My office partner opened a very legitimate looking e-mail attachment. The text of the document said something like "I need your feedback on this..." The e-mail was from one of his dealers and everything about it looked fine, the subject line was so specific to our industry that there was no question. It looks like the virus grabs a subject line from one of your previous e-mails (the e-mail my office partner received was titled - "Colnago frame inventory", but the e-mail that the virus sent out from his computer was "Michelin spring-fever special"). Once he opened the "Colnago" e-mail he started getting calls from his dealers asking why he had sent them a virus. I think this something called a SirCam virus. Anyone know anything about this one?

Best Regards,

FJH

I've been getting the same emails with the same wording .I need your advice on this and thanks.It carries an attachment.I got that emailed to me 24 times in one day.I did not open it.

Sircam went wild about 4 days ago, most antivirus programs should have an update available for it now. Both of the programs that we use have been updated for it. It's an email worm like the anna kournikova virus. It is, right now, the fastest spreading virus. You would be best off to install some sort of protection, because odds are good that you will see it again over the next few weeks. Always keep an eye out for email attachments that have double extensions, such as file.doc.pif


Here's a bit more info on the virus.

http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html


Eyez

My mistake, it went wild on the 17th, so 7 days ago.


Eyez

Did it look anything like this??

Hi! How are you?
I send you this file in order to have your advice
See you later. Thanks

It also comes with an attachment. I've just been deleting them without opening the attachment.

Regards

I copied this from another bbs:

Subject: The subject of the email will be random, and
could be the same as the file name of the attachment in the email.
Attachment: The attachment will be a file taken from the
sender's computer and will have the extension .bat, .com,
.lnk or .pif added to it.

Message: The message body will be semi-random, but will always contain one of the following two lines (either
English or Spanish) as the first and last sentences of the message.

Spanish Version:
First line: Hola como estas ?
Last line: Nos vemos pronto, gracias.

English Version:
First line: Hi! How are you?
Last line: See you later. Thanks

Between these two sentences, some of the following text
may appear:

Spanish Version:
Te mando este archivo para que me des tu punto de vista
Espero me puedas ayudar con el archivo que te mando
Espero te guste este archivo que te mando
Este es el archivo con la informaci=n que me pediste

English Version:
I send you this file in order to have your advice
I hope you can help me with this file that I send
I hope you like the file that I sendo you
This is the file with the information that you ask for

"go outside and play"
sib

That sounds exactly like it. It's pretty clever because the subject text and the attachment would not lead one to believe that there is a problem with the attachment.

Thanks for the help.

Best Regards,

FJH

I got the same mail at home yesterday. It was a .doc and came from someone I know. I opened it. I guess I better get home and get rid of it asap.

So far it looks like Rudy's computer is in trouble. It's just erroring out on everything. We did run the virus scan stuff to rid it of the thing, but it doesn't look good....

Best Regards,

FJH

I received a warning notice from McAfee.com regarding this. It's nice to know this before it actually starts to happen.
McAfee.com has seen a large and growing number of consumer computers infected with W32/SirCam@MM.
This is a HIGH RISK VIRUS FOR CONSUMERS.
The infected email can come from addresses that you recognize. Attached is a file with two different extensions.
The file name itself varies.

Looks something like this:
< Hi! How are you?

< I send you this file in order to have your advice
< or I hope you can help me with this file that I send
< or I hope you like the file that I sendo you
< or This is the file with the information that you ask for
< See you later. Thanks

Get a good antivirus software program.
McAfee is probably the best out there if you run a lot of business applications, if you're just looking for a good AV program both Norton and McAfee are good. At work the Norton caused conflicts with some of the software I use. The McAfee hasn't yet.

Weyes1
Kevin Clark
weyes1@wamego.net

Yes sir I just deleted 4 E-mails with those exact lines then I updated my norton antivirus software.
Thanks for the heads up.

Pitts

It's so hard to have safe cyber these days :).

I got the virus yesterday in an email with the message, "I am sending you this file to have your advice." McAfee has the solution. My computer geek here at work just did it and got rid of the d**ned thing.

Just be sure to practice "safe hex".

Later....

Al

I recently had some trouble, being proxied. Your own ISP will have no idea this is going on nor you until you really need to subscribe or log on with a password. I had already subscribed
to http://www.hackerwhacker.com, and when I went to use their scan yourself feature I couldnt, they informed me of the situation and gave me the IP of the offender which I gave to my ISP, AS WELL AS THE OFFENDERS. Got my scans (virus) back as the fixes come up they do it for you automatically. No software to buy, down load ease and hardly a added MB!
(Norton Internet Security Family 3.0 which is wothless unless you bought the right computer yesterday) and 30$ every three months. Gauranteed privacy also. This company is dead nut serious about computer creeps they fry them. Literally.

Like a fool I opened mine-how do I know if I got the virus???
Thanks
Jimbo

If you opened the attachment, you got the virus. go to http://www.symantec.com/avcenter/venc/data/w32.sircam.worm@mm.html for info, and there's a link to a removal tool on that page. If you're not sure, run the removal anyway.


Eyez