• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Strange E-Mail from Microsoft... Virus?!

N

Nedreplan

Guest
#1
I just received an e-mail from Microsoft which says:

"Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!"

And with it is a file called "Patch.exe" Size: 9.48 kb

The sender is: security@microsoft.com

but if I look at the source of the E-mail it says:
Return-Path: <admin@duma.gov.ru>
the the very top...

For me this is VERY suspicious...

So.. what do you think?? MSBlast?, sobig...or?? :p

I have not opened the letter just pre-viewing it without touching the "Patch.exe"-file.
 
N

Nedreplan

Guest
#4
Got rid of it..:)
And I will out of safty run the Symantec "FixBlast"

Are some people so bored so they sit and create viruses just to mess up other peoples lifes?..!..*wondering*
I was at my sister's house yesterday and got rid of a MsBlast they had on the computer...it kept restarting so I was very suspicious...

Thanks !!! :)
 
#5
Damn. You should have quaranteed the email and contacted Macafee or Norton and asked if they wanted the email. They are constantly looking for new viruse threats.

Oh well, maybe next time.
 
N

Nedreplan

Guest
#6
Bummer!!!
I did not know that.
Yes, I should have done so.
Only way to crack these losers who makes these viruses if we all work togheter.....
 
N

Nedreplan

Guest
#7
By the way..
I was talking to a friend of mine on the phone, and he have recieved the same message as I did.
The virus is: W32.Dumaru@mm

There is a fix for it on http://www.symantec.com, under "Download Virus Removal Tool"
There you can find others, for other type of viruses.
But of course... nothing is as good as having a full anti-virus program installed... and frequently updated, especially now.

http://securityresponse.symantec.com/avcenter/tools.list.html

"W32.Dumaru@mm is a mass-mailing worm that drops an IRC Trojan onto the infected machine. The worm gathers email addresses from certain file types and uses its own SMTP engine to email itself.

The email has the following characteristics:

From: "Microsoft" <security@microsoft.com>
Subject: Use this patch immediately !
Message:
Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!
Attachment: patch.exe

The worm will also infect exe files on NTFS partitions.

This threat is written in the Microsoft Visual C++ programming language and is compressed with UPX.

Symantec Security Response has created a tool to remove W32.Dumaru@mm.


Also Known As: PE_DUMARU.A [Trend], Win32.Dumaru [CA], W32/Dumaru@MM [McAfee], W32/Dumaru-A [Sophos], I-Worm.Dumaru [KAV]

Type: Worm
Infection Length: 9,216 bytes

NOTE: This file is not viral by itself, and therefore, Symantec antivirus products do not detect this file. Manually delete it if your system is infected with this worm.

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Systems Not Affected: Linux, Macintosh, OS/2, UNIX"
 
#9
Damn Enyo, that sucks. I dont think I have gotten one piece of spam mail in my email relating to Blaster or any of these new worms. Horray for encrytped email and junk filters :D
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,014
Latest member
sanoravies