Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

aol email virus???

Status
Not open for further replies.
Guest_imported

Guest_imported

New member
Jan 1, 1970
0
The other day i recieved this email with the subject "this is great" and "whats so funny"... both of them had email attachments... now i was stupid and i downloaded the email and it has now messed up my aol... also when i email someone it sends them the virus along with my email so the person i send a email gets my mail and the virus mail... it does not get detected by norton antivirus ... what is this virus and how do i get rid of it????
 
Sort by date Sort by votes
Is your norton up to date?
Look in the FAQ list for virus help. Ed Fair
efair@atlnet.com

Any advice I give is my best judgement based on my interpretation of the facts you supply.

Help increase my knowledge by providing some feedback, good or bad, on any advice I have given.

 
Upvote 0 Downvote
You should contact symantec to get help from there if it is a new Virus they are interested on the Signature.

hnd
hasso55@yahoo.com
 
Upvote 0 Downvote
Here is what I got from Computer Associates. The website for their Virus Encyclopedia is
Win32.Funso worm (also known as I-Worm.Menace)
Win32.Funso worm arrives in an email that has one of the following subject lines:

Fwd: This is great! =)
Fwd: This is hilarious! =)

The message body is:

You guys have to download this! This really is funny!

The attachment is called "sofunny.exe".

When run, the worm displays the following fake error message:



It copies itself to "C:\WINDOWS\SOFUNNY.exe" and "C:\WINDOWS\msdos423.exe" and adds a key to the registry so that it is loaded every time Windows starts:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msdos423="c:\windows\msdos423.exe"

Note that it always uses the directory "C:\WINDOWS" even if Windows is installed in a different location.

The worm also creates a file called "C:\WINDOWS\msdos423.ini" which it uses to keep track of its progress. Initially this file contains the following:

[Setup]
Copied=True

The worm sends itself to other people using the AOL client software. It also steals AOL passwords and attempts to send them to a third party, presumably the worm author, using one of the following mail servers:

mail.yahoo.com
mail.hotmail.com
mail.angelfire.com

Thanks,
Vince
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
280
Oorde
Oorde
andyv2011
  • Locked
  • Question
Looking at Virus Actions
Replies
0
Views
119
andyv2011
andyv2011
Tiffc0922
  • Locked
  • Question
Virus / Malware Scans on Local PCs
Replies
5
Views
179
goombawaho
goombawaho
kharrison70
  • Locked
  • Question
Meskisift Visaal Studie Virus? 6
Replies
6
Views
175
goombawaho
goombawaho
CCX008
  • Locked
  • Question
Barowwsoe2save , how can I remove this stubborn virus !! 3
Replies
10
Views
246
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top