Virus from Russia ?? - Page 3 - diyAudio
Go Back   Home > Forums > General Interest > Everything Else

Everything Else Anything related to audio / video / electronics etc) BUT remember- we have many new forums where your thread may now fit! .... Parts, Equipment & Tools, Construction Tips, Software Tools......

Please consider donating to help us continue to serve you.

Ads on/off / Custom Title / More PMs / More album space / Advanced printing & mass image saving
Reply
 
Thread Tools Search this Thread
Old 10th December 2010, 04:56 AM   #21
diyAudio Member
 
ashok's Avatar
 
Join Date: Jun 2002
Location: 3RS
Quote:
Originally Posted by Peckerwood View Post
............
A format won't wipe out a boot sector virus either................
Wouldn't repartitioning the drive using Disk Wizard wipe out the virus. That's what I remember reading. Format doesn't do it . Or fill the drive with 1's or
0's using DW.

OK, this is getting interesting !
I've decided that I WILL open this file ( soon ) !!!!!!!!!!!!!!!!!!
The excitement is killing me !

BUT I'll download Sandboxie ( thanks to Godfrey) and open it on my laptop that isn't used much and I can afford to let it crash ! Will keep you informed.

But then all that stuff about watching all keystrokes , using my drive as a pornography server etc. may not show up at all even if the program appears to open up normally. Those hidden applications will only work if it's connected to the internet ....I guess. And THAT would not be visible either.

There is a catch here ! On hometheatershack.com the latest version of RoomEQwizard shown today is V3.5 ! This one says V4.11 ..... A dead give away ?
__________________
AM
  Reply With Quote
Old 10th December 2010, 06:06 AM   #22
diyAudio Member
 
theAnonymous1's Avatar
 
Join Date: Feb 2004
Location: Anonymityville
1. Forward that email message with the file attachment intact to scan@virustotal.com (limit is 10 MB)
2. Write SCAN in the Subject field of the forwarded message and delete the full body of the message. Send.
3. You should receive a virus report in the next few minutes.
  Reply With Quote
Old 10th December 2010, 08:38 AM   #23
gpapag is offline gpapag  Greece
diyAudio Member
 
gpapag's Avatar
 
Join Date: Nov 2002
Location: Athens-Greece
Quote:
There is a catch here ! On hometheatershack.com the latest version of RoomEQwizard shown today is V3.5 ! This one says V4.11 ..... A dead give away ?
ashok

I have downloaded (a month ago) RoomEQ V5 from hometheatershack.com

Best Regards
George
  Reply With Quote
Old 10th December 2010, 08:57 AM   #24
godfrey is offline godfrey  South Africa
diyAudio Member
 
Join Date: Nov 2009
Location: Cape Town
Quote:
Originally Posted by ashok View Post
BUT I'll download Sandboxie ( thanks to Godfrey) and open it on my laptop that isn't used much and I can afford to let it crash ! Will keep you informed.
Hi
Just be aware of the limitations of sandboxie. While malware running "in the box" can't make any permanent changes to your system, it can read anything on your system and talk to the internet, so if you're concerned about password stealers or other information theft, it's best to disconnect from the network (meaning unplug the cable), when playing with the bad stuff.

Something else to bear in mind: Afaik nobody's found a way for programs to escape from the sandbox, however it is possible for a program to figure out that it is trapped in a sandbox and take appropriate action. i.e. Just because it doesn't do anything bad in the box doesn't mean it won't do anything bad if you let it out.

btw: A nice feature I discovered by accident is that Sandboxie won't allow your system to be shut down or rebooted.

Cheers - Godfrey
  Reply With Quote
Old 10th December 2010, 09:34 AM   #25
godfrey is offline godfrey  South Africa
diyAudio Member
 
Join Date: Nov 2009
Location: Cape Town
From XKCD
Attached Images
File Type: png network.png (114.4 KB, 75 views)
  Reply With Quote
Old 10th December 2010, 10:27 AM   #26
Anatoly is offline Anatoly  Russian Federation
diyAudio Member
 
Join Date: Jan 2008
Quote:
Originally Posted by ashok View Post
I just got an email saying " for you from Russia ". There is a 4.37 Mb file attached in .rar format. It says RoomEQwizard V4.11 .

I don't plan to open it. Is this a virus ? Anyone else got this email. Senders name is Russian. But that doesn't mean a thing.
By the way RoomEQwizard is from a person called John on Hometheatershack I think.
Im send what You ask, not more ...
  Reply With Quote
Old 10th December 2010, 08:51 PM   #27
diyAudio Member
 
Peckerwood's Avatar
 
Join Date: Oct 2010
Location: Texas
Godfrey is exactly right about disconnecting from the internet. I would strongly suggest not messing with that file because there is no way it could be anything good.

I am trying to remember from when I was in school but to the best I remember a bootsector virus loads itself into memory every time you boot up so even if you clean it out it loads again next time you boot. I don't remember for sure if the boot sector is in the harddrive but I don't think it is. It might be in the BIOS. If it isn't in the HD then a format won't wipe it out. If it is in the HD a format will wipe it out.
  Reply With Quote
Old 11th December 2010, 01:47 AM   #28
diyAudio Member
 
ashok's Avatar
 
Join Date: Jun 2002
Location: 3RS
Quote:
Originally Posted by Anatoly View Post
Im send what You ask, not more ...
Hi Anatoly,

How can I apologise enough ?
I must add that I could not remember your name and where this email came from.
I don't even remember asking for the file......that's how bad my memory is !

So I apologise profusely and cannot tell you how sorry I am.
I am currently also going through a LOT of stress due to the recent loss of my mom and having memory lapses is getting worse. I trust you will understand.

However your file is clean , I have just checked it , but the follow up is useful for others for any other files they have any doubts about. It isn't meant to cast any aspersions on 'you'. Please note that people can use any name in emails and having a Russian name isn't damming all Russians ! I get lots of spam emails from russian names especially to ask me to log on to "purchase details" of what I supposedly have bought on the Net. So I'm sure you will understand why I got worried.

I did check my out box to see if I sent an email request for this file but couldn't find it. So I must have done it through a forum 'mail'. If you had mentioned that it would have helped a lot.

If this thread continues it will be only to help people sort out suspicious mail and not to defame you. Sorry for all the heartburn it would have created for you. Thank you for taking the trouble to send me the file. ( Please note that I intentionally did not mention your name anywhere just in case I was on the wrong track !).

Cheers.
Ashok.
__________________
AM

Last edited by ashok; 11th December 2010 at 01:50 AM.
  Reply With Quote
Old 11th December 2010, 01:57 AM   #29
diyAudio Member
 
ashok's Avatar
 
Join Date: Jun 2002
Location: 3RS
Default File is clean.

I checked this file following the post from theAnonymous1.
The report is clean. Now we do know it IS clean as the gentleman who sent it has directly responded. Can't say how sorry I am !
__________________
AM
  Reply With Quote
Old 11th December 2010, 02:07 AM   #30
diyAudio Member
 
ashok's Avatar
 
Join Date: Jun 2002
Location: 3RS
Default Is there a moral here ?

I think so. While most members have great memory power, some like me can sometimes completely forget requests made on the Net unless something reminds them of it.
I get mail with attachments from well known " friends" who never sent any mail !! I can cross check with them easily by making a phone call !

So when sending attachments to another person it might be a good idea to mention that it was being sent on a request made ' whenever , wherever'. That way it will jog ones memory and remove the worry of if it's spam or a virus.

This isn't fool proof either as some might not remember even with that ! Well we can consider that as an "occupational" hazzard !

Hope we can all ( now!) have a good laugh over this and best wishes to all for a Happy Christmas.
Cheers.
__________________
AM
  Reply With Quote

Reply


Hide this!Advertise here!
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hallo from Russia!)) sl0n Introductions 9 19th March 2010 09:12 AM
From Russia with love... Professor Chip Amps 8 20th September 2005 10:13 AM
new virus is out karma Everything Else 16 28th April 2004 04:29 PM


New To Site? Need Help?

All times are GMT. The time now is 02:30 AM.


vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2014 DragonByte Technologies Ltd.
Copyright 1999-2014 diyAudio

Content Relevant URLs by vBSEO 3.3.2