More viruses being sent directly to list users
John Campbell
r3campbell at HOTMAIL.COM
Mon Dec 20 09:34:23 EST 1999
I noticed the same thing with the Bubble Boy attachment that I received
yesterday. The McAffee didn't pick this one up either. Apparently either
McAffee hasn't been updated with the latest DAT files, or this joker has
found some way to "mask" his crap from the virus scanners. Everybody should
take heed, and be sure to delete this stuff and don't depend on antivirus
software to pick these things up.
73......John <<w8jnc>>
>From: Dan Ferguson <df at MNSINC.COM>
>Reply-To: Dan Ferguson <df at MNSINC.COM>
>To: HEATH at LISTSERV.TEMPE.GOV
>Subject: Re: More viruses being sent directly to list users
>Date: Sun, 19 Dec 1999 19:43:23 -0500
>
>Yes, I also got the HOG.EXE file, also in an email forged to make it look
>like it came from myself, with a subject the same as something I posted
>recently to the R-390 list. And McAfee Virus Scan did NOT identify it as
>infected. I still didn't open it.
>
>Dan
>
>
>*********************************************************
>Dan Ferguson K4VOA Northern Virginia
>df at mnsinc.com
>
> GOOD HOME PROVIDED FOR WAYWARD HEATHKIT EQUIPMENT
>
>Wanted:
>HEATHKIT SB-110A Transceiver - state condition & price
>
>National NC-190 Receiver - state condition & price
>*********************************************************
>
>At 12/19/1999 06:22 PM , John Farrington wrote:
>>Virus attachments to E-mails continue to be E-mailed directly to users
>>of this list (not via the list): ^^^^^^^^
>> ^^^^^^^^^^^^^^^^
>>On 12/18/99 Dave (AI7R, List Admin) mentioned that:
>> > Myself and at least one other person has gotten a message from an
>> > unknown source that contained what looked like a copy of the bboy.exe
>> > (Bubble Boy) virus. We didn't open it to find out of course, and
>> > that's exactly what you have to do if you get one...not open it.
>>
>>Today I received a similar worm attachment named "HOG.EXE", so be
>>warned that someone with access to this list is sending destructive
>>virus/worm files directly to our E-mail addresses copied from the
>>list. There is a notice about these worms and others on Symantec's
>>site at:
>>
>> http://www.symantec.com/avcenter/venc/data/worm.newapt.html
>>
>>The E-mail message will have a subject line from messages posted on
>>the Heath list, and the return address may be forged to make it look
>>like it originated from yourself via your local ISP.
>>
>>The attached worm file may be named something like these:
>>
>> g-zilla.exe, cooler3.exe, cooler1.exe, copier.exe, video.exe,
>> pirate.exe, goal1.exe, hog.exe, party.exe, saddam.exe, monica.exe,
>> boss.exe, farter.exe, cheeseburst.exe, panther.exe, theobbq.exe,
>> goal.exe, baby.exe, bboy.exe, cupid2.exe, fborfw.exe, casper.exe,
>> irnglant.exe, or gadget.exe.
>
>Sponsored by the City of Tempe
>
>Listserver Submissions: heath at listserv.tempe.gov
>Listserver Subscription: listserv at listserv.tempe.gov - "subscribe heath
>'name' 'call'"
>Listserver Unsubscribe: listserv at listserv.tempe.gov - -"signoff heath"
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
Sponsored by the City of Tempe
Listserver Submissions: heath at listserv.tempe.gov
Listserver Subscription: listserv at listserv.tempe.gov - "subscribe heath 'name' 'call'"
Listserver Unsubscribe: listserv at listserv.tempe.gov - -"signoff heath"
More information about the Heath
mailing list