|
-
July 25th, 2001, 12:03 PM
#1
Sircam Virus ALERT
The Sircam virus seems to be spreading. For the past 2 days I received 3 emails from people that I do not know. All contained attachments & all had the virus.
The text of the email contains:
Hi! How are you?
I send you this file in order to have your advice (there are variations on this line)
See you later. Thanks
The attachments may appear on the face of it to be excel or word documents but they end in com.
Please make sure that you are running up to date antivirus software. DO NOT open any file attachments at all, even from people that you know, without scanning the files FIRST!
Heres the Norton link about this virus http://www.sarc.com/avcenter/venc/[email protected]
If you need the removal tool it is in the link.
------------------
In the beginning there was the command line
In the beginning there was the command line
-
July 26th, 2001, 01:38 PM
#2
Everyone says this spreads via your address book or other e-mail addresses that you have on your computer. I have trouble believing that simple because I haven't recieved a single instance of SirCam from someone I know. It's all been complete strangers. I get 10 or 12 virus-carrying e-mails a day, and they are people I have never communicated with, ever.
If someone could explain this, I would be in their debt, because this is really irritating.
------------------
If at first you don't succeed, destroy all evidence that you tried
If at first you don't succeed, destroy all evidence that you tried
-
July 26th, 2001, 08:27 PM
#3
The virus contains its own SMTP client and uses that to spread, instead of sending the emails through Outlook. That means it can forge the From: header to whatever it likes instead of being restricted to the infected user's actual details. Infection steps 10 and 11 at that Symantec link describe exactly where it gets the data from.
Safe computing is a habit, not a toolkit.
-
July 27th, 2001, 06:24 AM
#4
Correct tuttle (as usual  )
It searches the folders that are referred to by the registry keys
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\
Shell Folders\Cache
PCsolutions and I both recieved this nasty several times this week to our email addresses which are available on the main software forum page here (top left). These email addresses are in the IE cache of everyone who loads that page.
McStagger, I can only assume your email address is posted somewhere on the internet.
------------------
Sean (Smurfy)
....................
Please remember that others may need to know the outcome of your problem so please keep us updated.
-
July 27th, 2001, 09:26 AM
#5
Thanks, I though I had read that somewhere (probably the SARC site), but I wasn't sure. This virus isn't really a problem for me, other than filling my inbox with junk, because I usually don't read e-mail from people I don't know and I never open their attachments. I was just curious. Thanks alot everyone, you've helped alot.
------------------
If at first you don't succeed, destroy all evidence that you tried
If at first you don't succeed, destroy all evidence that you tried
Thread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
