新病毒∼∼NU的用戶小心∼

[changjac]

最近收信時開了一個檔
主旨大概是'a funny game'或'a excite game'之類的，但附檔是一個執行檔（exe)及網頁檔(.htm)
信中內容為：
This is a special funnygame This game is my first work. You're the first player.
I wish you would like it.

執行後沒有反應，無異狀

但是過十分鐘後NU防毒的圖示不見了

重開後漸漸有軟體無法執行（如ACD）

接下來無法灌NU的軟體

若你有解毒的程式，麻煩寄給我∼

happypig@mail2000.com.tw

若你對病毒有興趣∼∼

來信我可以將病毒給你研究。

[Arnor]

殘念~~

小弟講個觀念大家參考一下.
希望對大家有幫助.
到 outlook express 的版面配置, 把預覽窗格拿掉, 以後看信時柄持著一個原則, 就是莫明奇妙的信就不要double click 來看了, 直接砍掉, 沒什麼損失的....

_________________
*若是想問問題的話, 請務必不要塗改任何 IP, 網域資料, 您若不願貼上IP或網域, 請改以電子郵件來詢問. 謝謝您的配合.*
*若是回報疑似軟體的運行或邏輯或資料處理有誤的問題, 小弟很樂意去了解您的情況, 但請務必以最新版來做回報, 如果以郵件詢問, 請參考 http://www.raidenmaild.com/tw/feedback.html 的說明, 最好標題加個 RaidenMAILD 字樣, 才不致會遺漏了您的信唷. 謝謝您的配合^^*
*在版上發文請遵守網路禮儀, 並請持著虛心敘述問題請教他人, 凡發現違反的文, 均一律刪除為優先, 不另行通知喔.
*與使用者教學相長腦力激盪是我輩成就感的來源, 誠心希望您能不吝指教.
*雷電MAILD 知識庫文件 http://www.raidenmaild.com/tw/kb/

素還尊
Team John Long.
Email: arnor@raidenmaild.com
公司網站 http://www.raidenmaild.com/company/

[violet]

「求職信病毒」千變萬化，全球陷入恐慌，趨勢科技今天(18日)再度發佈高度風險病毒警訊
您中的應該是這隻吧
http://www.trend.com.tw/vinfo/ 病毒介紹
http://www.trend.com.tw/corporate/techsupport/cleanutil/index.htm 清除程式下載

[Weijay]

NU是什麼??
是指NAV(Norton Anti Virus)嗎?

[march]

上星期我分別收到5封不同主旨內容及有附加檔的信,但都是被我ZoneAlarm檔住,我開啟資料夾後NAV還會跳出來警告!但最後這封fungame NAV竟然沒有跳出來警告?還好這5封來源都一樣我並未開啟,但如果是變種病毒不用開啟直接預覽就會中毒的話那就太可怕啦!
對了!要請問尊老大,我灌完MAILD後NAV的常駐程式小圖示就不見了,移除MAILD後就自動恢復,請問這樣有影響嗎?

[violet]

小心WORM_KLEZ.G盜用您的名義發信
轉載趨勢病毒資訊
來源病毒: WORM_KLEZ.A
在網路流傳: 會
發現日期: 2002/04/17
可偵測的日期: 2002/04/17
可偵測之最新病毒碼: 265
(病毒碼說明)
可偵測之最新掃描引擎: 5.200
語言:
English
發現日期:
04/17/2002
平台: Windows
加密: 不會
病毒大小: 94,932 Bytes

詳細內容:
Mass-mailing routine
To propagate copies of itself, this worm uses its own SMTP engine to send an email containing its executable program. It has several ways of collecting its spoofed source email address and target email address.

It randomly chooses its target users from the above pool of email addresses and from the email address that appear in the From field of the email.


_________________
歡迎來偶的小站逛逛囉!!!
新開幕沒什人氣...
^_^
http://Rice-Worm.d2g.com/

[ 這篇文章被編輯過: violet 在 2002-04-19 10:58 ]

[kevinpisces]

[donsonyang]

如果有提供attached filter中毒的機率大慨降低百分之50吧!!
Klez.h
attached file : align[1].scr

Subject : Virus Alert - PE_MOE.A, WORM_MYLIFE.I, ABAP_RIVPAS.A

There are three dangerous worms spreading, their names are PE_MOE.A, WORM_MYLIFE.I, ABAP_RIVPAS.A

IMPORTANT: Delete these message without opening them. Also ensure that the message is deleted from your deleted items folder.

VIRUS INFORMATION:

1. PE_MOE.A

This is a polymorphic mass mailing worm that propagates via
Microsoft Outlook. It also infects EXE and SCR files in the current folder
where it was executed, as well as files in your Windows and System folder.

For the email message, it contains 20 varying messages
(subject/message body/attachment) which it will pick radomly when sending
out emails.

Subject: Seduccion
Body: Cap.3 El arte de provocar.
Attachment: s_CAP3.EXE

Subject: Humano
Body: El Ser Humano que pudiste ser.
Attachment: HUMANO.EXE

Subject: Musica
Body: Esta es la musica que te prometi.
Attachment: MUSIC.EXE

Subject: Mujer
Body: La mujer mas bella...
Attachment: MUJER.EXE

Subject: Hombre
Body: Un hombre entero.
Attachment: HOMBRE.EXE

Subject: Confesion
Body: +Ya sabes que fui yo?.
Attachment: CONFESION.EXE

Subject: Infidelidad
Body: Las imagenes de tu infidelidad.
Attachment: INFIEL.EXE

Subject: Belleza
Body: +No estas conforme con tu apariencia?
Attachment: BELLEZA.EXE

Subject: Relaciones casuales
Body: Esta es la lista para esta semana.
Attachment: LISTArc.EXE

Subject: Tus deseos
Body: Si te conforman, puedo enviar mas.
Attachment: DESEOS.EXE

Subject: Mi secreto
Body: Recorda tu promesa!
Attachment: SECRETO.EXE

Subject: La clave
Body: No la vuelvas a perder, no abuses.
Attachment: CLAVE.EXE

Subject: Enojo
Body: Cuando veas esto, se te pasa.
Attachment: YO.EXE

Subject: Perdon
Body: Crei que ya lo habia enviado.
Attachment: FEOS.EXE

Subject: Responde!
Body: Nunca respondiste. No seas cruel.
Attachment: PASION.EXE

Subject: Cita
Body: Me gusto lo que enviaste. Si te gusta, arreglamos.
Attachment: CITA2.EXE

Subject: Papelon
Body: Te dije que es demasiado gorda. Mira!
Attachment: GORDA.EXE

Subject: Renuncio
Body: No puedo mejorarlo, ya es perfecto.
Attachment: CUERPO.EX

Subject: Monstruo
Body: Ahora te creo. Pobre mujer!
Attachment: MONSTRUO.EXE

Subject: Joven
Body: Disculpa, sos demasiado joven para mi.
Attachment: JOVEN.EXE

Size of email : Unknown

2. WORM_MYLIFE.I

This is another variant of the MYLIFE worm created in Visual Basic
that is UPX-compressed. It uses Microsoft Outlook to spread to all users
listed in the user's address book.

The email comes with the following contents:

Subject: peeeeep picture
Body: hi all, H look to the 3D Picture it's very sad
Attachment: peeeep~~~.scr
Size of email : Unknown

3. ABAP_RIVPAS.A
This proof of concept virus infects SAP R/3 programs and reports.
Upon execution, this virus, which is written in Advanced Business
Application Programming Language (ABAP), will attempt to find the SAP report
directory in the system, wherein it will search for functions and reports to
infect on the said path.



Virus Implications :
PE_MOE.A polymorphic, mass-mailing worm arrives as an attachment. Upon execution it drops a copy of itself in the Windows directory. The dropped file can be of any name with the extension of .exe.

[Arnor]

還有,
在看信件時覺得懷疑就先按右鍵看它的原始碼,
有