. You can always buy it in 30 days, if you find you like it.http://www.f-prot.com/f-prot/download/BTW : I use eudora lite as well. Started for basicaly the same reason. Several years ago. Even then M$'s software was virus heaven. Now I use it because it is good stuff. (Except for the spyware packaged with the more recent versions. Get rid of the spyware, and the next time you start eudora, it installs it all over again. Oh well...)
*Looked at that site Luka, and it looks like I have the Magistr.32768@mm virus. A new and Nastier version of the Magistr virus. I'm so Lucky.I was infected off the canoeing Board, and just wanted to warn folks on here to slow the spread of the bug. Its pretty darned sneaky sending something from someone you know and using your own words in the subject line. Pretty soon I won't be able to open anything I get anymore!Thanks for the help.Chris
*Hey Luka, when I run that software I get a message that says C:recycledsirc32.exe infection: W32/Sircam.worm@mmThis is the worm I had last time (Thought I had cleared it) but it says nothing about clearing the worm out of my system, and nothing about this new bug. When I go to close the window, there is a second window behind it that saysC:Program FilesFSIF-ProtFP-Win.exe Access to the specified path, device or file is denied.Did I screw up installing the software or is it doing its job?? I turn to you as the resident Guru.
*Did you download and install the fprot ? If not, do so right now. Don't delay. The longer you wait, the more damage will be done.Since you use eudora, there is no likely way that you can get infected unless you actualy choose to open an attatchment to an email.The person who 'sent' you the virus may well not be aware of it. The viruses and worms do it themselves. Let the person who sent you the virus know what happened, They need to get cleaned up too, or they wil lose their computer as well. The newer versions of this worm can literaly trash your computer. In such a way that repairing it would take an actual technician in a shop, (replacing hardware), and would cost you more than, or at least almost as much as, buying a new computer. Download fprot and let it clean up your computer, NOW !
*I see I posted just a bit too soon. LOLOk, if you installed the program, turn off whatever is running right now. Now, go to 'programs', 'f-prot antivirus', and choose 'on demand scanner'When that is open, go to the 'scan' tab, then to the options button, and in the new window, go to the 'action to take' tab.In there, choose 'disinfect'. You reeally have no choice at this point in time, but to let the program disinfect in whatever way it deems neccessary. Go back to the 'what to scan' tab, and choose 'dumb scan', and make sure all the boxes on the right are checked.Now, hit 'ok'. You will be back at the scan window. Hit the 'browse' button. In the new window, hit the 'drives' button. Check the hard drives box in the new window. Don't worry about floppies until the main computer is clean. Now hit 'ok'.You are back at the scan tab. Hit 'scan now', and let it scan, and disinfect your computer.
*Thanks, we got it all figured out. The directions you gave were very helpful. Now I have a computer that seems to work
*I was about to post and ask how it went.How much got deleted ? What happened ?
*We had 10 infected files - 9 to the Sircam Worm, one to Magistr. All were "Disinfected" whatever that means. Alot of the infected files were right on the desktop, but they still seem to work.I was talking to a geek buddy of mine while the antivirus was doing its thing, he was telling me he once had a computer given to him 'cause it didn't work anymore - he found 30 viruses on it, and it worked just fine after they were all cleared out.
*
Maybe this ought to be posted elsewhere, but I wanted to be sure to pass it along asap.
I recieved an email virus today from someone I emailed months ago. It comes as a reply to an email sent out earlier and has a DOC, MP3, or PIF file extension to it.
I've recieved this thing 3 times today (came from someone I recognized titled "Re: Voyageur and North country Canoes") I recieved the virus in 3 separate mailings from the same computer each about 15 min apart. (I was only dumb enough to open the first one)
If you recieve an email from me today please do not open it. I haven't sent out any emails today at all.
Thanks,
Chris