October 15th, 2009 by Stargazer
Spam or Virus?
Today I had one of those typical spam malware in my mailbox, showing that Microsoft Outlook is one of the most widely used mail programs, being attacked all the time:
Microsoft Outlook Notification for the xxxx@xxxx.xx
Support [xxxx@xxxx.xx]
Sent :Thu 15/10/2009 06:38
To xxxx@xxxx.xx
Attachment install.zip (12kb)
You have (6) New Message from Outlook Microsoft
- Please re-configure your Microsoft Outlook Again.
- Download attached setup file and install.
True, this mail usually is a bad one, but nevertheless it made me grin due to the fact that I was using Thunderbird and KMail for managing my personal mail flood. So I checked the mail headers and found out that it came from a spamhost somewhere in the net.
Tags: Malware, spam, virus, windows
Posted in: Malware | No Comments »
a-squared celebrates its 5th anniversary
December 11th, 2008 by Stargazer
Yesterday was the fifth birthday of a-squared, one of the whizz kids of the anti virus business. The program started as a simple anti spyware tool and got better over time since it grew up to be a full virus scanner. As this is a reason to celebrate, emsisoft sells the product for 5 EUR during the next 4 days.
Posted in: Malware | 3 Comments »
The password on archive anjelina
August 5th, 2008 by Stargazer
As some spammer guy abuses my domain name again, my mail server got some work to do. Anyways, this time there’s a new bastard out there pretending to be a video of Angelina Jolie. For making it through the common malware scanners the virus is hidden in a password protected rar archive…
Keep your eyes open, out there!
Posted in: Malware | No Comments »
Strange requests
July 25th, 2008 by Stargazer
I was analyzing some logfiles of my webserver during the last days and watched a huge number of strange hits coming from rather strange hosts:
index.php?page=http://www.xxxxxxxx.com/path/to/file.txt
What the heck is going on here? What does the URL do? Well – it’s there for purpose – so let’s fetch it. (URL above is cloaked for security reasons)
A good thing for fetching suspicious stuff is wget or even curl as it just downloads without executing javascript and stuff.
Posted in: Malware | 2 Comments »
Gotcha?
November 20th, 2007 by Stargazer
I don’t know your experience regarding malware, but I already got my favorites there as they’re pretty nasty due to their behaviour or the fact that they are not known by the (currently installed) scanner. It happened again those days. A friend complained about her laptop acting strange.
As I am an optimist, I try to avoid thinking of malware first. So I got my Live CD with the diagnostic tools for checking harddisk and filesystem as it is a common thing that a computer acts strange on broken filesystems. As the disc was ok, I started my malware check which was quite a shock.
Currently one of those all-in-one solutions, providing firewall, mail scanner, malware scanner and do-not-know-what-else-scanner and system brake overlooked 35 virii.
No malware scanner is perfect. That’s why companies usually use different scanners on their server machines. But if you’d like to be more secure, you may want to try some online scanners in addition to your local one or a live cd.
Regarding the laptop with the 35 virii, that’s definitively far too much. But it is always this manufacturer that leaves such a bad taste in my mouth…
Tags: detection, scanner, virus
Posted in: Malware | 2 Comments »