Is this a virus?

Discussion in 'Software' started by anwinesp, Jan 27, 2005.

  1. anwinesp

    anwinesp Private E-2

    I got a weird e-mail message saying that my software had been registered (I have no idea what it could have been referring to, legitimately). Attached was a suspicious file (siupd02.scr). A search of Google and of Norton's Web site turned up nothing. Could this be a new virus?

    Anne
     
    anwinesp, Jan 27, 2005
    #1
  2. mcadam

    mcadam Major Amnesia

    If you don't know who it's from, or don't recognise the file then definitely do not open it. Many people get these emails, they're so annoying but hey!
     
    mcadam, Jan 27, 2005
    #2
  3. DavidGP

    DavidGP MajorGeeks Forum Administrator - Grand Pooh-Bah Staff Member

    These types of virus can come in many guises to try and trick you into opening them, some examples are....

    SETUP.DOC.scr
    Humor.MP3.scr
    news_doc.DOC.scr
    Pics.DOC.scr

    so as mcadam said above Anne if you dont know who its off or are even suspicious just delete it.
     
    DavidGP, Jan 28, 2005
    #3
  4. AbbySue

    AbbySue MajorGeeks Administrator

    Sounds like this new one I got info on this morning. Don't open it!

    Bagle.BK and Bagle.BL reach computers in email messages with spoofed sender
    addresses and with subject fields chosen at random from a list of options.
    Possible subjects include: "Delivery by mail" or "Delivery service mail".
    The message text may include phrases like: "Before use read the help"
    or"Thanks for use of our software". The message attachments, which actually
    contain the worms, have variable names, although their extension is always
    COM, CPL, EXE or SCR.

    In order to spread via P2P applications like KaZaA or Morpheus, both worms
    create -in the programs' shared folders- copies of themselves with names
    such as ACDSee 9.exe, Adobe Photoshop 9 full.exe or Ahead Nero 7.exe, among
    others. This is to bait other users into downloading them and then executing
    them.

    Regardless of how they reach computers, when a file containing either of the
    worms is run, they use their own SMTP engine to send themselves to the email
    addresses they find in files with certain extensions stored on the computer.
    Nevertheless, they avoid sending themselves out to certain addresses,
    principally those related to IT security software companies.

    The most dangerous action that both variants of Bagle take is the
    termination of processes in memory related to antivirus and security
    applications, leaving computers defenseless against further attack.

    They also make several entries in the Windows registry to ensure they are
    run every time the system is started up and delete others that could exist
    as the result of infection by variants of Netsky.
     
    AbbySue, Jan 28, 2005
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds