Virus apparently in a .txt file Аўтар тэмы: Oliver Walter
|
|---|
Oliver Walter 
Вялікабрытанія
Local time: 12:45
нямецкая → англійская
+ ...
This was an attempt to infect my PC with a virus by sending what looked like a file called document.txt:
1. I received an email that appeared to be from an email address containing the word "etranslate", so I was only 99% sure that it was malicious email, not 100%.
2. The email's subject was "your day"; it contained the message "Congratulations!, your best friend" and an attachment called postcard.zip. Suspicion now 99.9%.
3. I saved the attachment as a disk ... See more This was an attempt to infect my PC with a virus by sending what looked like a file called document.txt:
1. I received an email that appeared to be from an email address containing the word "etranslate", so I was only 99% sure that it was malicious email, not 100%.
2. The email's subject was "your day"; it contained the message "Congratulations!, your best friend" and an attachment called postcard.zip. Suspicion now 99.9%.
3. I saved the attachment as a disk file (not dangerous even if it contains a virus) and opened it with WinZip.
4. It appeared to contain a file called document.txt, so I thought I would see what it contained by dragging it from the WinZip window to the Notepad icon on my desktop. I deliberately did not try to open it by double-clicking because I wanted to be sure that it would be opened by Notepad.
5. However, at that point I received an error message from Notepad saying that I did not have permission to open a file called
C:\windows\temp\docume~1.exe
6. I also got a message from my virus detector (AVG free edition, not set up to monitor incoming email) saying it had detected the netsky.Q virus. Suspicion confirmed.
7. Instead of deleting the file at that point, I returned to WinZip and noticed that the filename was displayed as
document.txt ...
(including nearly invisible dots). So I widened the "name" column and found that the file's real name was
document.txt .exe
(i.e. with lots of spaces before ".exe").
This is one consequence of the fact that "long file names" in Windows can contain spaces. In earlier operating systems, the space character was invalid in file names. You adjust the name column the same way as in Windows Explorer: drag the boundary of the column header or just double-click on it.
8. Slight mystery entirely solved. It wasn't a harmless text file; it was a very harmfull executable (i.e. program) file. My action: delete the saved attachment and the email.
9. I hope this is a little education for some of you (and the others already knew this method.)
Oliver
[Edited at 2006-01-22 21:43]
[Edited at 2006-01-22 21:43] ▲ Collapse
| | | |
Oliver Walter wrote:
document.txt .exe
(i.e. with lots of spaces before ".exe").
This is one consequence of the fact that "long file names" in Windows can contain spaces
I must say, it is a good idea
Thks for the advice
I always 2xclic text files, thinking it is impossible to be infected that way.
| | | |
Robert Zawadzki (X)
Local time: 13:45
англійская → польская
+ ...
| This was an .exe , not .txt file | Jan 23, 2006 |
It's the last part of a name (after the last dot, the extension) that determines file type. The trick with spaces was meant to hide this, and make you think it's a .txt file, that cannot be infected.
[Edited at 2006-01-23 08:44]
| | | |
Robert Zawadzki wrote:
It's the last part of a name (after the last dot, the extension) that determines file type. The trick with spaces was meant to hide this, and make you think it's a .txt file, that cannot be infected.
[Edited at 2006-01-23 08:44]
Everybody understood it, we are no children
| | |
|
|
|
Robert Zawadzki (X)
Local time: 13:45
англійская → польская
+ ...
| But it was a .txt in a post header... | Jan 23, 2006 |
I just wanted everything to be 100% clear. I thought about not posting anything at all, but I decided it will not hurt - it may help somone else reading this thread.
| | | |
Oliver Walter
Вялікабрытанія
Local time: 12:45
нямецкая → англійская
+ ...
ПАЧЫНАЛЬНІК ТЭМЫ | I already said it | Jan 23, 2006 |
Robert Zawadzki wrote:
I just wanted everything to be 100% clear. I thought about not posting anything at all, but I decided it will not hurt - it may help somone else reading this thread.
You may be right, but (a) I thought I had already made that point clear in point 8 of my posting, and (b) my original heading said "apparently", meaning that it appeared to be in a .txt file, although it was in fact something else.
Anyway, you may also have done some good, simply by provoking a discussion. I suggest that a conclusion from this kind of experience is: Treat EVERY email that you receive as potentially harmfull, until and unless you have a good reason to believe that it is legitimate. I know, the difficult thing can be how to decide what is a good reason to trust an email....
Oliver
| | | |
To report site rules violations or get help, contact a site moderator:
You can also contact site staff by
submitting a support request »
Virus apparently in a .txt file
| Pastey | Your smart companion app
Pastey is an innovative desktop application that bridges the gap between human expertise and artificial intelligence. With intuitive keyboard shortcuts, Pastey transforms your source text into AI-powered draft translations.
Find out more » |
|
| Protemos translation business management system | Create your account in minutes, and start working! 3-month trial for agencies, and free for freelancers!
The system lets you keep client/vendor database, with contacts and rates, manage projects and assign jobs to vendors, issue invoices, track payments, store and manage project files, generate business reports on turnover profit per client/manager etc.
More info » |
|
Login to reply/comment 
