Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Spam, Scam and Phishbusters » Greeting card virus spam - Autoloaded
Search Topic:
Uniqs:
232		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Phish Tracker ·Anti-Phishing Work Group ·Avoid Phishing
[scam] Weird email received -Spamming? »
« BestBuy Coupon (is a FRAUD)  
AuthorAll Replies


rfnut
Premium
join:2002-04-27
Fisher, IL
·Mediacom

reply to caesarv
Re: Greeting card virus spam - Autoloaded


AVG Detected
AVG caught it right off.
to forum · permalink · · 2005-09-09 07:05:47 · Reply to this


nwrickert
sand groper
Premium,MVM
join:2004-09-04
Geneva, IL
·AT&T U-Verse
·AT&T Midwest

reply to caesarv
I downloaded, but I won't run it. It is a 920K windows executable. I looked for interesting text messages, but couldn't find any. It does appear to reference
KERNEL32.DLL
ADVAPI32.DLL
COMCTL32.DLL
COMDLG32.DLL
GDI32.DLL
OLE32.DLL
SHELL32.DLL
USER32.DLL

The chances are high that it is malware.

I suggest that you edit your post to deactivate the link. I usually do that by changing the ":" to "<b>:</b> which puts the colon in bold (not noticable) but prevents the link from being clickable. Someone who really wants to can still cut and paste.
to forum · permalink · · 2005-09-08 23:46:28 · Reply to this


Mordy
Comfortably Numb
Premium,MVM,ExMod 2004-07
join:2001-12-02
Denver, CO
·Comcast Formerly ..

reply to caesarv
It's this »us.mcafee.com/virusInfo/default.···k=100021

Only mcafee found it (I scanned with quite a few different scanners). Seems like a pretty old virus.
--
Give generously to the Red Cross Hurricane Disaster Relief Fund
to forum · permalink · · 2005-09-08 23:35:53 · Reply to this


Dude111
An Awesome Dude
Premium
join:2003-08-04
USA
·Time Warner VOIP

reply to caesarv
I went to the site and a file download box opened and wanted to DL "postcard041083.jpg.exe" (I assume that is the date April 10 1983) I DLed it and my AV did not flag it as a bad file,HOWEVER,I AM NOT GONNA EXECUTE IT (Just in case)

Anyone else??
to forum · permalink · · 2005-09-08 23:31:29 · Reply to this


caesarv

join:1999-08-02
Santa Rosa, CA

1 edit		 I got this obvious fake greeting card email that wanted me to click on a fake link that went to »61.120.121.218 /%7Ecustomer/index.html, which I believe may be in Japan.
I tried to avoid clicking on the link, but my curiosity got the better of me. I first tried just the IP address alone but nothing was there. I then tried the entire link and the page immediately loaded AND a download was immediately started (BTW, I use Firefox 1.06). The file name was something that ended in .jpg.exe so I am fairly certain it was nothing good, not that I was expecting anything good! Anyhow, I quickly canceled the download and left the site.

Any brave souls out there with a disposable computer want to figure out what that really is? If it automatically downloaded the file, would it have automatically executed it too?

Edit: I added a space in the URL to prevent accidental clicking of the entire link. Now you will only get to the harmless parent directory.
to forum · permalink · · 2005-09-08 22:51:49 · Reply to this
Forums » Up and Running » Security » Spam, Scam and Phishbusters[scam] Weird email received -Spamming? »
« BestBuy Coupon (is a FRAUD)  

Monday, 30-Nov 22:59:23 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [50] Baltimore To Ban Lazy Cable Installs
· [42] Broadband Killed The Game Console
· [31] Rural Carriers Quickly Embracing Fiber
· [28] AT&T Top Lobbyist Cicconi Has His Feelings Hurt
· [23] Charter Exits Chapter 11
· [21] Midcontinent Socked With Easement Lawsuit
· [3] Monday Morning Links
· [2] Monday Evening Links
Most people now reading
· Heating - my dad gave me this advice... [Home Repair & Improvement]
· Is Microsoft Technet ok to use for my family PC's? [Microsoft Help]
· [NFL] Week 12 Games Thread [Sports Chat]
· Connecting to Google Voice Via SIP [VOIP Tech Chat]
· Windows 7 boot manager editing questions [Microsoft Help]
· Are GPS's better today? [General Questions]
· ToC 4th boss - Preliminary Strategy for Twin Valkyr [World of Warcraft]
· [Rant] called out sick! [Rants, Raves, and Praise]
· Issues tonight in North TX? [AT&T Southwest]
· Considering Leaving Vonage, who should I Consider? [VOIP Tech Chat]