Security Incidents mailing list archives
Re: Strange file I received
From: Tomo Radovanovic <tomo () SOROS ORG BA>
Date: Tue, 24 Oct 2000 00:20:01 +0200
Aliases: W32/MTX Infects: EXE files, Windows virus Memory resident: Yes This virus waits until the user sends an email message. It then sends a second message to the same recipient with a copy of the virus attached. The email has no subject or message text and the attachment can have one of 31 different names. It also monitors network traffic and will attempt to stop any access to websites of anti-virus vendors and major ISPs and outgoing email to those companies. First reported in August 2000. Recovery: Perform a secure bootstrap from a clean system disk with the same version of the operating system as the one installed on the hard disk. At 11:20 AM 10/22/2000 -0400, Vince Vielhaber wrote:
I received the attached file from someone immediately after receiving a note from them. The only difference is I gzipped it so hopefully noone's mailer takes off and runs whatever it is. Just looking at the text of it it looks to be another virus/trojan. I don't recall seeing this filename on any of the lists either and this one came withoout a subject. Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: vev () michvhf com http://www.pop4.net 128K ISDN from $22.00/mo - 56K Dialup from $16.00/mo at Pop4 Networking Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ==========================================================================
Current thread:
- Strange file I received Vince Vielhaber (Oct 24)
- Re: Strange file I received Elias Levy (Oct 24)
- Re: Strange file I received James Cox (Oct 25)
- <Possible follow-ups>
- Re: Strange file I received Tomo Radovanovic (Oct 25)