[38252] in APO-L
Re: [APO-L] Do NOT open the message earlier today with link
daemon@ATHENA.MIT.EDU (Robert Dean)
Mon Dec 28 17:21:16 2009
Date: Mon, 28 Dec 2009 17:20:58 -0500
Reply-To: Robert Dean <rdean71@comcast.net>
From: Robert Dean <rdean71@comcast.net>
To: APO-L@listserv.iupui.edu
In-Reply-To: <8CC5618ED8A88FD-1994-1A53@webmail-m005.sysops.aol.com>
The route most of the virii that behave like this take is to register modul=
es in the Windows sockets interface that intercept and reroute requests. =
=C2=A0The more nefarious versions set windows group policies that prevent=
the user from using regedit to clean up manually. =C2=A0( The one virus th=
at we've gotten hit with fortunately failed to do this last bit ).
-- Sent from my Palm Pre
Charlie Zimmerman wrote:
Kami -=20
Thanks for sending this note. I was going to send out a similar warning, as=
the e-mail that was reportedly sent a week or so ago by "Ed Janison" conta=
ined a similarly malicious link. I've been battling malware ever since I=
accidentally clicked it and immediately started seeing warnings from Syman=
tec AntiVirus.
Symptoms include being frequently rerouted to "thewebsitesurvey.com" and ha=
ving my Google search results intermittently "hijacked" - sending me to a=
myriad of bogus web pages. Symantec AntiVirus and Malwarebytes (free tool=
from malwarebytes.com) have each cleaned up SOME of the infection, but not=
all. Reinstalling IE8 also did nothing to improve the situation. Research=
on the web has not turned up reports of anything truly malicious (i.e. key=
stroke logging, password captures, file deletion, etc.) associated with the=
survey site, but caution is strongly advised.
It's disappointing that we've been hit with this bug, just as APO-L has a=
seen a little bump in activity. We had been virus/spam free for years. =
Rule of thumb - if you see any messages (APO-L or otherwise) with just a=
single link, DELETE THEM. Can't believe I actually got snagged by this,=
but it just goes to show that anyone can get hit by this kind of stuff.
Fraternally,
Charlie Zimmerman
APO-L Administrator
charliez@aol.com
=20
=20
-----Original Message-----
From: Kami Bush <kbush123@YAHOO.COM>
To: APO-L@LISTSERV.IUPUI.EDU
Sent: Mon, Dec 28, 2009 2:43 pm
Subject: [APO-L] Do NOT open the message earlier today with link
I apologize to everyone but it seems my yahoo account was hacked this morni=
ng=20
and a bunch of emails were sent as me. I'm not sure if it was hacked or sp=
oofed=20
but since it went out to my address book, I'm assuming hacked. Please do=
not=20
click on the link. It seems to be a virus or malware. Once again, I apolo=
gize=20
for the inconvenience.
Kami
=20
=20