|
-
February 7th, 2001, 09:38 AM
#1
Does anyone know anything about an email that is received with the return address of [email protected] (this is the ip address of the machine that sent the email).
Is this a virus? I searched the different antivirus sites and have not found anything.
-
February 7th, 2001, 09:47 AM
#2
Ummm I think when I had a customers PC that was infected with the KAK virus, it had originated from an email that appeared to be sent from a NULL address. Be careful because if it IS KAK then it's a real bugger to get rid of. It causes Internet Explorer to crash when you visit the antivirus research centre (www.sarc.com) so I guess that's one way of finding out if you've got it or not! Happy virus hunting!!
------------------
[ i N S A N i T Y 2 0 o 1 ]
-
February 7th, 2001, 10:11 AM
#3
Thanks for the quick response. I wasnt familliar with this version of the KAK virus, I checked the registry on the infected machine and it was there. Thanks for your help
-
February 7th, 2001, 03:21 PM
#4
KAK is fairly easy to get rid of if you remember to fdisk /mbr with a clean, protected boot disk after you clean the system.
------------------
Sarchasm: The gulf between the author of sarcastic wit, and
the recipient who doesn't get it.
-
February 8th, 2001, 11:10 AM
#5
I just found that this is not the KAK virus, but is W95.Hybris.Gen.dr
I couldnt find anything about it at sarc, does anyone know anything about this virus.
What it does, and how to get rid of it.
-
February 8th, 2001, 12:20 PM
#6
Go here for info : http://vil.nai.com/vil/dispVirus.asp?virus_k=98873
Free virus checkers that will cure your problem include F-Prot ( www.complex.is/f-prot ) and InnoculateIT ( www.cai.com )
Good luck !
------------------
Still scrambling up the learning curve ...
-
February 9th, 2001, 08:54 PM
#7
W95.Hybris is a worm that spreads by email as an attachment to outgoing emails. It was discovered in late September of 2000. Although very few reports of infection were reported in October 2000 when the worm was discovered, the worm is becoming more common in November and December
The message may include the text "Snow White and the Seven dwarves" and the attachment may have one of several different names, including, but not limited to:
anpo porn(.scr
atchim.exe
branca de neve.scr
dunga.scr
dwarf4you.exe
enano porno.exe
joke.exe
midgets.scr
sexy virgin.scr
Use Norton AntiVirus to repair the infected WSOCK32.DLL. Other files detected as W95.Hybris contain only the virus body and must be deleted.
http://www.sarc.com/avcenter/venc/da...ybris.gen.html
------------------
Everywhere you go, there you are...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
Bookmarks