|  |
Pages (8): [1] 2 3 4 5 6 » ... Last »
Tahoon
Lost in a Circuit...
F
Registered: May 2002
Location:
Country: Jordan
State:
Certifications: A+
Working on: Network+, MCSA
Total Posts: 1026
|
|
 A nasty VIRUS!
Hi there!
Anybody receiving the "W32/Yaha" virus e-mails?? I'm receiving them daily on my hotmail account and I can't block the sender 'cause the e-mail add. is just "k"! The virus is automatically downloaded to my PC in order to view my mails offline...... all these viruses are with .scr, A screen saver that hacks into your PC..... any advice about this!
__________________
We never know how far we can go until we try.......
Report this post to a moderator
|
|
 01-20-03 02:03 AM
|
|
mikop
Supa SUPA MAN!
Registered: Mar 2002
Location: Gimpville
Country: United States
State:
Certifications: USDA Certified Worthless Organic Matter
Working on: USDA Certified Grade A SPAM
Total Posts: 2250
|
|
|
google
search for
"w32 yaha virus"
read the first few link, symantec, sophos, mcafee etc.
there are plenty of good resources for checkup on virus definition, behavior, removal etc... get use to them.
Report this post to a moderator
|
|
|
01-20-03 02:21 AM
|
|
BlokWatch
Couterfeit Engineer
M
Registered: Oct 2002
Location: Columbia, SC
Country: United States
State: SC
Certifications: A+ Net+ MCP
Working on:
Total Posts: 799
|
|
|
From what I've read that's a nasty one. Depending on what offline client your using you may already be infected, assuming your using message preview. Most of us are guilty of that. But that worm there comes equiped with its own SMTP server and the ability to shut down most AV software.
I forget where I just read about, just recently probably through DailyRot somewhere, but do like Mikop said so find your fix. Best of luck to you.
Report this post to a moderator
|
|
|
01-20-03 02:34 AM
|
|
SomeGuy
Male DB 25
Registered: Aug 2000
Location: Bremerton
Country: USA
State:
Certifications: A+
Working on: Network+, I-Net+, CIW
Total Posts: 8911
|
|
|
|
01-20-03 02:42 AM
|
|
Tahoon
Lost in a Circuit...
F
Registered: May 2002
Location:
Country: Jordan
State:
Certifications: A+
Working on: Network+, MCSA
Total Posts: 1026
|
|
|
Hi guys!
Thanks for the posts..... can my PC be infected without me knowing it?? Actually, the Mcafee detects the virus since I recieve it & I delete it... it comes as a screen saver attachment and I don't open it..... could it be executed just with it being n my sys & w/o me double clicking the icon? Any ideas, please..
Thanks mikop, I'm browsing the search resluts now 
__________________
We never know how far we can go until we try.......
Report this post to a moderator
|
|
|
01-20-03 02:48 AM
|
|
SomeGuy
Male DB 25
Registered: Aug 2000
Location: Bremerton
Country: USA
State:
Certifications: A+
Working on: Network+, I-Net+, CIW
Total Posts: 8911
|
|
|
If you use Outlook it can be. Otherwise you're ok. Lesson: don't use Outlook.
__________________
A lazy idiot is the hardest worker. He tries to find the easiest path and always fails.
-SomeGuy-
Report this post to a moderator
|
|
|
01-20-03 03:00 AM
|
|
vincentnl
One In A Million
M
Registered: Apr 2002
Location: London
Country: United Kingdom
State:
Certifications: Nothing related to Information Technology
Working on: None.
Total Posts: 880
|
|
quote:
Originally posted by SomeGuy
If you use Outlook it can be. Otherwise you're ok. Lesson: don't use Outlook.
Oh dear, I was going to mention try using Outlook Express. It's block sender section is very effective. You would need to delete your deleted section though or check it regularly.
__________________
If I ask a question, it's because I am in doubt.
If I make fun of you, it's because you are ugly.
If I don't laugh, it's bacause I didn't get the joke.
Reading is only fun when you make it fun.
VincentNL's website is available here
Life is full of expectations, you take your chances but watch your limitations...
Report this post to a moderator
|
|
|
01-20-03 03:09 AM
|
|
Tahoon
Lost in a Circuit...
F
Registered: May 2002
Location:
Country: Jordan
State:
Certifications: A+
Working on: Network+, MCSA
Total Posts: 1026
|
|
|
quote:
Originally posted by SomeGuy
If you use Outlook it can be. Otherwise you're ok. Lesson: don't use Outlook.
I'm not using Outlook anymore..... Using Incredimail..... worse??
I hate VIRUSES and programming, either!
__________________
We never know how far we can go until we try.......
Report this post to a moderator
|
|
|
01-20-03 03:16 AM
|
|
BlokWatch
Couterfeit Engineer
M
Registered: Oct 2002
Location: Columbia, SC
Country: United States
State: SC
Certifications: A+ Net+ MCP
Working on:
Total Posts: 799
|
|
|
From what I read that worm and its variations write a registry entry that causes them to execute anytime you system runs any executable. You are better off without Outlook, mainly because alot of worms only target Outlook/OE. Really though, if its embedded in the message itself, then the preview function of almost any email client can allow it to run. This is far less common than the run of the mill virus attachments. This worm has 2 parts you need to nothing with the attachment portion yourself (in this case the .scr file). When the first portion runs it will take of the rest for you.
In general though, your ussually better of ditching Outlook and IE, and anything else you can that says MS on it. But at least scrap the use of Internet Explorer and any Outlook.
Report this post to a moderator
|
|
|
01-20-03 03:26 AM
|
|
SomeGuy
Male DB 25
Registered: Aug 2000
Location: Bremerton
Country: USA
State:
Certifications: A+
Working on: Network+, I-Net+, CIW
Total Posts: 8911
|
|
|
Many virii (ok, about 99%) use security holes in IE and/or Outlook to infect your machine without your intervention. In fact, if you don't have Outlook it's very rare to find a virus that you can spread, they almost all use the Outlook address book to spread.
__________________
A lazy idiot is the hardest worker. He tries to find the easiest path and always fails.
-SomeGuy-
Report this post to a moderator
|
|
|
01-20-03 05:20 AM
|
|
|
Forum Rules:
Who Can Read The Forum? Any registered user or guest.
Who Can Post New Topics? Any registered user.
Who Can Post Replies? Any registered user.
Changes: Messages can be edited by their author.
Posts: HTML code is OFF. Smilies are ON. vB code is ON. [IMG] code is ON. |
|
ExamNotes forum archive
|
