Jump to content

"COORDS" VIRUS???


urbo

Recommended Posts

Posted

i keep getting emails from different addresses with the title "COORDS". there is always an attachment with them. i dont know the sender so it gets deleted without being opened. i dont know what it is but it seems like a virus of some sort. keep an eye out and dont open stuff from strangers. they have come with executables and the latest one was i think a .scl or something similar.

 

urbo

miami fl

Posted

If you have an antivirus program (and I know you do, right?) you an scan the attachment to see if it contains a known virus or not.

 

You can usually setup the antivirus app to scan all mail/attachments when they are downoaded from your ISP and quarantine any suspect files.

 

Don't forget to keep your current virus definitions up to date.

 

5505_600.gif

Posted

Urbo, what you describe sounds a lot like the Klez worm that has triggered numerous alerts overnight.

 

Of particular interest: "the worm has the ability to spoof the From: field (often set to an address found on the victim machine)" Because of this you won't know where it's coming from unless you examine the full message header.

 

Stay safe ...

 

~Rich in NEPA~

 

1132_1200.jpg

 

=== A man with a GPS receiver knows where he is; a man with two GPS receivers is never sure. ===

Posted

I don't use a virus scannner - I find they're more of a pain than viruses are. But lately I've been getting an average of one virus/day. I recon i'm used to seeing only one virus every other month. what's with all the increased traffic lately?

 

MajBach

You can't have everything,where would you put it?

1compass.gif

Posted

MB..

 

One a day? I use a virus scan program, and for the four months I've had my computer, that program has detected exactly one virus. Where are you gettin' yours?

 

Jamie

Posted

quote:
Originally posted by Jamie Z:

MB..

 

One a _day_? I use a virus scan program, and for the four months I've had my computer, that program has detected exactly _one_ virus. Where are you gettin' yours?

 

Jamie


Although I do have a virus scanner installed, I don't use in except to scan an individual suspected file. I've been getting them through e-mail. They all have been the one Hawkeye suggested. Most say 'returned mail'.

 

MajBach

You can't have everything,where would you put it?

1compass.gif

Posted

I leave my virus scanner running all the time after a friend of mine showed me a web page that exploits an XML hole in IE that allows the website to run any program it wants.

 

I hit the page with Norton running and it popped up an alert. When I hit the page without norton running the site launche notepad on me (it was a site demoing the exploit).

 

I would much less engage in casual sex with strangers then I would run my computer without antivirus. A friend of mine has to reinstall because of a virus he just got on his computer. When he showed me I noticed no antivirus running. As a result I TOLD him how to fix his computer instead of actually helping him.

 

Rob

Mobile Cache Command

4525_1300.gif

Posted

If you use an email program that doesn't allow scripting of any sort (and disable HTML launching executables in your browser) you won't have to worry about any email virii. Since M$ in their wisdom does not allow us to turn off VBS in Outlook, use something else.

 

To paraphrase someone elses sig, "Any similarity between my opinions and reality is purely coincidence".

 

AtP

Posted

quote:
Originally posted by MajBach:

what's with all the increased traffic lately?

 


 

It does sound like the Klez virus which first appeared last November but then was pretty quiet and was considered low risk. For some reason it has resurfaced and it’s risk level has gone up significantly. Norton at work is detecting 6 to 8 hits a day and we have a small office. icon_eek.gif

 

GoodHunting

45046_400.jpg

Posted

quote:
Originally posted by MajBach:

what's with all the increased traffic lately?

 


 

It does sound like the Klez virus which first appeared last November but then was pretty quiet and was considered low risk. For some reason it has resurfaced and it’s risk level has gone up significantly. Norton at work is detecting 6 to 8 hits a day and we have a small office. icon_eek.gif

 

GoodHunting

45046_400.jpg

Posted

quote:
Originally posted by Atilla the Pun:

Since M$ in their wisdom does not allow us to turn off VBS in Outlook, use something else.


 

Macs are less susceptible to viruses. Not because they are better, but because it's not as profitable for the kiddies to attack.

 

I do my work on a PC, but I read mail and surf on a Mac (OS 9.2.2). I don't bother with active anti-virus software on my Mac because I haven't had need to. I've been infected with exactly one virus (nVir in 1988) and that was because one of my bosses borrowed my SE. I killed the virus but it wasn't enough of an experience to make me paranoid.

 

On my Windows PCs, on the other hand, I have Innoculan running on my root server and the workstations have either Norton or AVG. Even then, Nimda.A got on one of my machines and the only option was to "nuke from high orbit" (reformat/reinstall).

 

-E

 

--

N35°32.981 W98°34.631

13914_200.jpg

Posted

I've had two viruses emailed me already this year. I use a web based email address (Yahoo) & scan EVERY attachment that comes to me. I scan ALL downloads even from sites that I trust. It just takes seconds and it is as automatic as putting on my seatbelt. Viruses now days love to send themselves to everyone on your email list. This means that you are are more likely to get a virus from someone you know that from an unknown source.

 

Bottom line: Install a anti-virus program (Norton is my favorite.)

Set program to autoupdate definitions or manually do it weekly.

Run program weekly.

Scan EVERY attachment & download.
Posted

Also beware that someone is sending an email that has an attachment that claims to cleanse you of the klez virus. DON'T run it!!! It IS the klez virus. Here is what the email says:

____________________

Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.

Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.

We developed this free immunity tool to defeat the malicious virus.

You only need to run this tool once,and then Klez will never come into your PC.

NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.

If so,Ignore the warning,and select 'continue'.

____________________

 

Your AV software "maybe cry"! What a hoot. Of course it will cry, if you run this you are infected!

Posted

quote:
Originally posted by Atilla the Pun:

If you use an email program that doesn't allow scripting of any sort (and disable HTML launching executables in your browser) you won't have to worry about any email virii. Since M$ in their wisdom does not allow us to turn off VBS in Outlook, use something else.

 

To paraphrase someone elses sig, "Any similarity between my opinions and reality is purely coincidence".

 

AtP


 

Outlook is a virus distribution tool with email features!

 

I work in the Novell world and NONE of my clients including very LARGE law firms, financial institutes etc were effected by nimda or codered or Melissa or ILOVEYOU.... EVER!

 

Why? Because they run GroupWise. A BETTER email system then exchange in many many many ways, the least of which is it's virus proofing.

 

I've turned down jobs where they ran Windows NT and Exchange. In my opinion, it is a sign of inexperience when someone builds a LAN around MS products.

 

I agree that MS has it's place as a database or citrix server or more to the point on a desktop PC!!!

 

Rob

Mobile Cache Command

4525_1300.gif

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...