Guest guest Posted February 11, 2004 Report Share Posted February 11, 2004 Dear Syji This is a prominent virus right now, so just delete it and don't bother. It doesn't hurt your computer if you delete it immediatly. Pranams Thomas >-- Original-Nachricht -- > >"syzenith" <syzenith >Wed, 11 Feb 2004 01:54:10 -0000 >RBSC : Phantom message > > > ><html><body> > > ><tt> >Namaste all Respected Friends,<BR> ><BR> >Sorry friends, I forgot to paste the "phantom" message for your ><BR> >perusal so here it is below. Thanks in advance for any insights and ><BR> >comments.<BR> ><BR> >Om Namah Shivaya<BR> >Sy<BR> >----<BR> ><BR> >This message was created automatically by mail delivery <BR> >software.<BR> ><BR> >A message that you sent could not be delivered to one or more <BR> >of its<BR> >recipients. This is a permanent error. The following <BR> >address(es) failed:<BR> ><BR> > dan<BR> > This message has been rejected because it has<BR> > a potentially executable attachment "document.scr"<BR> > This form of attachment has been used by<BR> > recent viruses or other malware.<BR> > If you meant to send this file then please<BR> > package it up as a zip file and resend it.<BR> ><BR> >------ This is a copy of the message, including all the <BR> >headers. ------<BR> ><BR> >Return-path: <syzenith<BR> >Received: from [217.17.239.149] (helo=.au)<BR> > by cpanel.people-connect.com with esmtp (Exim >4.24)<BR> > id 1AqX8w-0003Wm-FN<BR> > for dan; Tue, 10 Feb 2004 >18:07:13 +0530<BR> >syzenith<BR> >dan<BR> >Hi<BR> >Tue, 10 Feb 2004 15:38:43 +0300<BR> >MIME-Version: 1.0<BR> >Content-Type: multipart/mixed;<BR> > boundary="----=_NextPart_000_0014_5D15A520.71A43825"<BR> >X-Priority: 3<BR> >X-MSMail-Priority: Normal<BR> >Message-Id: <E1AqX8w-0003Wm-FN<BR> ><BR> >This is a multi-part message in MIME format.<BR> ><BR> >------=_NextPart_000_0014_5D15A520.71A43825<BR> >Content-Type: text/plain;<BR> > charset="Windows-1252"<BR> >Content-Transfer-Encoding: 7bit<BR> ><BR> >The message contains Unicode characters and has been sent as <BR> >a binary attachment.<BR> ><BR> ><BR> >------=_NextPart_000_0014_5D15A520.71A43825<BR> >Content-Type: application/octet-stream;<BR> > name="document.scr"<BR> >Content-Transfer-Encoding: base64<BR> >Content-Disposition: attachment;<BR> > filename="document.scr"<BR> ><BR> >TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA<BR> >AAAAAAA<BR> >AAAAqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA<BR> >AAAAAAA<BR> >AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA<BR> >AAAUEUA<BR> >AEwBAwAAAAAAAAAAAAAAAADgAA8BCwEHAABQAAAAEAAAAGAAAGC+AAAAcAAAAMAAAAAAS<BR> >gAAEAAA<BR> >AAIAAAQAAAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAA<BR> >AAAAAAQ<BR> >AAAAAAAAAAAAAADowQAAMAEAAADAAADoAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA<BR> >AAAAAAA<BR> >AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA<BR> >AAAAAAA<BR> >AAAAAAAAAAAAAAAAAAAAAABVUFgwAAAAAABgAAAAEAAAAAAAAAAEAAAAAAAAAAAAAAAAA<BR> >ACAAADg<BR> ><BR> ></tt> > ><br><br> ><tt> >To send an email to: <BR> ><BR> ></tt> ><br><br> > ><br> > ><!-- |**|begin egp html banner|**| --> > ><table border=0 cellspacing=0 cellpadding=2> ><tr bgcolor=#FFFFCC> ><td align=center><font size="-1" color=#003399><b> Sponsor</b></font></td> ></tr> ><tr bgcolor=#FFFFFF> ><td align=center width=470><table border=0 cellpadding=0 cellspacing=0> <tr> <td align=center><font face=arial size=-2></font><br><a href="http://rd./SIG=12cnq47je/M=268585.4521611.5694062.1261774/D=egrou\ pweb/S=1705075991:HM/EXP=1076550862/A=1950448/R=0/*http://ashnin.com/clk/muryuta\ itakenattogyo?YH=4521611&yhad=1950448" alt=""><img src="http://us.a1.yimg.com/us.yimg.com/a/qu/quinstreet/300x250_uofp_pink_arrows.\ gif" alt="click here" width="300" height="250" border="0"></a></td></tr></table> </td> ></tr> ><tr><td><img alt="" width=1 height=1 src="http://us.adserver./l?M=268585.4521611.5694062.1261774/D=egroupweb\ /S=:HM/A=1950448/rand=725206278"></td></tr> ></table> > ><!-- |**|end egp html banner|**| --> > > > ><!-- |**|begin egp html banner|**| --> > ><br> ><tt><hr width="500"> ><b> Links</b><br> ><ul> ><li><br><a href="/">http://groups.y\ ahoo.com/</a><br> ><li><br><a href="?subject=Unsu\ bscribe"></a><br> ><li><a href=""> Terms of Service</a>. ></ul> ></tt> ></br> > ><!-- |**|end egp html banner|**| --> > > ></body></html> > Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 11, 2004 Report Share Posted February 11, 2004 Dear Syzenith, Your PC is definetly infected with a worm.Load the PC with Antivirus Software say Norton,update it with latest virus definition files and scan the computer using the software making sure that the software is configured to scan "ALL Files" and "Compressed Files". If it finds the virus/worm, note down the virus/worm name and download the virus removal tool from symantec.com and run it as per the instructions on the symantec website. I hope this helps Regards D.Mehtani --- syzenith <syzenith wrote: > Namaste all Respected Friends, > > Sorry friends, I forgot to paste the "phantom" > message for your > perusal so here it is below. Thanks in advance for > any insights and > comments. > > Om Namah Shivaya > Sy > ---- > > This message was created automatically by mail > delivery > software. > > A message that you sent could not be delivered to > one or more > of its > recipients. This is a permanent error. The following > > address(es) failed: > > dan > This message has been rejected because it has > a potentially executable attachment > "document.scr" > This form of attachment has been used by > recent viruses or other malware. > If you meant to send this file then please > package it up as a zip file and resend it. > > ------ This is a copy of the message, including all > the > headers. ------ > > Return-path: <syzenith > Received: from [217.17.239.149] (helo=.au) > by cpanel.people-connect.com with esmtp (Exim 4.24) > id 1AqX8w-0003Wm-FN > for dan; Tue, 10 Feb 2004 > 18:07:13 +0530 > syzenith > dan > Hi > Tue, 10 Feb 2004 15:38:43 +0300 > MIME-Version: 1.0 > Content-Type: multipart/mixed; > > boundary="----=_NextPart_000_0014_5D15A520.71A43825" > X-Priority: 3 > X-MSMail-Priority: Normal > Message-Id: > <E1AqX8w-0003Wm-FN > > This is a multi-part message in MIME format. > > ------=_NextPart_000_0014_5D15A520.71A43825 > Content-Type: text/plain; > charset="Windows-1252" > Content-Transfer-Encoding: 7bit > > The message contains Unicode characters and has been > sent as > a binary attachment. > > > ------=_NextPart_000_0014_5D15A520.71A43825 > Content-Type: application/octet-stream; > name="document.scr" > Content-Transfer-Encoding: base64 > Content-Disposition: attachment; > filename="document.scr" > > TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAUEUA > AEwBAwAAAAAAAAAAAAAAAADgAA8BCwEHAABQAAAAEAAAAGAAAGC+AAAAcAAAAMAAAAAAS > gAAEAAA > AAIAAAQAAAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAA > AAAAAAQ > AAAAAAAAAAAAAADowQAAMAEAAADAAADoAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAABVUFgwAAAAAABgAAAAEAAAAAAAAAAEAAAAAAAAAAAAAAAAA > ACAAADg > > Finance: Get your refund fast by filing online. http://taxes./filing.html Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 11, 2004 Report Share Posted February 11, 2004 Dear Syzenith, Your PC is definetly infected with a worm.Load the PC with Antivirus Software say Norton,update it with latest virus definition files and scan the computer using the software making sure that the software is configured to scan "ALL Files" and "Compressed Files". If it finds the virus/worm, note down the virus/worm name and download the virus removal tool from symantec.com and run it as per the instructions on the symantec website. I hope this helps Regards D.Mehtani --- syzenith <syzenith wrote: > Namaste all Respected Friends, > > Sorry friends, I forgot to paste the "phantom" > message for your > perusal so here it is below. Thanks in advance for > any insights and > comments. > > Om Namah Shivaya > Sy > ---- > > This message was created automatically by mail > delivery > software. > > A message that you sent could not be delivered to > one or more > of its > recipients. This is a permanent error. The following > > address(es) failed: > > dan > This message has been rejected because it has > a potentially executable attachment > "document.scr" > This form of attachment has been used by > recent viruses or other malware. > If you meant to send this file then please > package it up as a zip file and resend it. > > ------ This is a copy of the message, including all > the > headers. ------ > > Return-path: <syzenith > Received: from [217.17.239.149] (helo=.au) > by cpanel.people-connect.com with esmtp (Exim 4.24) > id 1AqX8w-0003Wm-FN > for dan; Tue, 10 Feb 2004 > 18:07:13 +0530 > syzenith > dan > Hi > Tue, 10 Feb 2004 15:38:43 +0300 > MIME-Version: 1.0 > Content-Type: multipart/mixed; > > boundary="----=_NextPart_000_0014_5D15A520.71A43825" > X-Priority: 3 > X-MSMail-Priority: Normal > Message-Id: > <E1AqX8w-0003Wm-FN > > This is a multi-part message in MIME format. > > ------=_NextPart_000_0014_5D15A520.71A43825 > Content-Type: text/plain; > charset="Windows-1252" > Content-Transfer-Encoding: 7bit > > The message contains Unicode characters and has been > sent as > a binary attachment. > > > ------=_NextPart_000_0014_5D15A520.71A43825 > Content-Type: application/octet-stream; > name="document.scr" > Content-Transfer-Encoding: base64 > Content-Disposition: attachment; > filename="document.scr" > > TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAUEUA > AEwBAwAAAAAAAAAAAAAAAADgAA8BCwEHAABQAAAAEAAAAGAAAGC+AAAAcAAAAMAAAAAAS > gAAEAAA > AAIAAAQAAAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAA > AAAAAAQ > AAAAAAAAAAAAAADowQAAMAEAAADAAADoAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAABVUFgwAAAAAABgAAAAEAAAAAAAAAAEAAAAAAAAAAAAAAAAA > ACAAADg > > Finance: Get your refund fast by filing online. http://taxes./filing.html Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 11, 2004 Report Share Posted February 11, 2004 Dear Sy, I guess quite a lot are complaining about their mail getting bounced off. This is called "denial of service" attack by viruses like w32.mydoom.a, etc. This particular virus appeared on 26/1/04 and carries a payload for denial of service starting 01/02/04. Your PC can also have other viruses sending out mails to your contact list.... Don't panic; you have many choices. You can visit http://www.pandasoftware.com and go for "Scan my PC" which is free of cost. Panda AV is really good because it does not delete infected file but disinfects. The viruses are smart they jump into the system restore folder if you are using win xp or win2k - so you have to disable the system restore while scanning. Later don't forget to check the system restore back.. in case you don't know how to do it click start - go to my comuter - right click - in the menu click properties... you will see lot of templates - click on system restore... remove the check mark from "restore my system" - press apply and then okay. Start the scan... There is one more site which you can search with google.com; the AV is Sophos; download it free (license is valid for one month) and scan your PC. Sophos is the best anti virus...... One other suggestion is that you download Zonealarm Firewall and install it; no program can get out or in without your permission. It is free and does a very good job. Don't go for Zonealarm Pro because it would be valid for only one month... but it is not so expensive anyway I guess USD 19.95...buy it if you want - worth it. jamini Diepak Mehtani <diepakm wrote: Dear Syzenith, Your PC is definetly infected with a worm.Load the PC with Antivirus Software say Norton,update it with latest virus definition files and scan the computer using the software making sure that the software is configured to scan "ALL Files" and "Compressed Files". If it finds the virus/worm, note down the virus/worm name and download the virus removal tool from symantec.com and run it as per the instructions on the symantec website. I hope this helps Regards D.Mehtani --- syzenith <syzenith wrote: > Namaste all Respected Friends, > > Sorry friends, I forgot to paste the "phantom" > message for your > perusal so here it is below. Thanks in advance for > any insights and > comments. > > Om Namah Shivaya > Sy > ---- > > This message was created automatically by mail > delivery > software. > > A message that you sent could not be delivered to > one or more > of its > recipients. This is a permanent error. The following > > address(es) failed: > > dan > This message has been rejected because it has > a potentially executable attachment > "document.scr" > This form of attachment has been used by > recent viruses or other malware. > If you meant to send this file then please > package it up as a zip file and resend it. > > ------ This is a copy of the message, including all > the > headers. ------ > > Return-path: <syzenith > Received: from [217.17.239.149] (helo=.au) > by cpanel.people-connect.com with esmtp (Exim 4.24) > id 1AqX8w-0003Wm-FN > for dan; Tue, 10 Feb 2004 > 18:07:13 +0530 > syzenith > dan > Hi > Tue, 10 Feb 2004 15:38:43 +0300 > MIME-Version: 1.0 > Content-Type: multipart/mixed; > > boundary="----=_NextPart_000_0014_5D15A520.71A43825" > X-Priority: 3 > X-MSMail-Priority: Normal > Message-Id: > <E1AqX8w-0003Wm-FN > > This is a multi-part message in MIME format. > > ------=_NextPart_000_0014_5D15A520.71A43825 > Content-Type: text/plain; > charset="Windows-1252" > Content-Transfer-Encoding: 7bit > > The message contains Unicode characters and has been > sent as > a binary attachment. > > > ------=_NextPart_000_0014_5D15A520.71A43825 > Content-Type: application/octet-stream; > name="document.scr" > Content-Transfer-Encoding: base64 > Content-Disposition: attachment; > filename="document.scr" > > TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAUEUA > AEwBAwAAAAAAAAAAAAAAAADgAA8BCwEHAABQAAAAEAAAAGAAAGC+AAAAcAAAAMAAAAAAS > gAAEAAA > AAIAAAQAAAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAA > AAAAAAQ > AAAAAAAAAAAAAADowQAAMAEAAADAAADoAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > AAAAAAA > AAAAAAAAAAAAAAAAAAAAAABVUFgwAAAAAABgAAAAEAAAAAAAAAAEAAAAAAAAAAAAAAAAA > ACAAADg > > Finance: Get your refund fast by filing online. http://taxes./filing.html To send an email to: / Finance: Get your refund fast by filing online Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 11, 2004 Report Share Posted February 11, 2004 Actually, I think the virus might pick up addys from other sources than the individual's PC. I had "phantom mail" for a few weeks, a few months ago. I use an iMac, which isn't affected by PC viruses. It's firewalled. It's mail is scanned and disinfected at the ISP's servers. In adition, it is scanned by my copy of Norton every day- and Norton has never found a trace of infection. Norton updates itself every day, as well. I do, however, belong to over a dozen , and several other on-line organizations-- all of which have address books, of a sort. So, cherished sister, Sy... if I were you, I'd thoroughly scan my computer. If the bug isn't found there, just keep deleting-- it goes away. Like a bad rash. <g> My friend, Jim, is the designer and manager if a highly controversial political/ historical website. He is DELIBERATELY sent at least 30 viruses per day. But, his computer is clean. I posted his "computer defense" regimen to this list a few months ago. I'm sure it can be found in the archives. Thanks, much love, K. , Jamini Padhi <jamini_padhi> wrote: > Dear Sy, > I guess quite a lot are complaining about their mail getting bounced off. This is called "denial of service" attack by viruses like w32.mydoom.a, etc. This particular virus appeared on 26/1/04 and carries a payload for denial of service starting 01/02/ 04. Your PC can also have other viruses sending out mails to your contact list.... Don't panic; you have many choices. You can visit http://www.pandasoftware.com and go for "Scan my PC" which is free of cost. Panda AV is really good because it does not delete infected file but disinfects. > The viruses are smart they jump into the system restore folder if you are using win xp or win2k - so you have to disable the system restore while scanning. Later don't forget to check the system restore back.. in case you don't know how to do it click start - go to my comuter - right click - in the menu click properties... you will see lot of templates - click on system restore... remove the check mark from "restore my system" - press apply and then okay. Start the scan... > There is one more site which you can search with google.com; the AV is Sophos; download it free (license is valid for one month) and scan your PC. Sophos is the best anti virus...... One other suggestion is that you download Zonealarm Firewall and install it; no program can get out or in without your permission. It is free and does a very good job. Don't go for Zonealarm Pro because it would be valid for only one month... but it is not so expensive anyway I guess USD 19.95...buy it if you want - worth it. > jamini > Diepak Mehtani <diepakm> wrote: > Dear Syzenith, > Your PC is definetly infected with a > worm.Load the PC with Antivirus Software say > Norton,update it with latest virus definition files > and scan the computer using the software making sure > that the software is configured to scan "ALL Files" > and "Compressed Files". > If it finds the virus/worm, note down the virus/worm > name and download the virus removal tool from > symantec.com and run it as per the instructions on the > symantec website. > > I hope this helps > > Regards > > D.Mehtani > > > > > --- syzenith <syzenith> wrote: > > Namaste all Respected Friends, > > > > Sorry friends, I forgot to paste the "phantom" > > message for your > > perusal so here it is below. Thanks in advance for > > any insights and > > comments. > > > > Om Namah Shivaya > > Sy > > ---- > > > > This message was created automatically by mail > > delivery > > software. > > > > A message that you sent could not be delivered to > > one or more > > of its > > recipients. This is a permanent error. The following > > > > address(es) failed: > > > > dan@g... > > This message has been rejected because it has > > a potentially executable attachment > > "document.scr" > > This form of attachment has been used by > > recent viruses or other malware. > > If you meant to send this file then please > > package it up as a zip file and resend it. > > > > ------ This is a copy of the message, including all > > the > > headers. ------ > > > > Return-path: <syzenith> > > Received: from [217.17.239.149] (helo=.au) > > by cpanel.people-connect.com with esmtp (Exim 4.24) > > id 1AqX8w-0003Wm-FN > > for dan@g...; Tue, 10 Feb 2004 > > 18:07:13 +0530 > > syzenith > > dan@g... > > Hi > > Tue, 10 Feb 2004 15:38:43 +0300 > > MIME-Version: 1.0 > > Content-Type: multipart/mixed; > > > > boundary="----=_NextPart_000_0014_5D15A520.71A43825" > > X-Priority: 3 > > X-MSMail-Priority: Normal > > Message-Id: > > <E1AqX8w-0003Wm-FN@c...> > > > > This is a multi-part message in MIME format. > > > > ------=_NextPart_000_0014_5D15A520.71A43825 > > Content-Type: text/plain; > > charset="Windows-1252" > > Content-Transfer-Encoding: 7bit > > > > The message contains Unicode characters and has been > > sent as > > a binary attachment. > > > > > > ------=_NextPart_000_0014_5D15A520.71A43825 > > Content-Type: application/octet-stream; > > name="document.scr" > > Content-Transfer-Encoding: base64 > > Content-Disposition: attachment; > > filename="document.scr" > > > > > TVqQAAMAAAAEAAAA// 8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > > AAAAAAA > > > AAAAqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAAAAA > > > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAUEUA > > > AEwBAwAAAAAAAAAAAAAAAADgAA8BCwEHAABQAAAAEAAAAGAAAGC+AAAAcAAAA MAAAAAAS > > gAAEAAA > > > AAIAAAQAAAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAA BAAABAAA > > AAAAAAQ > > > AAAAAAAAAAAAAADowQAAMAEAAADAAADoAQAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAAAAA > > > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAAAAA > > > AAAAAAAAAAAAAAAAAAAAAABVUFgwAAAAAABgAAAAEAAAAAAAAAAEAAAAAAAAA AAAAAAAA > > ACAAADg > > > > > > > > > Finance: Get your refund fast by filing online. > http://taxes./filing.html > > > To send an email to: - > > > > > Sponsor > > > > Links > > > / > > > > > > > > > > > Finance: Get your refund fast by filing online > > Quote Link to comment Share on other sites More sharing options...
Guest guest Posted February 12, 2004 Report Share Posted February 12, 2004 Dear Kari ji, I have a PC with a dual processor mother board... one acts as a server by itself and handles background tasks... I don't trust my ISP server nor do I have full faith in my firewall or anti-virus esp Norton... we had registered copies of Norton installed yet there was something wrong going on with one or the other PC everyday.... I was told to have a look so I scanned for traces of virus like one does with blood sample.... I hold a certificate in "C" and can write / remove any type of virus like program... guess what I came up with - 52 strains of melissa, lovebug, etc. Since then my empoyer has changed over to another antivirus program. But from my own experience and knowledge I can tell you that virii writers are precisely looking for information what you have given... never reveal what type of PC or mother board you are using, getting your IP address is piece of cake... just when you say that your PC cannot be infected it turns into a challenge for the idiots out there...I hope you understand. This is a menace which I don't think we can get rid off in the near future... my brother works as a consultant to Dell, who want to know how quickly their PC crashes!! Another one is the system director with Meryll Lynch, NY.... Om Namah Shivaya! Jamini ==========sample of your server to my server link================= Tracing route to earthlink.net [207.217.121.223] 1 2 ms 3 ms 3 ms 202.54.21.1----------------this is my IP 2 9 ms 10 ms 10 ms 203.197.17.178 3 10 ms 9 ms 9 ms 202.54.1.162 4 214 ms 214 ms 214 ms 202.54.2.18 5 319 ms 319 ms 320 ms iar5-so-2-0-2.NewYork.cw.net [208.173.135.217] 6 323 ms 320 ms 319 ms agr1-loopback.NewYork.cw.net [206.24.194.101] 7 319 ms 330 ms 319 ms dcr1-so-6-0-0.NewYork.cw.net [206.24.207.49] 8 319 ms 319 ms 320 ms agr4-so-4-0-0.NewYork.cw.net [206.24.207.78] 9 320 ms 323 ms 320 ms acr2-loopback.NewYork.cw.net [206.24.194.62] 10 319 ms 320 ms 320 ms so-6-3.core2.NewYork1.Level3.net [209.244.160.189] 11 320 ms 320 ms 342 ms ae-0-52.bbr2.NewYork1.Level3.net [64.159.17.34] 12 391 ms 388 ms 387 ms so-0-1-0.bbr2.LosAngeles1.Level3.net [64.159.1.1.26] 13 387 ms 387 ms 387 ms ge-9-0.hsa1.LosAngeles1.Level3.net [64.159.1.209] 14 387 ms 407 ms 388 ms unknown.Level3.net [64.156.132.22] 15 397 ms 387 ms 388 ms cor02-vl-157.ca-pasadena0.ne.earthlink.net [209. 165.101.20]---------- this is where your server located......... karisprowl <karisprowl wrote: Actually, I think the virus might pick up addys from other sources than the individual's PC. I had "phantom mail" for a few weeks, a few months ago. I use an iMac, which isn't affected by PC viruses. It's firewalled. It's mail is scanned and disinfected at the ISP's servers. In adition, it is scanned by my copy of Norton every day- and Norton has never found a trace of infection. Norton updates itself every day, as well. I do, however, belong to over a dozen , and several other on-line organizations-- all of which have address books, of a sort. So, cherished sister, Sy... if I were you, I'd thoroughly scan my computer. If the bug isn't found there, just keep deleting-- it goes away. Like a bad rash. <g> My friend, Jim, is the designer and manager if a highly controversial political/ historical website. He is DELIBERATELY sent at least 30 viruses per day. But, his computer is clean. I posted his "computer defense" regimen to this list a few months ago. I'm sure it can be found in the archives. Thanks, much love, K. , Jamini Padhi <jamini_padhi> wrote: > Dear Sy, > I guess quite a lot are complaining about their mail getting bounced off. This is called "denial of service" attack by viruses like w32.mydoom.a, etc. This particular virus appeared on 26/1/04 and carries a payload for denial of service starting 01/02/ 04. Your PC can also have other viruses sending out mails to your contact list.... Don't panic; you have many choices. You can visit http://www.pandasoftware.com and go for "Scan my PC" which is free of cost. Panda AV is really good because it does not delete infected file but disinfects. > The viruses are smart they jump into the system restore folder if you are using win xp or win2k - so you have to disable the system restore while scanning. Later don't forget to check the system restore back.. in case you don't know how to do it click start - go to my comuter - right click - in the menu click properties... you will see lot of templates - click on system restore... remove the check mark from "restore my system" - press apply and then okay. Start the scan... > There is one more site which you can search with google.com; the AV is Sophos; download it free (license is valid for one month) and scan your PC. Sophos is the best anti virus...... One other suggestion is that you download Zonealarm Firewall and install it; no program can get out or in without your permission. It is free and does a very good job. Don't go for Zonealarm Pro because it would be valid for only one month... but it is not so expensive anyway I guess USD 19.95...buy it if you want - worth it. > jamini > Diepak Mehtani <diepakm> wrote: > Dear Syzenith, > Your PC is definetly infected with a > worm.Load the PC with Antivirus Software say > Norton,update it with latest virus definition files > and scan the computer using the software making sure > that the software is configured to scan "ALL Files" > and "Compressed Files". > If it finds the virus/worm, note down the virus/worm > name and download the virus removal tool from > symantec.com and run it as per the instructions on the > symantec website. > > I hope this helps > > Regards > > D.Mehtani > > > > > --- syzenith <syzenith> wrote: > > Namaste all Respected Friends, > > > > Sorry friends, I forgot to paste the "phantom" > > message for your > > perusal so here it is below. Thanks in advance for > > any insights and > > comments. > > > > Om Namah Shivaya > > Sy > > ---- > > > > This message was created automatically by mail > > delivery > > software. > > > > A message that you sent could not be delivered to > > one or more > > of its > > recipients. This is a permanent error. The following > > > > address(es) failed: > > > > dan@g... > > This message has been rejected because it has > > a potentially executable attachment > > "document.scr" > > This form of attachment has been used by > > recent viruses or other malware. > > If you meant to send this file then please > > package it up as a zip file and resend it. > > > > ------ This is a copy of the message, including all > > the > > headers. ------ > > > > Return-path: <syzenith> > > Received: from [217.17.239.149] (helo=.au) > > by cpanel.people-connect.com with esmtp (Exim 4.24) > > id 1AqX8w-0003Wm-FN > > for dan@g...; Tue, 10 Feb 2004 > > 18:07:13 +0530 > > syzenith > > dan@g... > > Hi > > Tue, 10 Feb 2004 15:38:43 +0300 > > MIME-Version: 1.0 > > Content-Type: multipart/mixed; > > > > boundary="----=_NextPart_000_0014_5D15A520.71A43825" > > X-Priority: 3 > > X-MSMail-Priority: Normal > > Message-Id: > > <E1AqX8w-0003Wm-FN@c...> > > > > This is a multi-part message in MIME format. > > > > ------=_NextPart_000_0014_5D15A520.71A43825 > > Content-Type: text/plain; > > charset="Windows-1252" > > Content-Transfer-Encoding: 7bit > > > > The message contains Unicode characters and has been > > sent as > > a binary attachment. > > > > > > ------=_NextPart_000_0014_5D15A520.71A43825 > > Content-Type: application/octet-stream; > > name="document.scr" > > Content-Transfer-Encoding: base64 > > Content-Disposition: attachment; > > filename="document.scr" > > > > > TVqQAAMAAAAEAAAA// 8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA > > AAAAAAA > > > AAAAqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAAAAA > > > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAUEUA > > > AEwBAwAAAAAAAAAAAAAAAADgAA8BCwEHAABQAAAAEAAAAGAAAGC+AAAAcAAAA MAAAAAAS > > gAAEAAA > > > AAIAAAQAAAAAAAAABAAAAAAAAAAA0AAAABAAAAAAAAACAAAAAAAQAAAQAAAAA BAAABAAA > > AAAAAAQ > > > AAAAAAAAAAAAAADowQAAMAEAAADAAADoAQAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAAAAA > > > AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAA > > AAAAAAA > > > AAAAAAAAAAAAAAAAAAAAAABVUFgwAAAAAABgAAAAEAAAAAAAAAAEAAAAAAAAA AAAAAAAA > > ACAAADg > > > > > > > > > Finance: Get your refund fast by filing online. > http://taxes./filing.html > > > To send an email to: - > > > > > Sponsor > > > > Links > > > / > > > > > > > > > > > Finance: Get your refund fast by filing online > > To send an email to: / Finance: Get your refund fast by filing online Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You are posting as a guest. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.