I HAVE A VIRUS!!!
Thread Starter
Trial User
Joined: Jan 2000
Posts: 7,722
Likes: 0
From: Plotting My Revenge
I HAVE A VIRUS!!!
My computer became infected some time yesterday (Saturday 1/19). I still haven't figured out where it came from as I recieved no odd email attachments yesterday or recently.
Many of you are in my address book due to NASA and the ECHC. Don't open any email from me, even if there isn't an attachment. This is scary, but this virus may have somehow come without the aid of an attachment. Again, I had no attachments yesterday.
Sorry,
Scott
Many of you are in my address book due to NASA and the ECHC. Don't open any email from me, even if there isn't an attachment. This is scary, but this virus may have somehow come without the aid of an attachment. Again, I had no attachments yesterday.
Sorry,
Scott
Thread Starter
Trial User
Joined: Jan 2000
Posts: 7,722
Likes: 0
From: Plotting My Revenge
Re: I HAVE A VIRUS!!! (RoadRacer)
One of the emails that was bounced back identified the virus as "Worm_badtrans.B"
Anybody know anything about this?
It apparently sends out an email with NO attachment and NOTHING in the body of the email. I had several emails from folks who said "dude, you sent me an email with nothing in it."
Again, don't open anything from me, or Renee. I'm pretty sure it came from her computer yesterday as I got a blank email from her.
Anybody know anything about this?
It apparently sends out an email with NO attachment and NOTHING in the body of the email. I had several emails from folks who said "dude, you sent me an email with nothing in it."
Again, don't open anything from me, or Renee. I'm pretty sure it came from her computer yesterday as I got a blank email from her.
Junior Member
Joined: May 2001
Posts: 892
Likes: 0
From: decatuR, GA
Re: I HAVE A VIRUS!!! (RoadRacer)
hi scott
here's some info and a removal tool
http://securityresponse.symantec.com...rans.b@mm.html
jeff
<edit> fixed link </edit>
[Modified by pyromaster, 11:23 AM 1/20/2002]
here's some info and a removal tool
http://securityresponse.symantec.com...rans.b@mm.html
jeff
<edit> fixed link </edit>
[Modified by pyromaster, 11:23 AM 1/20/2002]
Honda-Tech Member
Joined: May 2000
Posts: 2,861
Likes: 0
From: Atlanta, GA, USA
Re: I HAVE A VIRUS!!! (RoadRacer)
Your GF has it too BTW. Better use protection next time. 
What Pyro said it right though. Looks like the one. Just say no ot M$ products.
---
Status: U
Return-Path: <sgiles22@earthlink.net>
Received: from lsh103.siteprotect.com ([66.113.134.246])
by strange.mail.mindspring.net (Earthlink Mail Service) with ESMTP id u4j7eu.6ho.37kbi0u
for <zsf@mindspring.com>; Sat, 19 Jan 2002 11:25:02 -0500 (EST)
Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123])
by lsh103.siteprotect.com (8.9.3/8.9.3) with ESMTP id KAA18946
for <info@honda-challenge.com>; Sat, 19 Jan 2002 10:25:03 -0600
Received: from dialup-209.246.180.37.dial1.atlanta1.level3.net ([209.246.180.37] helo=aol.com)
by swan.prod.itd.earthlink.net with smtp (Exim 3.33 #1)
id 16RyIQ-0000oj-00
for info@honda-challenge.com; Sat, 19 Jan 2002 08:24:46 -0800
From: "Scott Giles" <_sgiles22@earthlink.net>
To: info@honda-challenge.com
Subject: Re:
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="====_ABC1234567890DEF_===="
X-Priority: 3
X-MSMail-Priority: Normal
X-Unsent: 1
Message-Id: <E16RyIQ-0000oj-00@swan.prod.itd.earthlink.net>
Date: Sat, 19 Jan 2002 08:24:46 -0800
X-Mozilla-Status: 8011
X-Mozilla-Status2: 00000000
X-UIDL: u4j7eu.6ho.37kbi0u.0
--====_ABC1234567890DEF_====
Content-Type: multipart/alternative;
boundary="====_ABC0987654321DEF_===="
--====_ABC0987654321DEF_====
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<HTML><HEAD></HEAD><BODY bgColor=3D#ffffff>
<iframe src=3Dcid:EA4DMGBP9p height=3D0 width=3D0>
</iframe></BODY></HTML>
--====_ABC0987654321DEF_====--
--====_ABC1234567890DEF_====
Content-Type: audio/x-wav;
name="docs.DOC.pif"
Content-Transfer-Encoding: base64
Content-ID: <EA4DMGBP9p>
....VIRIS GOES HERE....
What Pyro said it right though. Looks like the one. Just say no ot M$ products.
---
Status: U
Return-Path: <sgiles22@earthlink.net>
Received: from lsh103.siteprotect.com ([66.113.134.246])
by strange.mail.mindspring.net (Earthlink Mail Service) with ESMTP id u4j7eu.6ho.37kbi0u
for <zsf@mindspring.com>; Sat, 19 Jan 2002 11:25:02 -0500 (EST)
Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123])
by lsh103.siteprotect.com (8.9.3/8.9.3) with ESMTP id KAA18946
for <info@honda-challenge.com>; Sat, 19 Jan 2002 10:25:03 -0600
Received: from dialup-209.246.180.37.dial1.atlanta1.level3.net ([209.246.180.37] helo=aol.com)
by swan.prod.itd.earthlink.net with smtp (Exim 3.33 #1)
id 16RyIQ-0000oj-00
for info@honda-challenge.com; Sat, 19 Jan 2002 08:24:46 -0800
From: "Scott Giles" <_sgiles22@earthlink.net>
To: info@honda-challenge.com
Subject: Re:
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="====_ABC1234567890DEF_===="
X-Priority: 3
X-MSMail-Priority: Normal
X-Unsent: 1
Message-Id: <E16RyIQ-0000oj-00@swan.prod.itd.earthlink.net>
Date: Sat, 19 Jan 2002 08:24:46 -0800
X-Mozilla-Status: 8011
X-Mozilla-Status2: 00000000
X-UIDL: u4j7eu.6ho.37kbi0u.0
--====_ABC1234567890DEF_====
Content-Type: multipart/alternative;
boundary="====_ABC0987654321DEF_===="
--====_ABC0987654321DEF_====
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<HTML><HEAD></HEAD><BODY bgColor=3D#ffffff>
<iframe src=3Dcid:EA4DMGBP9p height=3D0 width=3D0>
</iframe></BODY></HTML>
--====_ABC0987654321DEF_====--
--====_ABC1234567890DEF_====
Content-Type: audio/x-wav;
name="docs.DOC.pif"
Content-Transfer-Encoding: base64
Content-ID: <EA4DMGBP9p>
....VIRIS GOES HERE....
Thread Starter
Trial User
Joined: Jan 2000
Posts: 7,722
Likes: 0
From: Plotting My Revenge
Re: I HAVE A VIRUS!!! (SPiFF)
Thanks guys. Looks like that got it.
I apologize in advance to all you folks I sent it to. Like me, not everyone's protection caught it.
And Renee and I promise to use cyber condoms from here on...
I apologize in advance to all you folks I sent it to. Like me, not everyone's protection caught it.
And Renee and I promise to use cyber condoms from here on...
Honda-Tech Member
Joined: Apr 2000
Posts: 3,846
Likes: 1
From: I started it
Re: I HAVE A VIRUS!!! (RoadRacer)
You may already know this stuff, but for everyone else...
1. Never run an attachment without first detaching it to your local drive and running a virus checker onit.
2. Watch out for filename extensions. Common ones that I see with viruses end with .scr, .bat, .exe, .reg, and .cmd, among others. Sometimes you'll see something like "scottisabastard.txt.exe," which has the .txt in it, but will be counted as an .exe file.
3. Keep your virus detection software current. Most (all?) of them offer automatic download of updated signature files.
1. Never run an attachment without first detaching it to your local drive and running a virus checker onit.
2. Watch out for filename extensions. Common ones that I see with viruses end with .scr, .bat, .exe, .reg, and .cmd, among others. Sometimes you'll see something like "scottisabastard.txt.exe," which has the .txt in it, but will be counted as an .exe file.
3. Keep your virus detection software current. Most (all?) of them offer automatic download of updated signature files.
Trending Topics
New User
Joined: Oct 2001
Posts: 21
Likes: 0
From: Auburn, WA, US
Re: I HAVE A VIRUS!!! (pyromaster)
Sorry, guys and Thanks, Jeff.
I had to do a manual fix. It took awhile because I tried all of the automatic fixes first, but alas, none of them worked.
My hotmail address also had an email with the virus. Probably from someone I emailed it to! Experience caught that one though.
Again, thanks.
I had to do a manual fix. It took awhile because I tried all of the automatic fixes first, but alas, none of them worked.
My hotmail address also had an email with the virus. Probably from someone I emailed it to! Experience caught that one though.
Again, thanks.
Thread Starter
Trial User
Joined: Jan 2000
Posts: 7,722
Likes: 0
From: Plotting My Revenge
Re: I HAVE A VIRUS!!! (krshultz)
Funny thing is that I didn't open the attachment. Renee was sitting here with me and said "I didn't send you that" so I deleted it immediately. And no, my preview pane was not open.
This one was a tricky little bassard.
This one was a tricky little bassard.
Honda-Tech Member
Joined: Oct 2001
Posts: 2,224
Likes: 0
From: Ohio, USA
Thread
Thread Starter
Forum
Replies
Last Post
