Full Disclosure mailing list archives
Re: Email Harvesting virus?
From: "gregh" <chows () ozemail com au>
Date: Tue, 7 Oct 2003 20:16:55 +1000
----- Original Message ----- From: Joel R. Helgeson To: full-disclosure () lists netsys com Sent: Tuesday, October 07, 2003 12:44 PM Subject: [Full-disclosure] Email Harvesting virus?
I came across an intersting event today. I haven't been able to research
it as much as I'd like, but I'd like to toss it out to the
community just the same.
A customers machine appears to be infected with some type of malware that
apparently harvests email addresses and puts them into > a file named '~'. Just the tilde ~, no extention. This file is created under the C:\Documents and Settings\%username%\~. I have
attached a zipped copy of the file for refrence.
This happened a while ago in an MS update and it depends on a few things where the tilde file ends up on your system. It is on desktop on most but in My Documents, for example, on mine. It is a WAB file or an email address book. Not a good idea sending that to a list, BTW. Greg. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Email Harvesting virus? Joel R. Helgeson (Oct 06)
- Re: Email Harvesting virus? Blue Boar (Oct 06)
- Re: Email Harvesting virus? Michael J McCafferty (Oct 06)
- Re: Email Harvesting virus? Mary Landesman (Oct 06)
- Re: Email Harvesting virus? gregh (Oct 07)
- <Possible follow-ups>
- Fw: Email Harvesting virus? http-equiv () excite com (Oct 06)
- RE: Email Harvesting virus? David Vincent (Oct 07)
- Re[2]: Email Harvesting virus? Papp Geza (Oct 07)