Re: Yet another Mass e-mail worm TM - Gibe-F/Swen-A - E-mail from Microsoft

From: Mimic (null_at_void.net)
Date: 09/19/03 

Date: Fri, 19 Sep 2003 15:52:13 +0100

"Lord Shaolin" <abuse@127.0.0.1> wrote in message
news:q1uab.7517$vX3.1100489@wards.force9.net...
> Nice Icon
>
> Nice GUI
>
> Asks you to fill in all your mail-server details, pretty nifty peice of
> code.
>
> More info here:
>
> http://www.security-forums.com/forum/viewtopic.php?t=8447

heh, well if people are stupid enough to open exe's from their email. I'm
assuming it spoofs the from feild as M$ ? othewise its gunna look even more
strange if all your mates are sending you patches, i guess... hrmmm...... .

Anyway, i dont know if i mentioned it, but i dont run AV software, i used to
occasionally scan when i got updates from work, but i'm too lazy. Anyway, i
got my first virus in 6 years the other day wooooooooo. Or should i say my
first infection. Blaster Worm :P anyway, i got the rpc error so i knew
summink was up, then my firewall kicked off. in about 30secs i knew where it
came from (kazaa :P), identified the file, killed it, killed the process and
removed all entries, completely clean. But just to be safe i downloaded the
AV scan/patch, over 20 fucking minutes it took and the result, to summarize
exactly what i had done (and what it failed to as i was clean). Bah to it
all :P 

--
Mimic
"Without Knowledge you have fear, With fear you create your own nightmares."
"There are 10 types of people in this world. Those that understand Binary,
and those that dont."
"C makes it easy to shoot yourself in the foot. C++ makes it harder, but
when you do, it blows away your whole leg"