[38252] in APO-L
Re: [APO-L] Do NOT open the message earlier today with link
daemon@ATHENA.MIT.EDU (Robert Dean)
Mon Dec 28 17:21:16 2009
Date:         Mon, 28 Dec 2009 17:20:58 -0500
Reply-To: Robert Dean <rdean71@comcast.net>
From: Robert Dean <rdean71@comcast.net>
To: APO-L@listserv.iupui.edu
In-Reply-To:  <8CC5618ED8A88FD-1994-1A53@webmail-m005.sysops.aol.com>
The route most of the virii that behave like this take is to register modul=
es in the Windows sockets interface that intercept and reroute requests. =
=C2=A0The more nefarious versions set windows group policies that prevent=
 the user from using regedit to clean up manually. =C2=A0( The one virus th=
at we've gotten hit with fortunately failed to do this last bit ).
-- Sent from my Palm Pre
Charlie Zimmerman wrote:
 Kami -=20
Thanks for sending this note. I was going to send out a similar warning, as=
 the e-mail that was reportedly sent a week or so ago by "Ed Janison" conta=
ined a similarly malicious link.  I've been battling malware ever since I=
 accidentally clicked it and immediately started seeing warnings from Syman=
tec AntiVirus.
Symptoms include being frequently rerouted to "thewebsitesurvey.com" and ha=
ving my Google search results intermittently "hijacked" -  sending me to a=
 myriad of bogus web pages.  Symantec AntiVirus and Malwarebytes (free tool=
 from malwarebytes.com) have each cleaned up SOME of the infection, but not=
 all. Reinstalling IE8 also did nothing to improve the situation.  Research=
 on the web has not turned up reports of anything truly malicious (i.e. key=
stroke logging, password captures, file deletion, etc.) associated with the=
 survey site, but caution is strongly advised.
It's disappointing that we've been hit with this bug, just as APO-L has a=
 seen a little bump in activity.  We had been virus/spam free for years. =
 Rule of thumb - if you see any messages (APO-L or otherwise) with just a=
 single link, DELETE THEM.  Can't believe I actually got snagged by this,=
 but it just goes to show that anyone can get hit by this kind of stuff.
Fraternally,
Charlie Zimmerman
APO-L Administrator
charliez@aol.com
=20
=20
-----Original Message-----
From: Kami Bush <kbush123@YAHOO.COM>
To: APO-L@LISTSERV.IUPUI.EDU
Sent: Mon, Dec 28, 2009 2:43 pm
Subject: [APO-L] Do NOT open the message earlier today with link
I apologize to everyone but it seems my yahoo account was hacked this morni=
ng=20
and a bunch of emails were sent as me.  I'm not sure if it was hacked or sp=
oofed=20
but since it went out to my address book, I'm assuming hacked.  Please do=
 not=20
click on the link.  It seems to be a virus or malware.  Once again, I apolo=
gize=20
for the inconvenience.
Kami
     =20
=20