Please bear with my grammar since I've been up for about 24 hours straight trying to salvage whats left of the data on not only my RAID-0 array, but my RAID-1 array, AND.... my 500gb external backup drive.

This all started out this past Saturday when my brother called to ask me if I could help his friend fix an extremely destructive virus on his Mac Pro. After hearing how bad things were, I told the guy to save his money (I charge $50-$75/hour) and do his best to salvage important documents, photographs, and to NOT run any applications or other files which are favorite targets of viruses.

Thinking all was fine, I received a very bizarre e-mail from my Brother who is also a Mac Pro owner and the letter was pretty much non legible and had no attachments or photographs.... odd for a guy who has a PhD in Bio Chemistry. My copy of ESET NOD32 (64-bit) approved the e-mail as being "safe", but I trashed it anyways using a nice Government wipe but only after sending the letter to a few federal agencies that a friend in politics recommended.

Luckily ESET NOD32 Anti-virus was able to prevent the virus from taking control of my Microsoft Outlook 2007 with the intent of blasting out thousands of additional e-mails to unsuspecting people.

Some of the other things the virus accomplished was to

On the down side though, the virus did an excellent job shutting off ALL of Vista 64-bit's security features such as windows defender, UAC, as well as sneaking right past the PC i keep under my desk as a hardware firewall running enterprise grade software as well as enterprise grade anti-virus software.


SO PLEASE LISTEN TO ME!!!!

If you get ANY suspicious e-mails, DON'T open them. If it's from a family member or good friend, give them a quick call just to be on the safe side considering it was an e-mail that came from my own brothers Mac Pro that screwed up my rig for the past 12 hours.

Wait.... is this affecting OS X? Or just windows?

Firewall would of saved you.

Well he's running Vista. I guess his brother and the other dude are running Windows on their Mac Pros.

And he says he has a dedicated "enterprise" firewall.

I'm not quite sure what exactly to make of this post tbh

I really hope that happened in mac OSX too... would be fair

Wait.... is this affecting OS X? Or just windows?

Both operating systems. Mac OSX will not save you from this one.


Firewall would of saved you.



Ok smart guy... I've got multiple firewalls in my home network including one in my top of the line linksys router, a server which is 100% dedicated to preventing this stuff through its enterprise level firewall, the same type my friends company AMGEN uses.
I've also got windows defender, ESET NOD32 x64, windows firewall, and an additional hardware firewall.


So before you post the opposite of a "smart-assed" remark.... educate yourself.

I do high end networking for both large and small businesses and am quite good at what I do. This was a freak incident and if you'd like me to, i'll e-mail you a copy of this virus just so I can see how brilliantly you manage to get past it.

Any chump who thinks a simple firewall is the "end-all" to protecting their systems has absolutely no clue.


FYI, I got an e-mail this morning from multiple other victims, many were from this forum.

Well he's running Vista. I guess his brother and the other dude are running Windows on their Mac Pros.

And he says he has a dedicated "enterprise" firewall.

I'm not quite sure what exactly to make of this post tbh

My best friend is a Sr. Network Administrator at AMGEN and he called me this morning to tell me that the virus was able to get past their extremely high quality systems and has caused havoc in countless employees systems.

/argument.


Just be careful people.

Surely this is being reported by Symantec et al.?

Any more information regarding the virus itself appreciated.

So have you actually removed the virus now and discovered exactely what it does. That doesnt take more than a couple of hours.

Thanks, is there a name for this Virus? What does the email look like? (Title)

Wow, so you just opened the email without downloarding anything and it trashed the PC?!!?!?!? Crazy.

I'm glad you were able to save your stuff!!!

email me the virus, guarantee you ill open it, and laugh while its contained. Okay cool you do you high end networking and so does your friend, last time I checked, network administrators where not System Security Auditors or Professionals. Just cause a company uses a firewall doesn't make it good. "Educate Myself"..since when do you know my education? You do not even know me, or my profession or my expertise. Who said anything about a simple firewall? I just said firewall, the complexity of the firewall was never discussed, a "good" software firewall would of stopped the process and waited for authorization from the user. :down:

email me the virus, guarantee you ill open it, and laugh while its contained.

What AV and firewall are you using? I'm just asking because I want to know who's standing up on the pedestal with you.

Frankly, you're deluding yourself if you think you're completely safe.


"Educate Myself"..since when do you know my education? You do not even know me, or my profession or my expertise.


So inform the community, who are you, what's your profession, and what's your expertise? Don't get offended because someone assumes you know nothing when they work in the field about which they started a thread.

And I'm pretty sure network admins (talented ones anyway) know a lot about computer security...it is their field, much to your chagrin.

@ OP: Have you solved the problem? My recommendation is to reinstall your OS...in my experience a system never runs the same again after getting hit like that, and you can never be sure it's completely removed.

email me the virus, guarantee you ill open it, and laugh while its contained.
can you do this live in a thread here with a couple of webcams, one on your PC and another on your face

we would like to have a laugh as well :D

What AV and firewall are you using? I'm just asking because I want to know who's standing up on the pedestal with you.

Frankly, you're deluding yourself if you think you're completely safe.


Firewall + Sandbox = Completely Safe

That is unless you let something pass through the firewall such as an email or a download but yet you can completely sandbox those as well so in the end your safe.

can you do this live in a thread here with a couple of webcams, one on your PC and another on your face

we would like to have a laugh as well :D

Virtualization is your friend :up:



So inform the community, who are you, what's your profession, and what's your expertise? Don't get offended because someone assumes you know nothing when they work in the field about which they started a thread.



I was not the one offended, the OP got all pissy.

I'd really like to read more about this, sounds scary. Any links?

Ok folks, lets watch the attitudes before someone gets too pissy and I have to start handing out infractions.
So far it is borderline, push much more and I will be the one to push back.


Now, as for the actual purpose behind this email/virus. One word. Outlook.
Hate outlook, hell, all email clients. Webmail FTW.

Ok folks, lets watch the attitudes before someone gets too pissy and I have to start handing out infractions.
So far it is borderline, push much more and I will be the one to push back.


Now, as for the actual purpose behind this email/virus. One word. Outlook.
Hate outlook, hell, all email clients. Webmail FTW. it's what i have and am not gonna change

Use MailWasher to see lists of emails waiting to be recieved on the server.

You can preview text and see what it is without recieving it.

You can then recieve, delete, or bounce the email.

Bounce works great for spam, just send it right back at them.

Use MailWasher to see lists of emails waiting to be recieved on the server.

You can preview text and see what it is without recieving it.

You can then recieve, delete, or bounce the email.

Bounce works great for spam, just send it right back at them.I'll look into that. I especially like bounce