New Virus !!!
Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: New Virus !!!

  1. #1

    New Virus !!!

    A guy send me an e-mail with the following things:
    Topic: ROW CLOSE
    Text: RAV AntiVirus has deleted this file because it contained dangerous code!
    and has two attachments:
    Name ||Size
    target.pif |92KB
    statusform[1].htm |13,3KB

    It is certainly virus as about three months ago the virus Klez.E was sent to me by the same guy. Be careful. I don't know 100% if this is the Klez.E virus because i have uninstalled the Norton Antivirus 2003 i had.
    Share on Google+

  2. #2

    New Virus !!!

    A guy send me an e-mail with the following things:
    Topic: ROW CLOSE
    Text: RAV AntiVirus has deleted this file because it contained dangerous code!
    and has two attachments:
    Name ||Size
    target.pif |92KB
    statusform[1].htm |13,3KB

    It is certainly virus as about three months ago the virus Klez.E was sent to me by the same guy. Be careful. I don't know 100% if this is the Klez.E virus because i have uninstalled the Norton Antivirus 2003 i had.
    Share on Google+

  3. #3
    Member
    Join Date
    Oct 2002
    Posts
    65

    Thanx

    I'll keep my eye out for it!
    Have you filled out an ID-10-T or PEBKAK form lately?
    Share on Google+

  4. #4
    Member
    Join Date
    Oct 2002
    Posts
    65

    Thanx

    I'll keep my eye out for it!
    Have you filled out an ID-10-T or PEBKAK form lately?
    Share on Google+

  5. #5
    A valuable tip that most of you know do:
    Don't open e-mail's attachments that have extensions .scr if you don't know the sender. Or don't open e-mails that have as attachments two file with the following extensions:
    pif-htm
    bat-htm
    jpg-htm
    gif-htm


    The htm is the target-site where you go after you opened the e-mail, if you have Outlook Express from the first to version 5.
    Share on Google+

  6. #6
    A valuable tip that most of you know do:
    Don't open e-mail's attachments that have extensions .scr if you don't know the sender. Or don't open e-mails that have as attachments two file with the following extensions:
    pif-htm
    bat-htm
    jpg-htm
    gif-htm


    The htm is the target-site where you go after you opened the e-mail, if you have Outlook Express from the first to version 5.
    Share on Google+

  7. #7
    Senior Member
    Join Date
    May 2002
    Posts
    390
    from http://www.novellshareware.com/anti-virus.shtml

    The main features: The Novell Server is fully protected! RAV offers protection both in on access mode and on demand mode. Full control of the actions to be taken when a threat is discovered: clean the virus, deny access to the file, rename, delete, or copy the file to Quarantine directory. The scanning process is performed when opening or closing a file, thus detecting when the Novell client may infect the files from the server. RAV AntiVirus notifies the user of the Novell client when a malware was detected. Also, it can optionally send the same notice to the server console. Novell GroupWise - both incoming and outgoing e-mail flow is scanned and filtered. Once the Novell GroupWise is configured to route all the e-mail to the secondary SMTP services directory, RAV Antivirus scans the mail files from that folder. The clean e-mail files are moved to the default SMTP directory in order to let Novell GroupWise to deliver it. If an e-mail contains an infected or a suspicious object then that object is moved to the quarantine directory and replaced with a text file which contains the following message: "RAV AntiVirus has deleted this file because it contained dangerous code". Scans and disinfects nested e-mail messages and e-mail attachments. Especially designed modules for scanning inside archives, which can detect infected files in all most known types of archives (zip, arj, rar, ace, lha, lhz, gzip, tar, cab, etc.); RAV AntiVirus for Novell scans archives inside archives no matter how deep they go! RAV Scheduler was designed to run automatic previously predefined tasks: you don't have to remember when and where to scan; choose your tasks, assign the specific jobs and RAV AntiVirus for Novell Networks will do the work for you! The antivirus generates on-demand and on-access detailed reports.
    RAV caught a virus for you. prolly have to look in a log or quarantine to find out what, though.
    just like water off a duck\'s back... I AM HERE.

    for CMOS help, check out my CMOS tut?
    Share on Google+

  8. #8
    Senior Member
    Join Date
    May 2002
    Posts
    390
    from http://www.novellshareware.com/anti-virus.shtml

    The main features: The Novell Server is fully protected! RAV offers protection both in on access mode and on demand mode. Full control of the actions to be taken when a threat is discovered: clean the virus, deny access to the file, rename, delete, or copy the file to Quarantine directory. The scanning process is performed when opening or closing a file, thus detecting when the Novell client may infect the files from the server. RAV AntiVirus notifies the user of the Novell client when a malware was detected. Also, it can optionally send the same notice to the server console. Novell GroupWise - both incoming and outgoing e-mail flow is scanned and filtered. Once the Novell GroupWise is configured to route all the e-mail to the secondary SMTP services directory, RAV Antivirus scans the mail files from that folder. The clean e-mail files are moved to the default SMTP directory in order to let Novell GroupWise to deliver it. If an e-mail contains an infected or a suspicious object then that object is moved to the quarantine directory and replaced with a text file which contains the following message: "RAV AntiVirus has deleted this file because it contained dangerous code". Scans and disinfects nested e-mail messages and e-mail attachments. Especially designed modules for scanning inside archives, which can detect infected files in all most known types of archives (zip, arj, rar, ace, lha, lhz, gzip, tar, cab, etc.); RAV AntiVirus for Novell scans archives inside archives no matter how deep they go! RAV Scheduler was designed to run automatic previously predefined tasks: you don't have to remember when and where to scan; choose your tasks, assign the specific jobs and RAV AntiVirus for Novell Networks will do the work for you! The antivirus generates on-demand and on-access detailed reports.
    RAV caught a virus for you. prolly have to look in a log or quarantine to find out what, though.
    just like water off a duck\'s back... I AM HERE.

    for CMOS help, check out my CMOS tut?
    Share on Google+

  9. #9
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Two things:-

    He won't have access to a log file since it resides on the RAV server that located the virus and sent him this message.........

    Secondly, the Klez virus not only sends a message to everyone in your address book but also selects one of those persons to put in the from field. It rarely if ever sends it from the email address of the person who owns the infected computer. I have witnessed this on several occasions where employees where I work are deluged with emails telling them off for spreading the Klez virus and it clearly wasn't their machine infected and a quick look at the email headers of infected emails on my mailserver proves that the senders ip address could not possibly be the machine belonging to the apparent sender.

    You can be fairly sure that it is not you, ii-monk, that has the virus. You can be absolutely sure that someone who knows you has it....... Don't bother trying to track down who unless you can get hold of the headers of an infected email and know _everyone_ in this world that has your email address in their address book.......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
    Share on Google+

  10. #10
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Two things:-

    He won't have access to a log file since it resides on the RAV server that located the virus and sent him this message.........

    Secondly, the Klez virus not only sends a message to everyone in your address book but also selects one of those persons to put in the from field. It rarely if ever sends it from the email address of the person who owns the infected computer. I have witnessed this on several occasions where employees where I work are deluged with emails telling them off for spreading the Klez virus and it clearly wasn't their machine infected and a quick look at the email headers of infected emails on my mailserver proves that the senders ip address could not possibly be the machine belonging to the apparent sender.

    You can be fairly sure that it is not you, ii-monk, that has the virus. You can be absolutely sure that someone who knows you has it....... Don't bother trying to track down who unless you can get hold of the headers of an infected email and know _everyone_ in this world that has your email address in their address book.......
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides