I AM SORRY BUT I MUST WARN EVERYBODY!

Today I received several emails from friends and members that they received a message from PC Modeler like this one



WARNING THIS IS A VIRUS MAIL!!! It seems that my system is infected by a aggressive worm virus (I don’t know which yet but I will keep ye updated) and it has send this mail and similar ones to everybody in my adressbook (Over 100 contacts!!!)

As I write this I am letting my anti virus program PcCillin and Panda ActiveScan work thru my system and at this moment at a progress of 1/3 done they found 21 infected files!!!!!!!!!!!

Please be save and look in to your system!!! I am sorry for any problems I have caused!!!

nice to warn everyone but this is not your fault and happened to many of us in times.I wish you can solve your problem in a short time ...

Ok here is the results:

I had 28 files infected with one and the same virus:

Bugbear.B

It is a email wormvirus, look at your anti virus software to remove it

Here is more info

http://www.pandasoftware.com/virus_info/encyclopedia/details.aspx?idvirus=39823

Hey Ronny, I did get your e-mail but fortunately my antivirus program caught it and deleted the attachment. I sent you a message about that. Well, now I know what happened.

I got this too this afternoon. I think I caught it in time. It also came in disguised as a request from amazon.com for a password check. BEWARE!

Gunnie

(virus )

I also got it, but it was intercepted by muy friends of Norton Antivirus (thanks guys).

It revealed a password to PCmodeler.com......a fake password, so no harm done here.

Be careful for these things they can really trun your PC upside down. Be sure to have a proper anti-virus program installed.

And Ronny, as said before, it's not your fault... things like this happen.

Ronny

First of all thanks for warning.

I have not received it yet in my hotmail account but I will check it out when I get back from the office if the virus is send to my outlook at home. I`m pretty sure that when it`s in my e-mail box my good friend Norton will kill it

I got that email. Luckily McAfee Online killed it good.

Thanks for the heads up. I wondered what that was all about.

Cheers,
Jim

AAAARGH I found the culprit who infected me, my own daughter

I am scanning her pc as I type this and after scanning ± 86000 giles I found 487 Infected files!!!!!

Oooooh I am going to get here, I also founds hundreds of pictures and music files on her HD from her favorite music-band (punk rock, yuck (++) (++) ) so I am willing to bet that from ne of those download sites she has gotten the virus, I told here before not to do that, but do 15-years ever listen to they're mature parents??? Nooooooooooooooo

Roadkill

It`s great that you have found the source of the virus dude.. Yeah the Download sites are always a big problem because they make it rather easy to slip some rubbish in your computer to ruin everything. That`s why a good anti virus program is required

On the other way....... Your daughter listens Punkrock ???? That`s cool I have tons of it (big punkrock fan) should I take some cd`s with me to Geel :-) :-) hehehe

Ah well I will check me PC at home for the virus

roadkill
with download you kan get a virus but you can beter instal kazaa lite for you're daughter, if she don't have it #:-)
a friend downloaded 2 GB trance music and did not get a virus
if you want i can search for the site where i get it from there it's free

bennie

Hey Bennie,

She has Kazaa on her system (against my wishes), go figure

It looks like someone hacked/infected PC Modeler... anybody tought to inform the webmaster at PC Modeler?
Ciao

Yeah I tried to send them a mail this morning but mails returned to me as undeliverable

But I presume that they figured it out by now

I think I received the same e-mail, but as I've never bought anything via Amazon, I became suspicious and didn't open the attachment and just deleted it. From the sound of these comments, it looks as if I was right to be wary of that message.

scoccia
it can be that roadkill have been hacked there is a leak in the sucerity
the systeem use a supernode this easy to hack (i read) you can download a update but i never seen it on the net #:-) they would come out with 24 hour but that was i think a week a ago and the company f kazaa recoment to download it quik
my brother is very good with pc's but he say's this is just nonsense i don't know it

bennie

Ronnie,

For a good punishment, I suggest you make her listen to Paul Severs, Luc Steeno, Dana Winner AND Nicole&Hugo for a WHOLE WEEKEND !!! I guarantee she'll never download any heavy metal for the rest of her life after being drowned in Flemish musical talent. :-) :-) :-) :-)

I've been getting the W32.Sobig virus sent to me. I've deleted each one, but the attack continues. Block that e-mail address and it changes the next day. Thankfully, I'm not stupid enough to download unsolicited files (so if you send me a photo or something and I act like I never got it, I didn't). BTW, the virus is only going to my throwaway account that I only use for model related postings.

Here is Norton's definition of the W32.Sobig.A and W32.Sobig.C I've been receiving:

Due to an increased rate of submissions, Symantec Security Response has upgraded W32.Sobig.C@mm from a Category 2 to a Category 3 as of June 1, 2003.
The email falsely purports that Microsoft sent it ([email protected]).
Email Routine Details
The email message has the following characteristics:
From: [email protected] (NOTE: W32.Sobig.C@mm spoofs this field. It could be any address.)
Subject: The subject line will be one of the following:
• Re: Movie
• Re: Submited (004756-3463)
• Re: 45443-343556
• Re: Approved
• Approved
• Re: Your application
• Re: Application
Message Body: Please see the attached file.
Attachment: The attachment name will be one of the following:
• screensaver.scr
• movie.pif
• submited.pif
• 45443.pif
• documents.pif
• approved.pif
• application.pif
• document.pif
NOTE: The worm de-activates on June 8, 2003, and therefore, the last day on which the worm will spread is June 7, 2003.

The W32.Sobig.A@mm worm sends itself to all the addresses it finds in the .txt, .eml, .html, .htm, .dbx, and .wab files. The email message has the following characteristics:
From: [email protected]
Subject: The subject will be one of these:
• Re: Movies
• Re: Sample
• Re: Document
• Re: Here is that sample

Attachment: The attachment will be one of these:
• Movie_0074.mpeg.pif
• Document003.pif
• Untitled1.pif
• Sample.pif

roadkill
i have a nice site for you #:-) http://www.portablegear.nl/nieuws-detail.htm?NID=1120&Click=ND01120
look at this there is virus that you can get on kazaa and it has every time other name
for the people that can't dutch: there is a virus called fizzer but the site is from 12 may maybe a bit old but you never know and it infect you're pc and open a "back door" so that you easy are easy to hack but if you are carefull it can't be a big treat for you and it also send it self in the mail
i don't wana spred panic but i want to warn you

bennie

Kazaa! OMG! I've been using that prog for quite a time! Thanks for the help!

Hmmm. Pipesmoker told me about this thread. Not sure why your emails would have bounced back. Were you sending them to [email protected]? Not sure why something on my site would be doing that. Was that originally a message you got when you registered on my site? Is it possible the virus is sending out random messages from your computer? I would check the sent folder to see if that is the case. My site is running on a non-windows platform. Not to say that can't be hacked or infected, but it is a lot less likely.

i hope i've not make you scard it's a old virus the scan's kill it (Ii think )

bennie

Y'all might want to check out this freeware website
http://www.pricelessware.org/
Lots of good security software, plus other programs. All for free.
I am using the AVG antivirus and the Adaware programs. Both very good. And the AVG usually has semi-weekly updates that can be downloaded from their website.

Thanks Ronnie for the warning. :-) I too recieved one of your e-mails but all clear on this end. My wife who is our households resident internet geek warned me a long time ago about Kazaa being one of the most infected sites going. More viruses than you can shake a stick at.

I received it today for the first time, and apparently was intercepted by Norton Antivirus 2003...
Ciao everybody