Return to index: [Subject] [Thread] [Date] [Author]

RE: WM.Colors.AK Virus possibly received

[Subject Prev][Subject Next][Thread Prev][Thread Next]
Sounds like it might be the Colors virus; see
http://www.europe.f-secure.com/v-descs/colors.htm for details.

Regards,

Peter Debney
3D+ Product Manager
CSC
Tel: +44 113 239 3000
Fax: +44 113 255 3917
peter.debney(--nospam--at)cscworld.com
http://www.cscworld.com


-----Original Message-----
From:	SEConsultant [mailto:seconsultant(--nospam--at)earthlink.net]
Sent:	15 March 2000 05:45
To:	seaint(--nospam--at)seaint.org
Subject:	RE: WM.Colors.AK Virus possibly received

I've used Outlook for a long time and have not had any problems with viruses
other than one or two which were launched by me. As far as I know, there is
no way to automatically open executables in Outlook. They are retrieved but
you must manually launch them - which is the problem that happened with the
worm I received from someone on the list.
That was a particularly strange one because the worm tricked the user into
believing that they launched a executable zip file with a CRC error. Little
did I know that it modified my Win.ini file to automatically launch the
virus portion which then attacked my MAPI files and duplicated all copies of
the original infected file and automatically sent the file back to the list.
Fortunately, I discovered it before anything was sent. However, if I had a
DSL connection it would have put some 2Gigs of messages back on the server.

That was a tricky little bugger.

What was the message that contained the WM.Colors.AK Virus - subject line
and attachment name?

Dennis

-----Original Message-----
From: Roger Turk [mailto:73527.1356(--nospam--at)compuserve.com]
Sent: Tuesday, March 14, 2000 5:46 PM
To: seaint(--nospam--at)seaint.org
Subject: RE: WM.Colors.AK Virus possibly received


I looked thru all attachments that came thru today (March 14, 2K) and they
were all HTML versions of the ASCII message.

One strange post that I received today had three parts, all of which were
binary (or perceived as binary) by my ISP, and I deleted them.  Normally,
parts two or three are saved in my Download directory but these weren't.

Outlook is notorious for being easily infected thru e-mail downloads,
particularly if you have it set to automatically open attachments.  Windoze
is equally notorious for being infected.  One virus that I have heard of
sends a 1 pixel by 1 pixel icon to your screen, which does not get noticed,
then executes the icon.  Javascript can take over your computer and do
things
to it that you could not imagine.

A. Roger Turk, P.E.(Structural)
Tucson, Arizona

Discoe, Maia wrote:

>>No, not an attachment.  It occurred when I started to open a message.  The
virus affected a file that allows me to have rich text attributes in my
email (MS Outlook 2000).  I keep Norton AntiVirus updated and enabled
(checks files as they are opened) so I assume that the virus came with the
email.  I admit I am a little confused about how this works; I thought a
virus could only come in through an executable file. It was our resident
computer guru that said it came from the email I was opening.  Perhaps
someone out there can shed more light on the subject.

I would also like to state that I am in no way making accusations or trying
to point fingers.  I just wanted to point out a possible problem we may all
have in common.  An ounce of prevention . . . . .

-----Original Message-----
From: SEConsultant [mailto:seconsultant(--nospam--at)earthlink.net]
Sent: Tuesday, March 14, 2000 1:58 PM
To: seaint(--nospam--at)seaint.org
Subject: RE: WM.Colors.AK Virus possibly received from seaint group

Was it received as an attachment that you opened? Please tell us more.

Dennis<<