| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 44046 | 2004-04-05 05:09:00 | Suspicious message | John H (8) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 227290 | 2004-04-05 05:09:00 | Hi folks I have just received the following message: from account@hotmail.com to mail@paradise.net.nz Subject line Registration confirmation Protected message is attached. ++++ Service: http://www.hotmail.com ++++ Mail To: User-info@hotmail.com *** Mail- Attachment: No suspicious Virus signatures *** PARADISE.NET Anti Virus *** http://www.paradise.net.nz The attachment is pass-message.zip (99b) Does this look like a virus package to you? If that is the case, how come is is shown as having No suspicious Virus signatures by Paradise.net Anti Virus? I haven't registered with hotmail. Any ideas? Thanks John |
John H (8) | ||
| 227291 | 2004-04-05 05:25:00 | Hi John I got the same msg and thought it to be suspicious as well. I have an Hotmail account but had not changed my password. I logged into my hotmail account wiithout opening the email attachment and found my original password to be intact. I therefore deleted the suspicious email without opening the zip attachment on the bais that it could well be a virus. Hope this helps. |
Smurf (506) | ||
| 227292 | 2004-04-05 05:28:00 | Thanks Smurf. The thing smells suspicious, doesn't it? I might refer it to Paradise cos it seems to have got through their Anti Virus checker. John |
John H (8) | ||
| 227293 | 2004-04-05 05:35:00 | Definately suspicious, has virus all over it. Suspect it is Sobig.F and Paradise anti-virus may not be updated for it yet |
Jim B (153) | ||
| 227294 | 2004-04-05 06:12:00 | More on the same theme (pressf1.pcworld.co.nz) If you can, you should read all warning posts when they come along, saves you from getting caught. Cheers Billy 8-{) |
Billy T (70) | ||
| 227295 | 2004-04-05 06:18:00 | Thanks guys. I have sent it to the postmaster at Paradise. I received an auto reply saying they would reply within 4 business days... Yeah right, judging by all those happy campers on PressF1 who have reported no replies received from Paradise, which squares with my own experience in the past. Not sure why I bothered... John |
John H (8) | ||
| 227296 | 2004-04-05 07:46:00 | Hey John H, Don't point fingers at any particular virus, I'm bombarded with all these types of gateway error messages, undelivered mail etc and every attachment contains a worm type virus that my antivirus removes before I do anything silly, my antivirus then adds it's own text file to the attachment telling me what virus it was (NAV2004). They also have messages in the emails saying they have been checked etc by very well known companies who do those sorts of checking. It's weird to get a message saying it's been checked by Paradise even though you turned off your AntiVirus service, if they were still checking my emails and I had it turned off I would be annoyed. Noel Nosivad. |
Noel Nosivad (389) | ||
| 227297 | 2004-04-05 09:13:00 | Hi Noel Thanks - I haven't had one like this before . I must have misled you somehow - I do have Paradise anti virus checking turned on . I was off for a while some weeks ago cos I thought it was messing me around, but that was caused by a general Paradise system slow down, so I turned it on again once that was sorted out several weeks ago . I also have System Suite with Email virus checking turned on, and the virus defs were just updated a couple of hours before receiving the email (it didn't pick up any probs here, but I am not sure whether it looks inside . zip archives) . However, you are always left wondering whether the virus writers are one step ahead of the virus definition writers, don't you? Thanks again John |
John H (8) | ||
| 227298 | 2004-04-08 06:03:00 | Hey John H, Your AV program doesn't seem to check inside compressed files, you should see if there's a setting to do so, as viruses are sometimes found inside these files too. The virus writers work off those definitions, they try to find flaws in what's not being detected. That's the only way they are a step ahead is when they discover what's not being detected. Definitions don't hold every bit of information about the virus, it contains strings that it uses to compare it to files to see if they much. The definitions must not contains strings that would conflict with legit programs, so it's a bit of a daunting task, not being able to fully stop a virus without stopping legit programs as well. Noel Nosivad. |
Noel Nosivad (389) | ||
| 227299 | 2004-04-08 08:27:00 | It's Sober.F in case anyones interested. | whiskeytangofoxtrot (438) | ||
| 1 2 | |||||