|
|
|
|
| Author |
|
|
Registered
|
Email warning!!!
I'm sending this notice to please be careful!
I just received an email from jared@pelicanparts.com with an attachment that has no purpose that I can see. I'm a network engineer/network security officer for the Dept of Defense. I get paranoid with this type of stuff. After looking at the email header, I noticed this email was received by the pelicanparts email server and forwarded to me from maxstudio22.66-236-61-182.daf.concentric.net [66.236.61.182] Note...this is not the fault of Pelican Parts. The attachment is "zeyti.zip" which contains the file "zeyti.exe" As of the writing of this message, I have not yet been able to detect a virus according to the virus definitions of the current scanners. However, that does not mean the file is not malicious. In college years ago I wrote a program that would wipe out a computer and not be detected. DO NOT OPEN ATTACHMENTS FROM PEOPLE YOU DON'T KNOW. I'm still analyzing the attachment, but I wanted to give warning just in case. There was no reason for me to receive this email, so it raised a red flag. Please be careful. UPDATE: Just discovered W32.Novarg.A@mm inside the file. DO NOT OPEN THIS FILE. KILL IT IMMEDIATELY! |
||
01-26-2004, 04:50 PM
|
|
|
Too big to fail
|
I opened it and it didn't do anything to my system. Oh, wait:
/s2/thom $ uname -a FreeBSD web1.calweb.com 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Fri Jun 13 09:55:28 PDT 2003 cslye@web1.calw eb.com:/usr/src/sys/compile/SHELL i386
__________________
"You go to the track with the Porsche you have, not the Porsche you wish you had." '03 E46 M3 '57 356A Various VWs |
||
|
01-26-2004, 05:08 PM
|
|
|
Registered
Join Date: Dec 2003
Posts: 508
|
along these lines I got an email from "Paypal" yesterday asking me to click and confirm info etc. It was a spoof, sent it to paypal security and they are investigating.
__________________
anh911 '94 Dakota - Meh '98 Moto Guzzi - woo hoo 911; XJS; Islander 36; All Sold '97 YZF1000RJ - Totaled (Not by me) |
||
|
01-26-2004, 05:27 PM
|
|
|
Registered
|
I've been seeing this all day from different companies and users. Looks like some sort of new Windows virus.
Luckily I'm running Linux at work (Sun Java Desktop *go rah rah*) and I never use Outlook at home either.
__________________
2014 Porsche Cayman S 2001 BMW 525i Touring 1996 Porsche 911 (Gone to Germany) '86 911 Carrera (Gone to Aruba) |
||
|
01-26-2004, 05:30 PM
|
|
|
Registered
Join Date: Aug 2001
Location: Ontario, Canada
Posts: 2,441
|
There are many ebay or paypal emails out there that are bogus. For any of the computer users out here who may not know how to tell this, try checking "properties" on an email and then on the details tab. In here you will see the originating email address which shows you that it is not from paypal or ebay.
As per the file attachements, just as Bierhunter had said I never opening anything that I have ANY doubts about. I delete and then delete the deleted. I have not received such an email but I hope Pelican gets this sorted soon with little time and effort or hopefully no troubles.
__________________
1970 911 t (sold) 1985 MR2 (sold) 2011 GT 5.0 2007 CRV |
||
|
01-26-2004, 05:46 PM
|
|
|
Registered
Join Date: May 2001
Location: Bay Area
Posts: 496
|
Quote:
Wayne has been informed. We'll keep you updated.
__________________
Eugene (Formerly) at Pelican Parts Pelican's E-Commerce Guy, 2003-2011 2001 330i Sport 1983 911SC Coupe (sold) |
||
|
01-26-2004, 05:47 PM
|
|
|
|
Registered
|
Re: Email warning!!!
Quote:
Ingo
__________________
1974 Targa 3.6, 2001 C4 (sold), 2019 GT3RS, 2000 ML430 I repair/rebuild Bosch CDI Boxes and Porsche Motronic DMEs Porsche "Hammer" or Porsche PST2, PIWIS III - I can help!! How about a NoBadDays DualChip for 964 or '95 993 |
||
|
01-26-2004, 06:17 PM
|
|
|
Registered
|
yep yep happens alot.. thank god for pine.. if it can't read it it's either spam or a virus.
__________________
Tim 1973 911T 2005 VW GTI "Dave, hit the brakes, but don't look like your htting the brakes...what? I DON'T KNOW, BRAKE CASUAL!!!" dtw's thoughts after nearly rear ending a SHP officer |
||
|
01-26-2004, 06:19 PM
|
|
|
Back in the saddle again
Join Date: Oct 2001
Location: Central TX west of Houston
Posts: 56,168
|
New worm spreading rapidly across Internet
Quote:
NEVER, NEVER, NEVER open messages that seem to have no rhyme or reason. If anything seems nonsensical about an email, even if it someone that you know don't open it. If it is from someone that you know then contact them and ask them if they sent it to you. As was said above these things will often look like they come from friends, but they probably didn't. 'MyDoom' Security Advice: http://us.mcafee.com/virusInfo/default.asp?id=mydoom http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@mm.html http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.R
__________________
Steve '08 Boxster RS60 Spyder #0099/1960 - never named a car before, but this is Charlotte. '88 targa  SOLD 2004 - gone but not forgotten
|
||
|
01-26-2004, 06:35 PM
|
|
|
Buy them, sell them
|
Thanks for the update, but...
Quote:
__________________
1931 Oakland Eight Special Saloon 1985 BMW E28 525e (Euro 528e) 1989 911 Carrera Sport 3.2 G50 Cabriolet |
||
|
01-26-2004, 07:07 PM
|
|
|
drag racing the short bus
Join Date: May 2002
Location: Location, Location...
Posts: 21,983
|
Wayne - I received the same message as Bierhunter, but it came from "you."
I figured something was askew there. I forgot to tell you about it Saturday, though I meant to. Hmmm...maybe I should have PM'd you as soon as I received it. I don't know, what do you think?
__________________
The Terror of Tiny Town |
||
|
01-26-2004, 09:25 PM
|
|
|
Registered
|
I was feeling so left out running OSX, and just deleting the stuff that floated through the transom...and then I realized that my tabletPC was on and Outlook was running. Too late...so I got to play too!
And I had almost convinced myself to try another piece of MS technology (smartphone). Glad I came back to my senses. I'll run Palm or Symbian... |
||
|
01-26-2004, 11:35 PM
|
|
|
Licensed User
Join Date: Feb 2003
Location: ....down Highway 61
Posts: 6,506
|
I got the same virus in a email attachment this morning. It came from 'eurotech@.....', it wasnt from pelican. Norton did pick it up as soon as I got the email though. Update your virus defs.
|
||
|
01-27-2004, 05:00 AM
|
|
|
Super Moderator
|
I've been getting "returned mails" from people I never sent to, and who aren't in my address book. I have an up-to-date Norton and no virus's from this mornings scan...
__________________
Chris ---------------------------------------------- 1996 993 RS Replica 2023 KTM 890 Adventure R 1971 Norton 750 Commando Alcon Brake Kits |
||
|
01-27-2004, 06:37 AM
|
|
|
Licensed User
Join Date: Feb 2003
Location: ....down Highway 61
Posts: 6,506
|
Chris, Im getting the same thing. I thought I had been hit and my machine was sending out emails at will that were being rejected. Norton keeps catching them as they come in though
|
||
|
01-27-2004, 07:08 AM
|
|
|
Blockchain Tech Inventor
Join Date: Jan 1999
Location: US fn A!
Posts: 1,548
|
Chris and Shuie - you are both the victims of the "spoofing" that the viruses do. Since the viurs gleans e-mail address from all sorts of users and uses them in the "From" and "Reply To' fields, when an e-mail gets rejected - guess where it goes!
So, somebody got infected, their machine used your address in the "From" field and sent out the virus to someone else who had protection in place to reject the message and the rejection goes to you.
__________________
A Mean Green Lifted 1972 C10 Long live the king! |
||
|
01-27-2004, 09:10 AM
|
|
|
Too big to fail
|
Quote:
__________________
"You go to the track with the Porsche you have, not the Porsche you wish you had." '03 E46 M3 '57 356A Various VWs |
||
|
01-27-2004, 10:27 AM
|
|
|
Registered
Join Date: Nov 2000
Location: AZ
Posts: 8,414
|
Quote:
 Apparently, the whole reason this new virus is out there is because of a few angry Linux users. They are currently tied up in a legal battle with the company (CPO?), who's website is the target of the DoS attack the virus is scheduled to launch on Feb. 1.
|
||
|
01-27-2004, 10:49 AM
|
|
|
Go Speedracer, go!
Join Date: Aug 2002
Location: Indianapolis
Posts: 1,951
|
This MyDoom virus that spoofs email addresses is slamming my mail server. I shut it down until I get home from work and install/update a filter. It infects a computer then replicates or sends itself to every email address in that persons address book. "they" are saying it might be the fastest spreading virus yet. More so than the Nimba, and others. From what I can see, it doesn't cause too much damage, jsut DOS attacks and junk email. I guess there are some though that are installing keystroke recorders with the virus, that can record various bit of personal info such as passwords and credit card info that you type in.
__________________
1981 SC ROW Coupe |
||
|
01-27-2004, 12:13 PM
|
|
|
Longtime Member
|
i knew jared was trouble.....
__________________
78SC PRC Spec911 (sold 12/15) https://www.youtube.com/watch?v=f7I6HCCKrVQ Now gone: 03 996TT/75 slicklid 3.oL carb'd hotrod 15 Rubicon JK/07.5 LMM Duramax 4x/86 Ski Nautique Correct Craft |
||
|
01-27-2004, 01:51 PM
|
|
1974 Porsche 911S Targa 3.0 
1986 Porsche Carerra 3.2
1974 Porsche 911 Targa 3.6
1973 Porsche 911 2.4 MFI
1976 Porsche 911S - Sold
Rolling Thunder - Sold
'66 Charger - Sold
Beep Beep! - Sold
1989 Porsche 911 Carrera
1979 Porsche 911SC 3.0
1970 Porsche 911 S 
the 23 car
domino
