Security Basics mailing list archives
RE: Possible Virus or Trojan?
From: arh <arh () Mustangsurvival com>
Date: Mon, 3 Nov 2003 10:08:41 -0800
Yes it's a worm -- the W32.Mimail.C@mm worm. But there is even a removal tool from Symantec. Find it at: http://securityresponse.symantec.com/ Click on the "SecurityAlert" button in the center... Andy Hickman Network Administrator/Technical Support Specialist -----Original Message----- From: PAUL NICKELSON [mailto:pjn308 () yahoo com] Sent: Friday, October 31, 2003 8:08 AM To: security-basics () securityfocus com Subject: Possible Virus or trojan? Has anyone ever seen an email with the following body? Re[2]: our private photos ocooeaoe Importance: High Hello Dear!, Finally i've found possibility to right u, my lovely girl :) All our photos which i've made at the beach (even when u're without ur bh:)) photos are great! This evening i'll come and we'll make the best SEX :) Right now enjoy the photos. Kiss, James. ocooeaoe With an attached file named photos.zip and within that, photo.jpg.exe. Is this something new or a targeted attack? I did find a reference to netwatch.exe in hex editor and if installed will start netwatch.exe. Thanks. __________________________________ Do you Yahoo!? Exclusive Video Premiere - Britney Spears http://launch.yahoo.com/promos/britneyspears/ --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ---------------------------------------------------------------------------- --------------------------------------------------------------------------- Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE The Presidio integrates PGP data encryption and XML Web Services security to simplify the management and deployment of PGP and reduce overall PGP costs by up to 80%. FREE WHITEPAPER & 30 Day Trial - http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027 ----------------------------------------------------------------------------
Current thread:
- Possible Virus or trojan? PAUL NICKELSON (Nov 03)
- Re: Possible Virus or trojan? Lou (Nov 03)
- Re: Possible Virus or trojan? Brian Jones (Nov 03)
- <Possible follow-ups>
- RE: Possible Virus or trojan? Thomas F. Szabo (Nov 03)
- RE: Possible Virus or trojan? Matt Gibson (Nov 03)
- RE: Possible Virus or Trojan? arh (Nov 03)
- RE: Possible Virus or trojan? Alfred . Diggs (Nov 04)