Yet Another Virus

[crptcblade]

I got an email this morning from some ass-clown that said "I sent this file for your advice." Attatched was a file called "Walkthrough01.doc". Or so you would think. If you make it so Windows shows the full file name with extension, it was actually "Walkthrough01.doc.pif", which I found is a kind of compiled batch file.

I HATE STUPID D*ICKHEADS THAT DO SH*T LIKE THIS!!!!

[chenko]

I think Dennis got that too

I looked at the text in the file and found this in it

"Mr. Walter Hocketstaller
14407 Brookmere Drive
Centreville, Virginia 20120

Re: 5682 Cabels Mill Ct.


Job Estimate

Misc. repairs for turnover or sale of the above referenced property as follows:

1. Replace white sliding screen door 36” x 80” $ 115.00

2. Fill and mulch under stairs in front of house $ 245.00

3. Paint top of bay window, paint color to be provided by owner $ 95.00

4. Touch up paint on upper level windows and trim in back of house $ 65.00

5. Shave gate in back yard and adjust to open, close & lock properly $ 36.00

Repair drywall in living room & upper hall ceilings
Repair drywall in powder room & staircase
Finish to paint $ 395.00

Paint entire interior, to include all minor drywall repairs & caulking
Apply two coats where needed $1,095.00

Clean kitchen cabinets (grease from), re stain where needed and Poly seal $ 295.00

9. Re caulk all bathrooms and counter tops $ 56.00

10. Replace receptacle in master bedroom $ 36.00

11. Repair ceramic tile in master shower $ 295.00

12. Install new “Armstrong” vinyl sheet goods on kitchen floor approx. 8”x 12” $ 595.00

13. Install new “Armstrong” vinyl sheet goods in foyer & powder room
approx. size 8’ x 8’ to include removing and re setting toilet $ 495.00


14. Replace approx. 15 ceiling tiles in basement $ 195.00

15. Replace 2 toilet seats $ 36.00

Total Job Cost: $4,049.00


Note: May want to consider allocating an additional $500.00 for misc. repairs after tenant vacates.
This would be for items not picked up on walk through such as, dripping faucets, doorknobs that
are missing or do not work / lock, additional drywall repairs etc.Mr. Walter Hocketstaller
14407 Brookmere Drive
Centreville, Virginia 20120

Re: 5682 Cabels Mill Ct.


Job Estimate

Misc. repairs for turnover or sale of the above referenced property as follows:

1. Replace white sliding screen door 36” x 80” $ 115.00

2. Fill and mulch under stairs in front of house $ 245.00

3. Paint top of bay window, paint color to be provided by owner $ 95.00

4. Touch up paint on upper level windows and trim in back of house $ 65.00

5. Shave gate in back yard and adjust to open, close & lock properly $ 36.00

Repair drywall in living room & upper hall ceilings
Repair drywall in powder room & staircase
Finish to paint $ 395.00

Paint entire interior, to include all minor drywall repairs & caulking
Apply two coats where needed $1,095.00

Clean kitchen cabinets (grease from), re stain where needed and Poly seal $ 295.00

9. Re caulk all bathrooms and counter tops $ 56.00

10. Replace receptacle in master bedroom $ 36.00

11. Repair ceramic tile in master shower $ 295.00

12. Install new “Armstrong” vinyl sheet goods on kitchen floor approx. 8”x 12” $ 595.00

13. Install new “Armstrong” vinyl sheet goods in foyer & powder room
approx. size 8’ x 8’ to include removing and re setting toilet $ 495.00


14. Replace approx. 15 ceiling tiles in basement $ 195.00

15. Replace 2 toilet seats $ 36.00

Total Job Cost: $4,049.00


Note: May want to consider allocating an additional $500.00 for misc. repairs after tenant vacates.
This would be for items not picked up on walk through such as, dripping faucets, doorknobs that
are missing or do not work / lock, additional drywall repairs etc."

I renamed it to .doc and im thinking of opening it, as if its a macro virii it will allow you to stop macros running.

[JungleMan]

It's spreading all over my neighborhood, I just got it 3 times today

BECAUSE OF A FEW STUPID ****S IN MY NEIGHBORHOOD, I've got to GET THAT **** IN MY ****ING INBOX

[crptcblade]

did you get it from somebody named Aya? Or somebody else. That's who mine came from

[Kzin]

Its called Sircam and it mails random files from your My Documents folder to everyone in your address book. This tells you all about it.


Heres some stuff about it.
Some e-mail in-boxes continue fill up with an odd assortment of other people's personal documents and images sent without their owner's permission, compliments of the worm-virus dubbed "SirCam."

Discovered in the wild on Wednesday, security experts had assumed the virus would quickly be contained. But now it appears that the worst is yet to come: SirCam is spreading fast and is expected to hit many more computers over the weekend.

"SecurityPortal does not believe that SirCam has reached a critical threshold yet, but will likely do so within 72 hours," said Ken Dunham, senior analyst for AtomicTangerine/SecurityPortal.


SirCam infection rates sharply escalated on Friday morning, and the virus is now No. 1 on Trend Micro's live tracking map of the Top 10 Virus threats. SirCam was ranked No. 3 at the start of the day on Friday.

The virus can also re-infect a computer, even if SirCam's files appear to have been removed and even if the computer checks out clean with some antiviral programs scanners.

"SirCam stores several files in the Recycle directory, which is not normally scanned by antiviral software," Dunham said. "Even if a computer is updated against SirCam, it may not scan the Recycle directory, potentially resulting in an incomplete mitigation of SirCam."

SirCam is not a chivalrous code-critter, it is smart and it can be vicious. Its code is so sophisticated that it confused antiviral companies, who were unsure what the virus did and how it did it.

The general agreement among security and antiviral firms now is that SirCam is both a virus and a worm. It replicates itself as a worm does, and it also performs malicious actions on a computer like a virus does.

Besides e-mailing a randomly selected document from the "My Documents" folder to every e-mail address stored on an infected computer's system folder, SirCam also plays an odd little game of chance with an infected computer.

When activated, the virus randomly chooses whether to take over all the unused space on a hard drive by filling it with text, or it may delete the contents of the hard drive.

SirCam worms its way deeply into an infected computer's operating system and also changes its identity with each and every infected e-mail it sends.

When a computer is infected with SirCam, the worm copies itself to "c:recycledSirC32.exe" and as "SCam32.exe" in the Windows system directory.

The "SirC32.exe" file is then registered as default startup command for executable (.exe) files so it will run whenever any EXE file is run. The "SCam32.exe" file is registered as a driver that makes sure it will be started when the system boots up, according to Symantec's analysis.

The worm then creates a list of e-mail addresses from the Windows Address Book and Temporary Internet Files, and creates a file called "scw1.dll" in the system directory.

SirCam then scans the hard drive of the infected computer, and all drives that the infected machine has access to.

From the contents of the "My Documents" folder the worm makes a list of files with specific extensions including .doc, .zip and .jpg, selects a random file from the list, and attaches it to an e-mail along with a copy of the virus.



http://www.wired.com/news/technology...,45427,00.html

[crptcblade]

well, I just got two more. I think it is time that I kill all stupid people

[denniswrenn]

But then you'd kinda have to kill yourself

[crptcblade]

A small price to pay.

Then I would consider myself a martyr.

[JungleMan]

oops i hope it doesn't get all my warez, kiddy pr0n, and FBI confidential info, oh no i think i said too much

j/k