PDA

View Full Version : VIRUS ALERT!!!



Cozmo D
08-19-2003, 04:08 PM
Watch out y'all!

I just came in to find 4 emails from 4 different people, only 1 of which I know...Samedeepwater. All of them had an attached .pif file. The subjects were all Re:...in other words some kind of forwards. Luckilly I'm on my Mac so it can't hurt me, but I'll bet anything that they're viruses, so look out. Don't open these shits if you get them just delete them immediately!!!

Here are the subjects and attatchment names:
Re: Details............movie0045.pif
Re: Wicked screensaver..............details.pif
Re: Re: My details...............application.pif
Re: Your application...............application.pif

The last 2 were same name but different sizes. Good luck y'all!!!

SaintHax
08-19-2003, 04:11 PM
I just deleted the 14th one for me today

Cozmo D
08-19-2003, 04:16 PM
Damm!!! This 1 is pretty wide spread then!

Hey Hax, you and I may be the last peeps standing!!! :rofl:

frEk
08-19-2003, 04:17 PM
no new emails for me, i better tell my mom though she checks her email on my computer and would probably open some wierd shit outta curiosity

Cozmo D
08-19-2003, 04:22 PM
Just grabed this from Cnet.

This worm tries to disguise itself from antivirus apps
(8/19/03)
Yet another member of the Sobig virus family is loose. Sobig.f (w32.sobig.f@mm) spreads via e-mail and shared network files and could slow e-mail servers with excessive traffic, so it rates a 7 on the CNET Virus Meter. This worm affects only Windows computers, not Mac, Linux, or Unix systems. Like its siblings, Sobig.f has a built-in termination date, September 10, 2003, and can attempt to retrieve, download, and finally execute a Trojan to steal credit card numbers and other personal account information. But Sobig.f differs in that it appends garbage characters to the end of the infected file, making it harder for antivirus products to recognize Sobig.f.

How it works
Sobig.f arrives as an e-mail with the following characteristics:

The From and To addresses are collected from infected PCs, from files ending with the extensions .dbx, .eml, .htm, .html, .txt, and .wab.

The Sobig.f subject line reads:


* Re: Details
* Re: Approved
* Re: Re: My details
* Re: Thank you!
* Re: That movie
* Re: Wicked screensaver
* Re: Your application
* Thank you!
* Your details

Its body text reads:


* See the attached file for details
* Please see the attached file for details.

The file attached to Sobig.f is:

* application.pif
* details.pif
* document_9446.pif
* document_all.pif
* movie0045.pif
* thank_you.pif
* your_details.pif
* your_document.pif
* wicked_scr.scr

When executed, the worm will add the following to the system registry:

[HKCUSOFTWAREMicrosoftWindowsCurrentVersionRun] "TrayX" = %windir%winppr32.exe /sinc
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun] "TrayX" = %windir%winppr32.exe /sinc

Prevention
In general, do not open e-mail attachments without first saving them to hard disk and scanning them with updated antivirus software. If you do not have automatic antivirus signature file updates, contact your antivirus vendor to obtain the most-current antivirus signature files that include Sobig.f.

DJ Detroit Butcher
08-19-2003, 05:44 PM
WHAT THE FUCK???

Yo Coz, what email address did it come from? I NEVER, EVER open attachments, so I'm really trippin' out on how I must have gotten this virus that sent you the email. The hell do I do now? This is a new comp and (slap me) we don't have anti-virus progs on it yet.

:cuss: :cuss:

Terrick
08-19-2003, 10:41 PM
i just deleted about a million fake microsoft patches from my bluemarble email.

dreamrib
08-19-2003, 10:47 PM
I got at least 10 of them today myself

I even got one along the same lines that mentioend it being an email from disney. Fortunatly I'm not crazy enough to have opened any of them!

Cozmo D
08-19-2003, 11:40 PM
WHAT THE fu*k???

Yo Coz, what email address did it come from? I NEVER, EVER open attachments, so I'm really trippin' out on how I must have gotten this virus that sent you the email. The hell do I do now? This is a new comp and (slap me) we don't have anti-virus progs on it yet.

:cuss: :cuss:


I deleted it, but it was somethin like samedeepwater@2000...don't remember the rest.

Yo, if you have a PC runnin windows and connected to the web and no virus protection you are out of your mind!!! :slap:

DJ Detroit Butcher
08-20-2003, 12:38 AM
samedeepwater_2000@yahoo.com?

ain't that a bitch. i haven't used that addy in at least syxx months.

yeah, alright call me naive if you must.

Cozmo D
08-20-2003, 12:46 AM
The thing is, the article says it gets names from infected computers, so I think you best to tend to this soon bruh! :wink:

Deity
08-20-2003, 12:55 AM
Yo, if you have a PC runnin windows and connected to the web and no virus protection you are out of your mind!!! :slap:

aint that the truth!!

i just recently got a good antivirus/firewall program, shortly after i got my cable internet connection. Damn glad i did too...cause shortly after i did, i kept gettin all these attempts from other people to send me trojan viruses and shit...i had all kinds of ports open and exposed for anyone who wanted to have fun with my computer at my expense...thankfully nothing bad has happened. I think if i didnt have it, i may have received that MSBlaster virus...all i know is that its definately worth the $$

DJ Detroit Butcher
08-20-2003, 10:07 PM
ALL CLEAN NOW!! :rock: :sad:

Harmeister
08-23-2003, 04:32 PM
Actually, it's even worse. You might never have been infected, really. What happens is a computer that is infected gets all the e-mail addresses it can find and mixes/matches them up. So as an example if a computer got infected with Coz's, frEk's, syxx's and my (harmeister's) addresses Coz could end up getting the virus e-mail that looked like it came from frEk, me, or syxx, but in actuality it came from none of us.

Makes it even that harder to track down.....

My yahoo account must have received about 50 before they finally started blocking it. I kept deleting and deleting them, but it kept on filling back up and telling me I was out of space (each one is ~100k (like Coz said, it differs) and I only have a 6 meg mailbox).

Hope everyone stays clean from it.

frEk
08-23-2003, 09:20 PM
i never got none a that, alright free hotmail!