Pelican Parts
Parts Catalog Accessories Catalog How To Articles Tech Forums
Call Pelican Parts at 888-280-7799
Shopping Cart Cart | Project List | Order Status | Help



Go Back   Pelican Parts Forums > Miscellaneous and Off Topic Forums > Off Topic Discussions


Reply
 
LinkBack Thread Tools Rate Thread
Author
Thread Post New Thread    Reply
Registered
 
BierHunter's Avatar
 
Join Date: Mar 2001
Location: Okla, USA
Posts: 69
Garage
Angry Email warning!!!

I'm sending this notice to please be careful!

I just received an email from jared@pelicanparts.com with an attachment that has no purpose that I can see.

I'm a network engineer/network security officer for the Dept of Defense. I get paranoid with this type of stuff.

After looking at the email header, I noticed this email was received by the pelicanparts email server and forwarded to me from maxstudio22.66-236-61-182.daf.concentric.net [66.236.61.182] Note...this is not the fault of Pelican Parts.

The attachment is "zeyti.zip" which contains the file "zeyti.exe"

As of the writing of this message, I have not yet been able to detect a virus according to the virus definitions of the current scanners.

However, that does not mean the file is not malicious. In college years ago I wrote a program that would wipe out a computer and not be detected. DO NOT OPEN ATTACHMENTS FROM PEOPLE YOU DON'T KNOW.

I'm still analyzing the attachment, but I wanted to give warning just in case. There was no reason for me to receive this email, so it raised a red flag.

Please be careful.


UPDATE: Just discovered W32.Novarg.A@mm inside the file. DO NOT OPEN THIS FILE. KILL IT IMMEDIATELY!

__________________
BierHunter
74 911S Targa
Old 01-26-2004, 04:50 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #1 (permalink)
Too big to fail
 
widebody911's Avatar
 
Join Date: Jan 2002
Location: Carmichael, CA
Posts: 33,894
Garage
Send a message via AIM to widebody911 Send a message via Yahoo to widebody911
I opened it and it didn't do anything to my system. Oh, wait:

/s2/thom $ uname -a
FreeBSD web1.calweb.com 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Fri Jun 13 09:55:28 PDT 2003 cslye@web1.calw
eb.com:/usr/src/sys/compile/SHELL i386
__________________
"You go to the track with the Porsche you have, not the Porsche you wish you had."
'03 E46 M3
'57 356A
Various VWs
Old 01-26-2004, 05:08 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #2 (permalink)
Registered
 
anh911's Avatar
 
Join Date: Dec 2003
Posts: 508
along these lines I got an email from "Paypal" yesterday asking me to click and confirm info etc. It was a spoof, sent it to paypal security and they are investigating.
__________________
anh911
'94 Dakota - Meh
'98 Moto Guzzi - woo hoo
911; XJS; Islander 36; All Sold
'97 YZF1000RJ - Totaled (Not by me)
Old 01-26-2004, 05:27 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #3 (permalink)
Registered
 
moazam's Avatar
 
Join Date: Sep 2003
Location: Fremont, CA
Posts: 829
Garage
Send a message via AIM to moazam
I've been seeing this all day from different companies and users. Looks like some sort of new Windows virus.

Luckily I'm running Linux at work (Sun Java Desktop *go rah rah*) and I never use Outlook at home either.
__________________
2014 Porsche Cayman S
2001 BMW 525i Touring
1996 Porsche 911 (Gone to Germany)
'86 911 Carrera (Gone to Aruba)
Old 01-26-2004, 05:30 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #4 (permalink)
Reg Reg is online now
Registered
 
Reg's Avatar
 
Join Date: Aug 2001
Location: Ontario, Canada
Posts: 2,441
There are many ebay or paypal emails out there that are bogus. For any of the computer users out here who may not know how to tell this, try checking "properties" on an email and then on the details tab. In here you will see the originating email address which shows you that it is not from paypal or ebay.

As per the file attachements, just as Bierhunter had said I never opening anything that I have ANY doubts about. I delete and then delete the deleted.

I have not received such an email but I hope Pelican gets this sorted soon with little time and effort or hopefully no troubles.
__________________
1970 911 t (sold)
1985 MR2 (sold)
2011 GT 5.0
2007 CRV
Old 01-26-2004, 05:46 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #5 (permalink)
Registered
 
Eugene at Pelican Parts's Avatar
 
Join Date: May 2001
Location: Bay Area
Posts: 496
Quote:
Originally posted by Reg
I have not received such an email but I hope Pelican gets this sorted soon with little time and effort or hopefully no troubles.
Thanks guys...

Wayne has been informed.

We'll keep you updated.
__________________
Eugene (Formerly) at Pelican Parts
Pelican's E-Commerce Guy, 2003-2011

2001 330i Sport
1983 911SC Coupe (sold)
Old 01-26-2004, 05:47 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #6 (permalink)
 
Registered
 
ischmitz's Avatar
 
Join Date: May 2002
Location: Santa Barbara, CA
Posts: 4,810
Garage
Send a message via Skype™ to ischmitz
Re: Email warning!!!

Quote:
Originally posted by BierHunter
After looking at the email header, I noticed this email was received by the pelicanparts email server and forwarded to me from maxstudio22.66-236-61-182.daf.concentric.net [66.236.61.182]
I seems like all Emails have the MAXSTUDIO in their header. My guess is that Jared has simply caught a virus and now his computer spreads it.

Ingo
__________________
1974 Targa 3.6, 2001 C4 (sold), 2019 GT3RS, 2000 ML430

I repair/rebuild Bosch CDI Boxes and Porsche Motronic DMEs
Porsche "Hammer" or Porsche PST2, PIWIS III - I can help!!
How about a NoBadDays DualChip for 964 or '95 993
Old 01-26-2004, 06:17 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #7 (permalink)
Registered
 
Tim Walsh's Avatar
 
Join Date: Sep 2002
Location: Green-Salem, NC
Posts: 3,914
Garage
Send a message via AIM to Tim Walsh
yep yep happens alot.. thank god for pine.. if it can't read it it's either spam or a virus.
__________________
Tim
1973 911T
2005 VW GTI
"Dave, hit the brakes, but don't look like your htting the brakes...what? I DON'T KNOW, BRAKE CASUAL!!!" dtw's thoughts after nearly rear ending a SHP officer
Old 01-26-2004, 06:19 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #8 (permalink)
Back in the saddle again
 
masraum's Avatar
 
Join Date: Oct 2001
Location: Central TX west of Houston
Posts: 56,168
New worm spreading rapidly across Internet

Quote:
The worm, called "Mydoom" or "Novarg" by antivirus companies, appears to be an e-mail error message.
I saw these in my inbox all day long.

NEVER, NEVER, NEVER open messages that seem to have no rhyme or reason. If anything seems nonsensical about an email, even if it someone that you know don't open it. If it is from someone that you know then contact them and ask them if they sent it to you. As was said above these things will often look like they come from friends, but they probably didn't.

'MyDoom' Security Advice:

http://us.mcafee.com/virusInfo/default.asp?id=mydoom

http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.R
__________________
Steve
'08 Boxster RS60 Spyder #0099/1960
- never named a car before, but this is Charlotte.
'88 targa SOLD 2004 - gone but not forgotten
Old 01-26-2004, 06:35 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #9 (permalink)
Buy them, sell them
 
Adam's Avatar
 
Join Date: Jan 2001
Location: Melbourne, AU
Posts: 4,167
Garage
Thanks for the update, but...
Quote:
In college years ago I wrote a program that would wipe out a computer and not be detected.
__________________
1931 Oakland Eight Special Saloon
1985 BMW E28 525e (Euro 528e)
1989 911 Carrera Sport 3.2 G50 Cabriolet
Old 01-26-2004, 07:07 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #10 (permalink)
drag racing the short bus
 
dd74's Avatar
 
Join Date: May 2002
Location: Location, Location...
Posts: 21,983
Wayne - I received the same message as Bierhunter, but it came from "you."

I figured something was askew there. I forgot to tell you about it Saturday, though I meant to.

Hmmm...maybe I should have PM'd you as soon as I received it. I don't know, what do you think?
__________________
The Terror of Tiny Town
Old 01-26-2004, 09:25 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #11 (permalink)
Registered
 
nostatic's Avatar
 
Join Date: Sep 2001
Location: SoCal
Posts: 30,318
Garage
I was feeling so left out running OSX, and just deleting the stuff that floated through the transom...and then I realized that my tabletPC was on and Outlook was running. Too late...so I got to play too!

And I had almost convinced myself to try another piece of MS technology (smartphone). Glad I came back to my senses. I'll run Palm or Symbian...
Old 01-26-2004, 11:35 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #12 (permalink)
Licensed User
 
Shuie's Avatar
 
Join Date: Feb 2003
Location: ....down Highway 61
Posts: 6,506
I got the same virus in a email attachment this morning. It came from 'eurotech@.....', it wasnt from pelican. Norton did pick it up as soon as I got the email though. Update your virus defs.
Old 01-27-2004, 05:00 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #13 (permalink)
Super Moderator
 
cstreit's Avatar
 
Join Date: Feb 2000
Location: Naperville, IL USA
Posts: 14,969
Garage
I've been getting "returned mails" from people I never sent to, and who aren't in my address book. I have an up-to-date Norton and no virus's from this mornings scan...
__________________
Chris
----------------------------------------------

1996 993 RS Replica
2023 KTM 890 Adventure R
1971 Norton 750 Commando
Alcon Brake Kits
Old 01-27-2004, 06:37 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #14 (permalink)
Licensed User
 
Shuie's Avatar
 
Join Date: Feb 2003
Location: ....down Highway 61
Posts: 6,506
Chris, Im getting the same thing. I thought I had been hit and my machine was sending out emails at will that were being rejected. Norton keeps catching them as they come in though
Old 01-27-2004, 07:08 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #15 (permalink)
Blockchain Tech Inventor
 
jrdavid68's Avatar
 
Join Date: Jan 1999
Location: US fn A!
Posts: 1,548
Chris and Shuie - you are both the victims of the "spoofing" that the viruses do. Since the viurs gleans e-mail address from all sorts of users and uses them in the "From" and "Reply To' fields, when an e-mail gets rejected - guess where it goes!

So, somebody got infected, their machine used your address in the "From" field and sent out the virus to someone else who had protection in place to reject the message and the rejection goes to you.
__________________
A Mean Green Lifted 1972 C10
Long live the king!
Old 01-27-2004, 09:10 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #16 (permalink)
Too big to fail
 
widebody911's Avatar
 
Join Date: Jan 2002
Location: Carmichael, CA
Posts: 33,894
Garage
Send a message via AIM to widebody911 Send a message via Yahoo to widebody911
Quote:
Originally posted by cstreit
I've been getting "returned mails" from people I never sent to, and who aren't in my address book. I have an up-to-date Norton and no virus's from this mornings scan...
I wish the AV programs wouldn't do this - they know the address was spoofed, but I think they do it anyway as a subtle marketing ploy. At least don't send me back the entire freakin' infected attachment!
__________________
"You go to the track with the Porsche you have, not the Porsche you wish you had."
'03 E46 M3
'57 356A
Various VWs
Old 01-27-2004, 10:27 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #17 (permalink)
Registered
 
Eric Coffey's Avatar
 
Join Date: Nov 2000
Location: AZ
Posts: 8,414
Quote:
Originally posted by moazam
I've been seeing this all day from different companies and users. Looks like some sort of new Windows virus.

Luckily I'm running Linux at work (Sun Java Desktop *go rah rah*) and I never use Outlook at home either.
Moazam, It's all your fault! Apparently, the whole reason this new virus is out there is because of a few angry Linux users. They are currently tied up in a legal battle with the company (CPO?), who's website is the target of the DoS attack the virus is scheduled to launch on Feb. 1.
Old 01-27-2004, 10:49 AM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #18 (permalink)
Go Speedracer, go!
 
SpeedracerIndy's Avatar
 
Join Date: Aug 2002
Location: Indianapolis
Posts: 1,951
This MyDoom virus that spoofs email addresses is slamming my mail server. I shut it down until I get home from work and install/update a filter. It infects a computer then replicates or sends itself to every email address in that persons address book. "they" are saying it might be the fastest spreading virus yet. More so than the Nimba, and others. From what I can see, it doesn't cause too much damage, jsut DOS attacks and junk email. I guess there are some though that are installing keystroke recorders with the virus, that can record various bit of personal info such as passwords and credit card info that you type in.
__________________
1981 SC ROW Coupe
Old 01-27-2004, 12:13 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #19 (permalink)
Longtime Member
 
juanbenae's Avatar
 
Join Date: Feb 2002
Location: Tuo*Co on CA108
Posts: 14,131
Garage
i knew jared was trouble.....

__________________
78SC PRC Spec911 (sold 12/15) https://www.youtube.com/watch?v=f7I6HCCKrVQ
Now gone: 03 996TT/75 slicklid 3.oL carb'd hotrod
15 Rubicon JK/07.5 LMM Duramax 4x/86 Ski Nautique Correct Craft
Old 01-27-2004, 01:51 PM
  Pelican Parts Catalog | Tech Articles | Promos & Specials    Reply With Quote #20 (permalink)
Reply


 


All times are GMT -8. The time now is 02:00 AM.


 
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website -    DMCA Registered Agent Contact Page
 

DTO Garage Plus vBulletin Plugins by Drive Thru Online, Inc.