wierd e mail
Thread Starter
wierd e mail
Im now getting e mail which is made up of what looks like dozens of random words.
Anyone any idea what this is all about?
There are no attachments, but there seems little point in these.
Anyone any idea what this is all about?
There are no attachments, but there seems little point in these.
The Oracle
Join Date: Aug 2001
Location: Naples, Florida U.S.A.
Posts: 2,902
Likes: 0
Received 0 Likes
on
0 Posts
jimgriff,
Those are random words and it is sent out from an infected computer.
From some of the Trojan Payload Descriptions:
From some of the Worm Payload Descriptions:
There are many more.
Take Care,
Richard
Those are random words and it is sent out from an infected computer.
From some of the Trojan Payload Descriptions:
This Trojan program enables its user to send anonymous emails. It can also check if a specific mail server is running or not, choose a random mail server, and then sends an email. If its user attempts to use a blank message body, it inserts random words before it sends out the emails.
The worm produced has used variables with random words composed of 10 characters.
The generator has the following characteristics:
User can set the registry name used to reload the Trojan during boot-up.
User can decide if a worm that uses MS Outlook for propagation can send it an attachment of an embedded script.
The subject title and the content of the email can also be modified. The worm may also be set to infect files such as VBS and VBE by overwriting its original code.
User may choose one of four methods of payload and the trigger date can be set on any date between January 1 to December 31.
Methods of payload:
The generator has the following characteristics:
User can set the registry name used to reload the Trojan during boot-up.
User can decide if a worm that uses MS Outlook for propagation can send it an attachment of an embedded script.
The subject title and the content of the email can also be modified. The worm may also be set to infect files such as VBS and VBE by overwriting its original code.
User may choose one of four methods of payload and the trigger date can be set on any date between January 1 to December 31.
Methods of payload:
- A message box with desired text.
- An Internet browser can be launched and set to open any URL.
- Two modes of crashing the system
Take Care,
Richard
Thread Starter
Ah Ha!!
The plot thickens.
As there are no atatchments am I to assume that I am not infected?
I have NIV 2004 (up to date with updates) running at all times.
The plot thickens.
As there are no atatchments am I to assume that I am not infected?
I have NIV 2004 (up to date with updates) running at all times.
Per Ardua ad Astraeus
Join Date: Mar 2000
Location: UK
Posts: 18,579
Likes: 0
Received 0 Likes
on
0 Posts
As there are no atatchments am I to assume that I am not infected
Last edited by BOAC; 14th Apr 2004 at 19:22.
Join Date: Sep 2002
Location: London, UK
Posts: 778
Likes: 0
Received 0 Likes
on
0 Posts
They might not be coming from an infected computer, or indeed be virus-related at all. Many spammers put random words in their emails, sometimes seemingly filling them with random words which may or may not make any sense. The purpose of this is to defeat spam filters, which analyze the text for the ratios of certain words to other text and various other lexical analysis techniques.
Join Date: Mar 2000
Location: Sunrise Senior Living
Posts: 1,338
Likes: 0
Received 0 Likes
on
0 Posts
Richard and BOAC are dead right!
I have Norton Antivirus running all the time with Auto update which runs almost daily in these infectious times, but still regularly run the Trend Micro Housecall as recommended. A Norton full scan yesterday revealed nothing untoward but the Housecall picked up something called JS PETCH.A which I had no idea was there. Good system. Thanks Richard.
Cheers,
mcdhu
PS Didn't think much of your weather last Sunday/Monday Richard!
I have Norton Antivirus running all the time with Auto update which runs almost daily in these infectious times, but still regularly run the Trend Micro Housecall as recommended. A Norton full scan yesterday revealed nothing untoward but the Housecall picked up something called JS PETCH.A which I had no idea was there. Good system. Thanks Richard.
Cheers,
mcdhu
PS Didn't think much of your weather last Sunday/Monday Richard!