Strange E-Mail from Microsoft... Virus?!

N

Nedreplan

Guest
I just received an e-mail from Microsoft which says:

"Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!"

And with it is a file called "Patch.exe" Size: 9.48 kb

The sender is: security@microsoft.com

but if I look at the source of the E-mail it says:
Return-Path: <admin@duma.gov.ru>
the the very top...

For me this is VERY suspicious...

So.. what do you think?? MSBlast?, sobig...or?? :p

I have not opened the letter just pre-viewing it without touching the "Patch.exe"-file.
 
Delete the mail. You could always download the official RPC patch from Microsoft's site, if you haven't done so already.
 
Virus (or similar) without a doubt.

Get rid of is sharpish!!
 
Got rid of it..:)
And I will out of safty run the Symantec "FixBlast"

Are some people so bored so they sit and create viruses just to mess up other peoples lifes?..!..*wondering*
I was at my sister's house yesterday and got rid of a MsBlast they had on the computer...it kept restarting so I was very suspicious...

Thanks !!! :)
 
Damn. You should have quaranteed the email and contacted Macafee or Norton and asked if they wanted the email. They are constantly looking for new viruse threats.

Oh well, maybe next time.
 
Bummer!!!
I did not know that.
Yes, I should have done so.
Only way to crack these losers who makes these viruses if we all work togheter.....
 
By the way..
I was talking to a friend of mine on the phone, and he have recieved the same message as I did.
The virus is: W32.Dumaru@mm

There is a fix for it on http://www.symantec.com, under "Download Virus Removal Tool"
There you can find others, for other type of viruses.
But of course... nothing is as good as having a full anti-virus program installed... and frequently updated, especially now.

http://securityresponse.symantec.com/avcenter/tools.list.html

"W32.Dumaru@mm is a mass-mailing worm that drops an IRC Trojan onto the infected machine. The worm gathers email addresses from certain file types and uses its own SMTP engine to email itself.

The email has the following characteristics:

From: "Microsoft" <security@microsoft.com>
Subject: Use this patch immediately !
Message:
Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!
Attachment: patch.exe

The worm will also infect exe files on NTFS partitions.

This threat is written in the Microsoft Visual C++ programming language and is compressed with UPX.

Symantec Security Response has created a tool to remove W32.Dumaru@mm.


Also Known As: PE_DUMARU.A [Trend], Win32.Dumaru [CA], W32/Dumaru@MM [McAfee], W32/Dumaru-A [Sophos], I-Worm.Dumaru [KAV]

Type: Worm
Infection Length: 9,216 bytes

NOTE: This file is not viral by itself, and therefore, Symantec antivirus products do not detect this file. Manually delete it if your system is infected with this worm.

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Systems Not Affected: Linux, Macintosh, OS/2, UNIX"
 
Microsoft.jpg


What does this tell you :)

Many worms use this method, users are very much taken in by emails seemingly from MS or "Administrator" :rolleyes: As above Dumaru is doing the rounds and you can see it in the screenshot above.

Microsoft Policies on Software Distribution
 
Damn Enyo, that sucks. I dont think I have gotten one piece of spam mail in my email relating to Blaster or any of these new worms. Horray for encrytped email and junk filters :D
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back