|
e-mail weirdness.. Can someone help?
Hello,
I am getting weird e-mails (got like 20 in the last hour). They say --------------------------- Hi! How are you? I send you this file in order to have your advice See you later. Thanks --------------------------- Then I got one e-mail asking me what the file was as if I sent it to him ?? Anyone else getting this ?? Can anyone tell me what this is and how I can stp this. THX TheMan |
I am actually getting e-mails saying mail couldnt be delivered? I am not sending anyone e-mail though ??? I don't like the way things are looking... help anyone please.
TheMan |
It's a new virus, we are talking with a few people effected...
|
Im getting the same thing..
But fuck I opened it!! Wanna see what it says? |
Block the address/es. It could be an attempt to hit you with a virus or a virus itself trying to propogate itself. Then have a beer and watch TV. http://bbs.gofuckyourself.com/board/wink.gif
|
oh shit and I got it ? ;(
Fuck man... what can I do to stop this ?? ahhhhhhhhh! This is gonna drive me crazy and now it has done something to where people are gonna think I sent it ? TheMan |
I fucking opened it.. this is what happened, and what I saw.
Fuck, here we go again! Image File Header Signature: 00004550 Machine: Intel 386 Number of Sections: 0008 Time Date Stamp: 2a425e19 Symbols Pointer: 00000000 Number of Symbols: 00000000 Size of Optional Header 00e0 Characteristics: File is executable (i.e. no unresolved external references). Line numbers stripped from file. Local symbols stripped from file. Low bytes of machine word are reversed. 32 bit word machine. High bytes of machine word are reversed. Image Optional Header Magic: 010b Linker Version: 2.25 Size of Code: 0001a800 Size of Initialized Data: 00006c00 Size of Uninitialized Data: 00000000 Address of Entry Point: 0001a9a4 Base of Code: 00001000 Base of Data: 0001c000 Image Base: 00400000 Section Alignment: 00001000 File Alignment: 00000200 Operating System Version: 1.00 Image Version: 0.00 Subsystem Version: 4.00 Reserved1: 00000000 Size of Image: 00028000 Size of Headers: 00000400 Checksum: 00000000 Subsystem: Image runs in the Windows GUI subsystem. DLL Characteristics: 0000 Size of Stack Reserve: 00100000 Size of Stack Commit: 00004000 Size of Heap Reserve: 00100000 Size of Heap Commit: 00001000 Loader Flags: 00000000 Size of Data Directory: 00000010 Import Directory Virtual Address: 0001f000 Import Directory Size: 000011ae Resource Directory Virtual Address: 00026000 Resource Directory Size: 00001800 Base Relocation Table Virtual Address: 00023000 Base Relocation Table Size: 00002038 TLS Directory Virtual Address: 00022000 TLS Directory Size: 00000018 Import Table kernel32.dll Ordinal Function Name 0000 GetCurrentThreadId 0000 DeleteCriticalSection 0000 LeaveCriticalSection 0000 EnterCriticalSection 0000 InitializeCriticalSection 0000 VirtualFree 0000 VirtualAlloc 0000 LocalFree 0000 LocalAlloc 0000 VirtualQuery 0000 WideCharToMultiByte 0000 MultiByteToWideChar 0000 lstrlenA 0000 lstrcpynA 0000 lstrcpyA 0000 LoadLibraryExA 0000 GetThreadLocale 0000 GetStartupInfoA 0000 GetProcAddress 0000 GetModuleHandleA 0000 GetModuleFileNameA 0000 GetLocaleInfoA 0000 GetLastError 0000 GetCommandLineA 0000 FreeLibrary 0000 FindFirstFileA 0000 FindClose 0000 ExitProcess 0000 WriteFile 0000 UnhandledExceptionFilter 0000 SetFilePointer 0000 SetEndOfFile 0000 RtlUnwind 0000 ReadFile 0000 RaiseException 0000 GetStdHandle 0000 GetFileSize 0000 GetSystemTime 0000 GetFileType 0000 CreateFileA 0000 CloseHandle user32.dll Ordinal Function Name 0000 GetKeyboardType 0000 LoadStringA 0000 MessageBoxA 0000 CharNextA advapi32.dll Ordinal Function Name 0000 RegQueryValueExA 0000 RegOpenKeyExA 0000 RegCloseKey oleaut32.dll Ordinal Function Name 0000 VariantChangeTypeEx 0000 VariantCopyInd 0000 VariantClear 0000 SysStringLen 0000 SysFreeString 0000 SysReAllocStringLen 0000 SysAllocStringLen kernel32.dll Ordinal Function Name 0000 TlsSetValue 0000 TlsGetValue 0000 LocalAlloc 0000 GetModuleHandleA 0000 GetModuleFileNameA advapi32.dll Ordinal Function Name 0000 RegSetValueExA 0000 RegQueryValueExA 0000 RegOpenKeyExA 0000 RegFlushKey 0000 RegCreateKeyExA 0000 RegCloseKey 0000 GetUserNameA kernel32.dll Ordinal Function Name 0000 WriteFile 0000 WinExec 0000 WaitForSingleObject 0000 VirtualQuery 0000 VerLanguageNameA 0000 Sleep 0000 SetThreadPriority 0000 SetPriorityClass 0000 SetFilePointer 0000 SetFileAttributesA 0000 SetEndOfFile 0000 RemoveDirectoryA 0000 ReadFile 0000 MulDiv 0000 LoadLibraryA 0000 LeaveCriticalSection 0000 InitializeCriticalSection 0000 GlobalUnlock 0000 GlobalReAlloc 0000 GlobalHandle 0000 GlobalLock 0000 GlobalFree 0000 GlobalFindAtomA 0000 GlobalDeleteAtom 0000 GlobalAlloc 0000 GlobalAddAtomA 0000 GetWindowsDirectoryA 0000 GetVersionExA 0000 GetUserDefaultLangID 0000 GetTimeZoneInformation 0000 GetThreadLocale 0000 GetTempPathA 0000 GetSystemDirectoryA 0000 GetShortPathNameA 0000 GetProcAddress 0000 GetModuleHandleA 0000 GetModuleFileNameA 0000 GetLocaleInfoA 0000 GetLocalTime 0000 GetLastError 0000 GetDiskFreeSpaceA 0000 GetDateFormatA 0000 GetCurrentThreadId 0000 GetCurrentThread 0000 GetCurrentProcessId 0000 GetCurrentProcess 0000 GetCurrentDirectoryA 0000 GetComputerNameA 0000 GetCPInfo 0000 GetACP 0000 FormatMessageA 0000 FindNextFileA 0000 FindFirstFileA 0000 FindClose 0000 FileTimeToLocalFileTime 0000 FileTimeToDosDateTime 0000 EnumCalendarInfoA 0000 EnterCriticalSection 0000 DeleteFileA 0000 DeleteCriticalSection 0000 CreateFileA 0000 CreateEventA 0000 CopyFileA 0000 CompareStringA 0000 CloseHandle mpr.dll Ordinal Function Name 0000 WNetOpenEnumA 0000 WNetEnumResourceA gdi32.dll Ordinal Function Name 0000 UnrealizeObject 0000 StretchBlt 0000 SetTextColor 0000 SetROP2 0000 SetBkMode 0000 SetBkColor 0000 SelectPalette 0000 SelectObject 0000 RealizePalette 0000 MoveToEx 0000 GetTextMetricsA 0000 GetSystemPaletteEntries 0000 GetStockObject 0000 GetObjectA 0000 GetDeviceCaps 0000 GetDIBits 0000 GetCurrentPositionEx 0000 GetBitmapBits 0000 DeleteObject 0000 DeleteDC 0000 CreatePenIndirect 0000 CreatePalette 0000 CreateFontIndirectA 0000 CreateDIBitmap 0000 CreateCompatibleDC 0000 CreateCompatibleBitmap 0000 CreateBrushIndirect 0000 CreateBitmap user32.dll Ordinal Function Name 0000 ReleaseDC 0000 MessageBoxA 0000 LoadStringA 0000 LoadIconA 0000 GetSystemMetrics 0000 GetSysColor 0000 GetIconInfo 0000 GetDC 0000 DrawIconEx 0000 DestroyWindow 0000 DestroyIcon 0000 CreateIcon shell32.dll Ordinal Function Name 0000 ExtractIconA wsock32.dll Ordinal Function Name 0000 WSAStartup 0000 WSAGetLastError 0000 gethostname 0000 getservbyname 0000 getprotobynumber 0000 gethostbyname 0000 socket 0000 send 0000 select 0000 recv 0000 ioctlsocket 0000 inet_addr 0000 htons 0000 getsockname 0000 getpeername 0000 connect 0000 closesocket wininet.dll Ordinal Function Name 0000 InternetGetConnectedState Section Table Section name: CODE Virtual Size: 0001a790 Virtual Address: 00001000 Size of raw data: 0001a800 Pointer to Raw Data: 00000400 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section contains code Section is executable Section is readable Section name: DATA Virtual Size: 00001c94 Virtual Address: 0001c000 Size of raw data: 00001e00 Pointer to Raw Data: 0001ac00 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section contains initialized data Section is readable Section is writeable Section name: BSS Virtual Size: 00000f25 Virtual Address: 0001e000 Size of raw data: 00000000 Pointer to Raw Data: 0001ca00 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section is readable Section is writeable Section name: .idata Virtual Size: 000011ae Virtual Address: 0001f000 Size of raw data: 00001200 Pointer to Raw Data: 0001ca00 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section contains initialized data Section is readable Section is writeable Section name: .tls Virtual Size: 0000000c Virtual Address: 00021000 Size of raw data: 00000000 Pointer to Raw Data: 0001dc00 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section is readable Section is writeable Section name: .rdata Virtual Size: 00000018 Virtual Address: 00022000 Size of raw data: 00000200 Pointer to Raw Data: 0001dc00 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section contains initialized data Section is shareable Section is readable Section name: .reloc Virtual Size: 00002038 Virtual Address: 00023000 Size of raw data: 00002200 Pointer to Raw Data: 0001de00 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section contains initialized data Section is shareable Section is readable Section name: .rsrc Virtual Size: 00001800 Virtual Address: 00026000 Size of raw data: 00001800 Pointer to Raw Data: 00020000 Pointer to Relocations: 00000000 Pointer to Line Numbers: 00000000 Number of Relocations: 0000 Number of Line Numbers: 0000 Characteristics: Section contains initialized data Section is shareable Section is readable Header Information Signature: 5a4d Last Page Size: 0050 Total Pages in File: 0002 Relocation Items: 0000 Paragraphs in Header: 0004 Minimum Extra Paragraphs: 000f Maximum Extra Paragraphs: ffff Initial Stack Segment: 0000 Initial Stack Pointer: 00b8 Complemented Checksum: 0000 Initial Instruction Pointer: 0000 Initial Code Segment: 0000 Relocation Table Offset: 0040 Overlay Number: 001a Reserved: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 Offset to New Header: 00000100 Memory Needed: 1K |
Most are set up to work on Outlook, so hopefully you don't use it! If you have no addies in that program you won't pass it but now ya gotta go and BUY Norton Antivirus like you should have been running in the first place.
|
I am running norton virus
it didnt catch it ? TheMan |
WoW! That puppy does everything but give them a cab ride to your house and a key to your door. Better get the chasity belt out for the Mrs. tonight Bone. lol
|
Do you keep Norton updated every week? Hmmm?
Better go to http://www.symantec.com/avcenter/index.html and keep an eye on that site to get a fix as soon as it comes out. Might also want to take the time to scan from there as well. They have an online virus scan on that page towards the bottom. I can't send the addy cuz the site has to scan your system going in to it to be accurate. ------------------------------- I should be getting paid by Peter Norton and getting the Big Dollars! |
http://vil.mcafee.com/dispVirus.asp?virus_k=99069
W32/Badtrans@MM Sound a lot like this virus,i just got it cleaned out good luck |
Shittttttt I got it to.. and I update norton everyday... and it actually picked up emails from my contact list in outlook express and sent it to some people. I think Wizzo, Tanker and who knows who else...Fuck Bros Iam sorry, But it didnt start with me..
What a day... ------------------ Smile and Be Happy Lightning Free Hosting Girls Host Gay Free Hosting |
Yep, I run and update Norton and Mcafee everyday, and it didnt catch it either.
|
Gem, babe, good idea, Iam on my way now to do the system check online at Norton, even though I update like everyday....fuck..
Today was like 1 big headache.. |
I have a virus that sound familiar... It makes copies of the e-mails i recieve and sends a e-mail to the server it came from.. and it expands... ugh =o)
|
I did the check on-line and nothing.. We are the first victums, and there is no cure for this virus.
|
Lots of stealth embedding worms use to be able to hide from virus scans if that scanner is on the same hard drive. Norton takes some time to run but you will find things that yours may not see if you have anything at all. Never hurts if you are dealing with a system full of important files.
And watch your registries. lol |
Norton will have a free fix online first. And they are quick about it too. They have a link to send them a copy of the virus, so send them the mail however they want you to do it and watch their dust! lol
|
Well I got ME so I just restored my computer back to a certain point.
Worked like a charm TheMan |
| All times are GMT -7. The time now is 07:56 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123