Malicious Software

    Share
    avatar
    Chojin
    Rank: Guardian
    Rank: Guardian

    Name : Craig
    Age : 32
    Gender : Male
    Location : hiding in plain sight
    Posts : 2413
    Joined : 2008-04-19

    Malicious Software

    Post by Chojin on Fri Nov 19, 2010 2:23 pm

    I think it would be a good idea to share our experiences with viruses, and other malicious software, so others can be made aware and avoid the same situations. If we include as much information as possible, this thread could become an invaluable tool to all of us.

    Details of the following would be helpful:
    - Appearance (If it has a visible affect)
    - Links to information
    - Brief details (can be quoted from a link, with link provided)
    - Link to software that will remove it
    - Snopes information (not necessary, but handy)

    If you think of anything else that may be useful for people to know about the virus, then that would be much appreciated.

    ----------

    Thinkpoint

    As of late, I've been infected with a virus known as Thinkpoint, or The Thinkpoint Virus, and decided that it would be a good idea to make people aware of this trickster.

    Think Point, which is also known as the ThinkPoint virus, is part of a fake Microsoft Security Essentials Alert. Think Point is being advertised as one of the five removal tool to get rid of any infection found on the computer. Initial infection will result to a malfunction of Windows desktop, removing all icons and displaying only a fake alert message. Trying to clean this malware will open up a new window displaying multiple virus scanners but only those rogue programs will be able to identify the infection, and that includes Think Point.

    Executing any of the endorsed rogue program will allow itself to be installed on the computer. Having it on the system will provide various annoyances including blocked Internet access, browser hijacking and malfunction system. Trying to run any applications will be blocked by Think Point and instead it will release a message stating that executable file is already compromised. All of these displeasure carried out on the system aims to force users into getting the licensed version of useless software called Think Point.

    Source: http://www.precisesecurity.com/rogue/think-point/

    If you think you may already be infected, then download Malwarebytes Anti-Malware and perform a full scan of your computer.

    ----------

    Delivery Status Notification (Failure)
    Delivery Status Notification (Delay)
    Undelivered Mail Returned to Sender‏

    While this is not a virus, it has become a new way to deliver viruses and other malicious software. It appears as a failed email, and it will often flood your inbox. It's kind of a double whammy, as it contains an attachment as well as a web address in the main body of what you supposedly sent to someone in your contacts list.

    It appears as a standard failure/delay email from the postmaster of which email client you use. Adding these address to your blocklist will stop you from recieving these, but you will not recieve notification if your own emails have failed. It is widely suggested that you make them go straight to your junk folder by marking them as junkmail; that way you can still check to see if your emails have gone through while avoiding these threats.

    Known addresses:
    - postmaster@hotmail.com (Unblockable)
    - postmaster@mail.hotmail.com (Blockable)
    - MAILER-DAE​MON (Actual address unknown at present)

    They all appear to come from the same person, or multiple people on the same IP Address (http://65.55.237.79)

    DO NOT accept anything from the above IP address
    DO NOT download the attachment or click the link.

    Below are lists of attachments and links:

    Attachments:
    - Hey let's...eml (Hey let's get this money together.eml)
    - Don't pas...eml (Don't pass this up.eml)
    - I got thi...eml (I got this sick way to make lots of money.eml)
    - Hey read ...eml (Hey read this before you do anything else.eml)
    - Hello.eml
    - Make mone...eml (Make money with me starting today ).eml)
    - How are y...eml (How are you.eml)
    - Check thi...eml (Check this out before you do anything else.eml)
    - Let's mak...eml (Let's make some $ together.eml)
    - Hi.eml
    - Are you d...eml (Are you down to make some good cash.eml)
    - You've go...eml (You've gotta read this e-mail.eml)
    - We can do...eml (We can do this together.eml)
    - Hey lets...eml (Hey lets do this together.eml)
    - What do y...eml (What do you want to do.eml)
    - Hey man d...eml (Hey man did you read this.eml)
    - Don't mis...eml (Don't miss out on this opportunity with me.eml)
    - Did you s...eml (Did you see this.eml)
    - Hi, you'v...eml (Hi, you've gotta see this.eml)
    - Make some...eml (Make some money with me.eml)
    - How are y...eml (How are you.eml)
    - You can m...eml (You can make some money with me friend.eml)
    - Don't mis...eml (Don't miss out on this opportunity with me.eml)
    - We should...eml (We should make some money together.eml)
    - Delivery repo (Delivery report)

    Links (prefixes removed) :
    - cnbc3daily.com
    - cnbc3newsreport.com
    - cnbc3report.com
    - cnbc3-news.com
    - cnbc3dailynews.com
    - cnbc2.com
    - cnbc3.com
    - sell1news.com
    - edia7-news.com/

    If you have anymore attachments, links, IP addresses or email addresses (pertinant to Delivery Status Notification), add them below stating the subject so I can add them in here; or PM them to me.


    Last edited by Chojin on Sat Nov 27, 2010 8:44 am; edited 3 times in total


    _________________
    ..::Livejournal::..
    ..::DeviantArt::..
    ..::Facbook::..
    avatar
    Fizzie
    Rank: Starling
    Rank: Starling

    Name : Sam
    Age : 35
    Gender : Female
    Location : Bristol
    Posts : 4948
    Joined : 2008-04-18

    Re: Malicious Software

    Post by Fizzie on Mon Nov 22, 2010 10:31 pm

    Thanks lots for this, Cho. I'm sure others will be able to use this thread for help, and I hope people also contripute to it as well. Smile


    _________________
    avatar
    Chojin
    Rank: Guardian
    Rank: Guardian

    Name : Craig
    Age : 32
    Gender : Male
    Location : hiding in plain sight
    Posts : 2413
    Joined : 2008-04-19

    Re: Malicious Software

    Post by Chojin on Tue Nov 23, 2010 11:08 pm

    Got updates to come for Delivery Status Notification (Failure)/(Delay), as well. I thought it would go in information, but I guess it could go in either, lol.

    Might be a good idea to sticky this thread, as well.


    _________________
    ..::Livejournal::..
    ..::DeviantArt::..
    ..::Facbook::..
    avatar
    Chojin
    Rank: Guardian
    Rank: Guardian

    Name : Craig
    Age : 32
    Gender : Male
    Location : hiding in plain sight
    Posts : 2413
    Joined : 2008-04-19

    Re: Malicious Software

    Post by Chojin on Sat Nov 27, 2010 1:20 am

    Updates to Delivery Status Notification (failure)/(Delay)
    - New subject line
    - New sender
    - New attachment
    - New link


    _________________
    ..::Livejournal::..
    ..::DeviantArt::..
    ..::Facbook::..
    avatar
    Chojin
    Rank: Guardian
    Rank: Guardian

    Name : Craig
    Age : 32
    Gender : Male
    Location : hiding in plain sight
    Posts : 2413
    Joined : 2008-04-19

    Re: Malicious Software

    Post by Chojin on Sat Nov 27, 2010 1:52 pm

    Interesting info on the IP address; it's Microsoft.


    _________________
    ..::Livejournal::..
    ..::DeviantArt::..
    ..::Facbook::..

    Sponsored content

    Re: Malicious Software

    Post by Sponsored content


      Current date/time is Sat Jul 22, 2017 1:42 am