Showing posts with label Virus. Show all posts
Showing posts with label Virus. Show all posts

4/21/2015

STD 411

No, this post is not about Sexually Transmitted Diseases, Read on...

It seems that since I posted a few responses on the Yahoo forums, as well as on this blog, that I've come under attack via my computer. Call me crazy but I never receive any e mail from my admin account on one of my websites.Until earlier yesterday. In it, was an attachment that was named STD_411.zip. And of course, Mr.curious here figured He has McAfee "Live Safe" running, so there's no way the executable file could infect my PC.
 I was wrong.

Not only did I unzip it, but clicked on the .exe file (That had a .PDF Icon), it didn't  detect shit. Quickly, I unplugged my PC, and sat back wondering what damage (if any) had already been done. On my phone I quickly started changing my Facebook, Yahoo, Google, and other app passwords.
I then researched this "Trojan". It's new, it's nasty, and it took Windows Security EssentialsFREE, by the way, to find and clean it.

Word to the masses. Don't be an idiot and think that your immune from viruses just because your running anti virus/malware programs. This little sucker probably already took data off of my hard drive.

The e-mail full header below.


Return-path:
Envelope-to: admin@totallydelco.com
Delivery-date: Mon, 20 Apr 2015 14:27:24 -0700
Received: from [81.149.32.190] (port=4132 helo=host217-46-207-16.in-addr.btopenworld.com)
by a2plcpnl0043.prod.iad2.secureserver.net with esmtp (Exim 4.85)
(envelope-from )
id 1YkJDu-004BHQ-TW
for admin@totallydelco.com; Mon, 20 Apr 2015 14:27:24 -0700
Message-ID: <8i11kay5 .2821248="" bottomline.com="">
Date: Mon, 20 Apr 2015 22:13:32 +0000
From: "Sallie Rosa"
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: admin@totallydelco.com
Subject: Annual Form - Authorization to Use Privately Owned Vehicle on State Business
Content-Type: multipart/mixed;
  boundary="------------040604080103020107080200"

This is a multi-part message in MIME format.
--------------040604080103020107080200
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

All employees need to have on file this form STD 371 (attached).  The original is retained by supervisor and copy goes to Accounting. Accounting need this form to approve mileage reimbursement.

The form can be used for multiple years, however it needs to re-signed annually by employee and supervisor.

Please confirm all employees that may travel using their private car on state business (including training) has a current STD 371 on file.  Not having a current copy of this form on file in Accounting may delay a travel reimbursement claim.

--------------040604080103020107080200
Content-Type: application/zip; name="STD_411.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="STD_411.zip"


All employees need to have on file this form STD 371 (attached).  The original is retained by supervisor and copy goes to Accounting. Accounting need this form to approve mileage reimbursement.

The form can be used for multiple years, however it needs to re-signed annually by employee and supervisor.

Please confirm all employees that may travel using their private car on state business (including training) has a current STD 371 on file.  Not having a current copy of this form on file in Accounting may delay a travel reimbursement claim.
application/zip STD_411.zip (87 KB)
Archive Name: STD_411.zip
Archive File Size: 65321 bytes
File Count: 1 file

               Attributes      Size      Modified Date    Method     Ratio
--------------------------------------------------------------------------
STD_411.exe         -A---    119912  21-Apr-2015 10:53  Deflated     54.4%
--------------------------------------------------------------------------