Like Tree0Likes

Hey OSO Steve: You have the bug!

Old 02-04-2004, 10:27 AM
Platinum Member
Platinum Member
Thread Starter
CigDaze's Avatar
Join Date: Jun 2001
Location: St. Petersburg, FL
My Boats: Cigarette 35 Cafe Racer
Posts: 21,346

Originally posted by OffshoreOnly
Does his one go through your e-mail list like most of the others?
Yes it does, very similar to the others of recent times.

Nort/MNFastboat, you could be correct, but this one wasn't "undeliverable." It came directly from OSO with like a hundred other addresses besides mine, I even recognized a few of them, but not many.
CigDaze is offline  
Reply With Quote
Old 02-04-2004, 10:28 AM
Platinum Member
Platinum Member
Thread Starter
CigDaze's Avatar
Join Date: Jun 2001
Location: St. Petersburg, FL
My Boats: Cigarette 35 Cafe Racer
Posts: 21,346

Originally posted by cuda
When I click on removal tool,it keeps cycling me back around to where I was.
Cuda, here's a more direct link
CigDaze is offline  
Reply With Quote
Old 02-04-2004, 12:04 PM
My EX got the Sleekcraft
Platinum Member
gdfatha's Avatar
Join Date: Apr 2002
Location: Apopka, Florida
My Boats: Sadly, no longer have: Sleekcraft 24'
Posts: 3,016

On 1/31/04 I received a email from OSO directly and had no problem. I use AOL and Norton Virus scan and they did not burp upon receipt.

It did not include an attachment as sooo many virus require..
gdfatha is offline  
Reply With Quote
Old 02-04-2004, 12:31 PM
Join Date: Jul 2002
Location: Houston,texas
My Boats: n/a
Posts: 1,387

Originally posted by Baja Daze
I got an e-mail from [email protected] with the telltale subject line "hi," the body of the message was a bunch of garbage ascii text and a *.zip file.

Antivirus companies say latest e-mail worm spreading fast
MATTHEW FORDAHL, AP Technology Writer
Monday, January 26, 2004
2004 Associated Press


(01-26) 21:09 PST SAN JOSE, Calif. (AP) --

A malicious program attached to seemingly innocuous e-mails was spreading quickly over the Internet on Monday, clogging network traffic and potentially leaving hackers an open door to infected personal computers.

The worm, called "Mydoom" or "Novarg" by antivirus companies, usually appears to be an e-mail error message. A small file is attached that, when launched on computers running Microsoft Corp.'s Windows operating systems, can send out 100 infected e-mail messages in 30 seconds to e-mail addresses stored in the computer's address book and other documents.

The attack was first noticed Monday afternoon. Within hours, thousands of e-mails were clogging networks, said Vincent Gullotto, vice president of Network Associates' antivirus emergency response team.

Besides sending out e-mail, the program appears to open up a backdoor so that hackers can take over the computer later.

"As far as I can tell right now, it's pretty much everywhere on the planet," Gullotto said.

Security software experts were scrambling to decrypt the details of the malicious program and were arriving at different conclusions.

Symantec, an antivirus company, said the worm appeared to contain a program that logs keystrokes on infected machines. It could collect username and passwords of unsuspecting users and distribute them to strangers.

Network Associates did not find the keylogging program.

The worm also appears to deposit its payload into folders open to users of the Kazaa file-sharing network. Remote users who download those files and run them could be infected.

Symantec also found code that would flood The SCO Group Inc.'s Web site with requests in attempt to crash its server, starting Feb. 1. SCO's site has been targeted in other recent attacks because of its threats to sue users of the Linux operating system in an intellectual property dispute. A SCO spokesman did not return a telephone call seeking comment Monday.

Overall, the computer security firm Central Command confirmed 3,800 infections within 45 minutes of initial discovery.

"This has all the characteristics of being the next big one," said Steven Sundermeier, Central Command's vice president of products and services.

It appeared to first target large companies in the United States -- and their large address books -- but quickly spread internationally, said David Perry, global director of education at the antivirus software firm Trend Micro.

Unlike other mass-mailing worms, Mydoom does not attempt to trick victims by promising nude pictures of celebrities or mimicking personal notes. Instead, one of its messages reads: "The message contains Unicode characters and has been sent as a binary attachment."

"Because that sounds like a technical thing, people may be more apt to think it's legitimate and click on it," said Steve Trilling, Symantec's senior director of research.

Subject lines also vary. The attachments have ".exe," ".scr," ".cmd" or ".pif" extensions, and may be compressed as a Zip file.
this is all to do with Janets stunt at halftime, causing this mess Monday morning.
HOUSTONPROP is offline  
Reply With Quote
Old 02-04-2004, 02:42 PM
Join Date: May 2001
Location: Indiana
Posts: 775

Those error emails actually contain the worm itself. Don't open them.

The address the worm uses is harvested from the infected computer's address book. So the person in the FROM box, probably is not the one who sent it.

From above:

"The worm..usually appears to be an e-mail error (ie: mail undeliverable) message."
BK is offline  
Reply With Quote
Old 02-04-2004, 02:44 PM
RollWithIt's Avatar
Join Date: Jun 2003
Location: Pittsburgh
My Boats: 98 Baja 36 Outlaw
Posts: 6,098

this is why I keep my address book empty.
RollWithIt is offline  
Reply With Quote
Old 02-04-2004, 03:46 PM
Platinum Member
Platinum Member
CAP071's Avatar
Join Date: Jul 2001
Location: USA
Posts: 16,430

I seem ok here
CAP071 is offline  
Reply With Quote
Old 02-04-2004, 06:47 PM
Neno the mind boggler
VIP Member
Trade Score: (1)
glassdave's Avatar
Join Date: Sep 2001
Location: toledo oh
My Boats: Batboat, 38 Scarab Thunder, 16 Sidewinder, 27 Magnum
Posts: 12,667

i ran the symantic linc that you guys put up and it said i did not have it but i know i have had a few of those returned email things in my mail. . . .hmm . . . could i get those if i checked my mail from another computer that has it or is that the virus being emailed from some one else that has it ? i am pretty sure i never opened any of them. never do unless i know who its from.
Throttles- Cleveland Construction 377 Talon
08 OPA Class 1 National Champion
08 Class 1 Geico Triple Crown Champion
08 OPA High Points Champion
10 OPA Class 1 National Champion ( happy now Ed! )

Last edited by glassdave; 02-04-2004 at 06:50 PM.
glassdave is offline  
Reply With Quote
Old 02-04-2004, 06:53 PM
PhantomChaos's Avatar
Join Date: Dec 2000
Location: Bell Canyon, CA
My Boats: Formula FASTech 382 Sunseeker Apache 45
Posts: 12,756

The return email don't mean you even sent it out. The virus sends itself out there with spoofed email addresses that it has collected from infected machines that might have your email address in it. It sticks your email address as the sender and sends to some other sucker, and that might be a bad address....then the email bounces back to you since your address was in the senders field.

Simple stuff!
PhantomChaos is offline  
Reply With Quote
Old 02-04-2004, 08:56 PM
georges's Avatar
Join Date: Feb 2001
Location: Cape Coral Fl
My Boats: 1978 Pantera 24 (sold) 1988 Donzi 18 Classic
Posts: 1,363

It is best to just delete anything that has *%#!*&gobbledygook in the sender's id, especially if it is an .exe file. Just delete them all, along with any that refers to an undelivered msg.
georges is offline  
Reply With Quote

Related Topics
Thread Starter
Last Post
General Boating Discussion
12-11-2007 10:59 PM
General Boating Discussion
05-15-2006 10:11 AM
Cash Bar
General Boating Discussion
11-28-2004 12:13 AM
Pure Energy
General Boating Discussion
03-14-2003 10:36 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

All times are GMT -5. The time now is 01:24 AM.

Copyright 2011 OffShoreOnly. All rights reserved.