doubtful emails just recd

[Guest guest]

Jai Guru Datta

Hello Datta Family Members!

I have recd recently 3 emails.

1.accounts sub:Rename old file

2.chandroos sub:Please try again

3.prasad sub: a humour game

 

On inspection about the nature and origin of these emails,I found out that they

are from dattapeetham server,or routed thru it.And president_dgbs@dattapeetham

also is mentioned as return path. All these contain attachments.

 

The 3rd one says, its a humour game and I am the first player,it says., but with

my financial and debts burden,I am in no mood for humour,though some laughs will

help.

 

I request others,if they have recd similar emails,or is there someone who has

sent them?Please reply only if concerned.Others kindly excuse me.

 

Jai Guru Datta

 

 

 

[Guest guest]

Jaya Guru Datta,

 

I´ve found out the following:

 

Go to: www.sophos.com/virusinfo/topten/

 

and click on the first one of the ten

 

You´ll get the exact description of the virus or worm.

 

It creates headlines like:

 

how are you

let's be friends

darling

so cool a flash,enjoy it

your password

honey

some questions

please try again

welcome to my hometown

the Garden of Eden

introduction on ADSL

meeting notice

questionnaire

congratulations

Sos!

japanese girl VS playboy

look,my beautiful girl friend

eager to see you

spice girls' vocal concert

japanese lass' sexy pictures

Undeliverable mail --

Returned mail --

 

I for instance got one "How are you" and one "Japanese lass´sexy pictures"

allegedly sent from or routed through dattapeetham.com.

A rope that appears to be a snake!

 

 

Sri Guru Datta

 

Carolin

 

 

 

 

 

 

 

 

[Guest guest]

Jaya Guru Datta,

 

the virus or worm may even fake to come from a well-known antivirus software

company and to help you detect and delete a virus. Whereas in reality it will

attempt to destroy the antivirus software you have on your computer:

 

(from: www.sophos.com/virusinfo/topten/):

 

"Message text:

The message text is randomly composed by the worm, and may be left blank.

If the subject line is "Worm Klez.E immunity", then the message text is

"Klez.E is the most common world-wide spreading worm. It's very dangerous by

corrupting your files. Because of its very smart stealth and anti-anti-virus

technic,most common AV software can't detect or clean it. We developed this

free immunity tool to defeat the malicious virus. You only need to run this

tool once,and then Klez will never come into your PC. NOTE: Because this tool

acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you

run it. If so,Ignore the warning,and select 'continue'. If you have any

question,please mail to me." (By ignoring the warning you do get the worm!)

 

Attached file:

Randomly named with the extension PIF, SCR, EXE or BAT.

Because the worm uses its own SMTP engine, the message may appear to come

from any email address. Some of the messages will have a "" field and

message text which imply that the message was sent by a major anti-virus

vendor (namely Kaspersky, F-Secure, Sophos, Symantec and Trend Micro).

....!!!!!!!!!

 

 

W32/Klez-H attempts to disable several anti-virus software products and to

delete some anti-virus related files. ...." !!!!!!!!!!

 

In addition to that the worm may disclose confidential data from the

computer,not only taken from emails:

 

"When sending email, W32/Klez-H may attach a randomly chosen file from the

infected computer with the extension TXT, HTM, HTML, WAB, ASP, DOC, RTF, XLS,

JPG, CPP, C, PAS, MPG, MPEG, BAK, MP3, or PDF. This means that the worm may

cause the disclosure of confidential company data. "

 

Scroll down to the removal help. I will wait for someone more versed in

computers than I am for helping me with the removal ...

 

Sri Guru Datta

Carolin Heiss

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

[Guest guest]

Jaya Guru Datta,

 

I myself couldn´t find any such virus/worm on my computer, I haven´t found

any file called: wink..... .exe

 

(See www.sophos.com/virusinfo/analyses/w32klezh.html:

 

"W32/Klez-H copies itself into the Windows system directory with a random

filename. The filename begins with the characters "wink" and has the

extension EXE. "

 

So someone else must have had several dattapeetham.com email addresses as

well as your email address, my email address, and maybe others´ addresses

stored on his computer harddisc that has got infected with the worm by

opening of an attachment:

 

"The worm searches for email addresses in the Windows address book and also

in files with the extensions TXT, HTM, HTML, WAB, ASP, DOC, RTF, XLS, JPG,

CPP, C, PAS, MPG, MPEG, BAK, MP3 and PDF. "

 

Sri Guru Datta,

 

Carolin Heiss