I recently got an e-mail which introduced "vampire" code into my machine. It was from an address which sounded like it belonged to another Marine. It wasn't. I realize now it may have been hijacked by a hacker to avoid being tracked. When opened, there was no message. However, an attached zipfile, "document.zip", created a self-executing script file "document.scr", whch promptly invaded the system, and began siphoning off information. I removed the file created, but discovered later it had copied itself to another location, and had continued its thievery, unbeknownst to me.

The sender address to watch for is:

usmcronbo1@aol.com

I originally thought it belonged to someone from this website. I was wrong. There is no such address or profile in the database. So, ...If this e-mail shows up in any of your Inboxes, toss that puppy out unopened.

namgrunt :o :mad:

Namgrunt, thanks for the info. I don't quite understand the enjoyment or pleasure people get from starting viruses, but it sure is a turn-on for a lot of em. Once again, thanks for the heads-up.

Bob

Copied, and forwarded to AOL. Who knows, maybe they can find something.

Terry

If i'm not sure of a email, I first check it with Nortons AntiVirus or just delete it.

namgrunt:

Are you running an Anti-virus program such as Norton? I would be interested to know if the virus got past some vendor's product for future reference when it is time to renew my subscription... I'm currently running Norton.

UPDATE:

I received an e-mail from the real owner of the address I posted. He says he was flooded with those "Mailer-Daemon" notices because his address was used to proliferate the data-sucking code. He seems legit, and was answering my scathing reply. A hacker would have just laughed and blocked my response.

Yeah, I do have Anti-virus software and a Firewall, neither of which made a peep when the offending message came through. I was partly at fault, because I let the "USMC" part of the address lower my guard, and opened the attachment. The rest was history. To put it mildly, I didn't challenge a stranger at my post, and got blown up for it. Or,... I moved a suspicious item and found it was booby-trapped.

I posted to you guys, because the hacker who sent the e-mail had knowledge of my military affiliation. That connection isn't evident from my regular e-mail address, so it meant he had someone's address book listings.

namgrunt

antivirus, I have been running AVG for about 6 years and have not had any virus's, I also have run the same firewall for years. AVG has updates all the time last week alone there was one every day.

I use AVG as well, along with Zone Alarm firewall (free version). AVG's latest update found three instances of the "MYDOOM" virus hunkered in my machine's innards. All within the last week and a half. Go figure.

Worse yet are the spybots, which funnel information from your computer to an unknown site for whatever purpose that clown has concocted. I found a bunch of those squirreled on my hard drive. I used Spybot Search and Destroy to find and eliminate them.

I know the owner of that website personnally, you can count that Ron wouldn't spread a virus intentionally. I did a tour with him in 2/5 he is a fine Marine and brother 8541.

leroy8541
Thanks for the verification. Good to hear he is one of the good guys.
What company with 2/5? I served in Foxtrot back in '65-'66, when we were based at 33 Area (Camp Margarita). I made the wetnet landing at Chu Lai beach 12 April, '66. It was my first regular assignment after Boot Camp, ITR, and boot leave.

namgrunt

Golf co. we were also based at Camp Margerita. I believe our company gunny of Golf co. was with Hotel co. during that time frame, his name is Gunny Koon.

namgrunt

along with AVG I run sygate firewall and ad-aware to get rid of all the spyware. Most sites you go to use spyware, they track you on your computer to see where you are going. over the years the net has gotten really bad with virus's and spyware, not to mention all the spam mail. It's a never ending battle to keep CRAP out of a computer

leroy8541
I don't recall Gunny Koon, but thats because I didn't get to know many folks in other companies before we shipped out. Heck, I can't even remember my own C.O.'s name now. I'm getting senile. Our kids did real good on the road to Bagdad, didn't they. Doggone, I am proud of those young pups.

Bier95
I know what you mean. I wish I learned programming while I was younger. I'd be able to locate more of this crud-code on my hard drive. Some programs were actual name copies of normal Windows files, like Taskmon.dll. I found the original in Windows directory, and the bogus file in Windows\System directory. The bandit file's redirection of paths removed the correct file from access. Of course, I saw no "abnormal" files in my startup list. Tricky, tricky stuff.

Thanks for the heads up, I will never understand why people do such things as this.

Poolee_JLee

Some folks do it because they can, and want to brag. Some folks do it because they think its fun to rattle peoples' cages. Worse yet, some people do it to steal your info and sell it to marketing spammers. The bottom of the Ocean (where whales**t is found) is where you'll find the people who do it to steal your identity and burn you for all they can get before moving on to the next victim.

I'd love to get my hands on all of these types, but particularly the last two. They operate strictly from greed without regard to the lives they destroy. I'd call them Maggots, but that would be an INSULT to fly larvae throughout the world.

What is really sad is that a Marine has had his reputation smeared by knuckleheads for no reason. USMCRonbo1 is a brother Marine. He was as concerned about the spreading bug as I was. Since it was done in his name, he must have gotten lots of angry e-mails. That is precisely why I contacted him.

It can happen to anyone. In his response, he told me he never even knew his machine had been compromised until the flood started. His "shielding" software programs told him his computer was clean. Hard to catch, huh.

Watch for the tripwires out in cyberland, and good luck.

It was Echo Company 2/5 (12Jan68 to 15Dec68?)