VIRUS ALERT

This was in my e-mail, sent from virusalert@chariot.net.au

VIRUS ALERT

Our content checker found
Worm.Gibe.F
virus in an email to you from:

topdeck1@chariot.net.au

Not quarantined.

Androcles

:
: VIRUS ALERT
:
: Our content checker found
: Worm.Gibe.F
: virus in an email to you from:
:
: topdeck1@chariot.net.au
:
: Not quarantined.

It was in the mailbox of anybody who has posted
in any newsgroup that valid userIDs were harvested from.

I may be from that ISP, or it may be a trigger
for harmware already delivered by a trojan.

Joe Fischer

--
3

On 21 Sep 2003 12:18:28 -0400, Joe Fischer

The question is, what do you do if you're the recipent of this
worm's output but not infected???

Yes, my e-mail is being flooded by this worm's output.

And yes, I've have Norton's anti-virus (9/18/03 Def File)
and have done a full scan of my system, as well as have it
scanning for neferious outgoing traffic.

Paul Stowe

FYI...

I just received a message for a server anti-virus package saying
the sender is from

"mogongrunt@terragon.com containing the virus Exploit.IFrame.Gen."

Paul Stowe

Yep, me too. I just let NAV dump 'em instead of me picking them out from
real mail, but I was wondering if anyone knew of a way to stop them at
source?
Hmm... Perhaps it is time to start writing benign antibodies to gobble up
the virii and send them back to the origin. I don't suppose mogongrunt
would mind, or even know that his/her machine had been infected and
disinfected, and anyway it's a waste of time writing to the owners of
infected machines since most probably don't know what is going on or how to
deal with it anyway .
Androcles

| On Sun, 21 Sep 2003 18:25:23 GMT, pstowe@ix.netcom.com wrote: |
| >On 21 Sep 2003 12:18:28 -0400, Joe Fischer
| ><gravity-central@shell1.iglou.com> wrote:
| >
| >>AndroclesInEngland <jp006f9750@blueyonder.co.uk> wrote:
| >>: This was in my e-mail, sent from virusalert@chariot.net.au
| >>:
| >>: VIRUS ALERT
| >>:
| >>: Our content checker found
| >>: Worm.Gibe.F
| >>: virus in an email to you from:
| >>:
| >>: topdeck1@chariot.net.au
| >>:
| >>: Not quarantined.
| >>
| >> It was in the mailbox of anybody who has posted
| >>in any newsgroup that valid userIDs were harvested from.
| >>
| >> I may be from that ISP, or it may be a trigger
| >> for harmware already delivered by a trojan.
| >
| > The question is, what do you do if you're the recipent of this
| > worm's output but not infected???
| >
| > Yes, my e-mail is being flooded by this worm's output.
| >
| > And yes, I've have Norton's anti-virus (9/18/03 Def File)
| > and have done a full scan of my system, as well as have it
| > scanning for neferious outgoing traffic.
|
| FYI...
|
| I just received a message for a server anti-virus package saying
| the sender is from
|
| "mogongrunt@terragon.com containing the virus Exploit.IFrame.Gen."
|
| Paul Stowe

Paul, it is too late now, but you shouldn't be using your main email
address when posting to newsgroups. Or at least you should mess it up in
the headers so robots can't get it easily. That is why I use my hotmail
address for posting to usenet. I can set hotmail to automatically delete
all junk mail before I even see it. It was getting flooded by these worm
emails a couple days ago so I just set it to delete junk mail before I
even see it. Get yourself a free hotmail or yahoo address and put that
address in the reply to for your usenet setup. Or just scramble your
netcom address in the reply to field so that it takes a real person to
decipher it.

FrediFizzx

Dear pstowe:

Norton deletes the file, so you need do nothing at all.

If you have the Mexican virus checker, Manual, then you delete the file,
then permanently delete the file, then empty your trashcan.

Sooner or later the source computers destroy themselves, and the rain
stops.

David A. Smith

Dear pstowe@ix.netcom.com:

Actually the current virii use one of the names of either your email
address book, or a source file, and creates an alias for outgoing emails.
You actually have to look at the routing list to see what server originated
it. You may never know the sender unless you have valid emails that
originate from the same server.

David A. Smith

I bought Spam Bully (tm) which is a plug in to the Outlook Express. It
can be trained to scoop up spam and put it in a seperate folder. That
way you can see your real mail. It won't stop those son's of bitchers
who are sending this junk from sending it, but it will lessen the
disrupting effects.

Bob Kolker

I hope when these bastards are caught, convicted and jailed, they are
put in very very large, very muscular, very horny prisoners. This guys
will make ideal wives while they are in the slammer. There cell mates
will have them squeelin' from the peelin' and oinking from the boinking.

Bob Kolker

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode test 33Switch to Hybrid Mode Switch to Threaded Mode

1 16th June 01:02 androclesinengland External User Posts: 1	VIRUS ALERT This was in my e-mail, sent from virusalert@chariot.net.au VIRUS ALERT Our content checker found Worm.Gibe.F virus in an email to you from: topdeck1@chariot.net.au Not quarantined. Androcles

2 17th June 19:00 joe fischer External User Posts: 1	VIRUS ALERT : : VIRUS ALERT : : Our content checker found : Worm.Gibe.F : virus in an email to you from: : : topdeck1@chariot.net.au : : Not quarantined. It was in the mailbox of anybody who has posted in any newsgroup that valid userIDs were harvested from. I may be from that ISP, or it may be a trigger for harmware already delivered by a trojan. Joe Fischer -- 3

3 17th June 19:01 External User Posts: 1	VIRUS ALERT On 21 Sep 2003 12:18:28 -0400, Joe Fischer The question is, what do you do if you're the recipent of this worm's output but not infected??? Yes, my e-mail is being flooded by this worm's output. And yes, I've have Norton's anti-virus (9/18/03 Def File) and have done a full scan of my system, as well as have it scanning for neferious outgoing traffic. Paul Stowe

4 17th June 19:01 External User Posts: 1	VIRUS ALERT FYI... I just received a message for a server anti-virus package saying the sender is from "mogongrunt@terragon.com containing the virus Exploit.IFrame.Gen." Paul Stowe

7 18th June 18:14 dlzc External User Posts: 1	VIRUS ALERT Dear pstowe: Norton deletes the file, so you need do nothing at all. If you have the Mexican virus checker, Manual, then you delete the file, then permanently delete the file, then empty your trashcan. Sooner or later the source computers destroy themselves, and the rain stops. David A. Smith

8 18th June 18:14 dlzc External User Posts: 1	VIRUS ALERT Dear pstowe@ix.netcom.com: Actually the current virii use one of the names of either your email address book, or a source file, and creates an alias for outgoing emails. You actually have to look at the routing list to see what server originated it. You may never know the sender unless you have valid emails that originate from the same server. David A. Smith

9 18th June 18:14 robert j. kolker External User Posts: 1	VIRUS ALERT I bought Spam Bully (tm) which is a plug in to the Outlook Express. It can be trained to scoop up spam and put it in a seperate folder. That way you can see your real mail. It won't stop those son's of bitchers who are sending this junk from sending it, but it will lessen the disrupting effects. Bob Kolker

10 18th June 18:14 robert j. kolker External User Posts: 1	VIRUS ALERT I hope when these bastards are caught, convicted and jailed, they are put in very very large, very muscular, very horny prisoners. This guys will make ideal wives while they are in the slammer. There cell mates will have them squeelin' from the peelin' and oinking from the boinking. Bob Kolker