Destructive Virus that McAfee can't detect... 
Author Message
 Destructive Virus that McAfee can't detect...

I received an e-mail last night in Outlook Express.  Earlier this week I
updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
also am running McAfee and have all my e-mail attachments scanned.  The
virus was able to run by merely previewing e-mail.  I received it as

Holiday Savings".  I normally click on this kind of stuff and delete it,
but when I went back to my inbox, it was empty.  I knew exactly where to
look and sure enough with a little testing I can easily eliminate all
mails from my inbox by previewing this e-mail.  Once infected it will
remove all e-mail from the current folder when you close Outlook
Express.  I immediately took the computer off line and am using a
different computer that was turned off at the time of the attack as well
as I am using Netscape 4.7 for the time being.  I was able to reinstall
IE 5.5 and Internet components and I believe I have removed the virus
from my computer.  My mails remain in my inbox when I close and restart
Outlook Express though I am not up to SP2 yet because the computer it
still off of any networks until I get this identified.  I am concerned
that it may still be lying on my disk and waiting until I hook the
computer up to a network to try and propagate itself since no scanning
software appears to catch it.  I have provided the virus e-mail to CERT
and they are looking into it.  Their initial diagnosis was SirCAM, but I
believe that was a red herring.  The reason it that SirCAM has never
been reported to delete mail folders as well as McAfee is supposed to
protect against SirCAM.  Also I had received a couple of e-mails earlier
in the day that did have SirCAM attached and they went in the Deleted
File folder.  I was able to look at the virus in a hex editor I can see
the 2 e-mails that had SirCAM attached and I also see some other e-mails
that I had previously deleted.  I believe the virus is trying to
disguise itself by using whatever it finds in the trash, and in my case
some of my garbage contained SirCAM.  I believe this is a different and
yet unreported virus.  Has anyone heard of anything like this?  I can't
find anything about "deleting inbox" on any of the Virus detection
sites.  I am concerned about propagating it and will keep my computer
off line until I can identify and eliminate it.
Thanks for your help!
Dave


Sat, 13 Mar 2004 13:39:28 GMT  
 Destructive Virus that McAfee can't detect...
Hi,

I am not sure about if this issue comes from a virus, but it is also
possible...

But I am use of one thing that, if McAfee runs with Outlook Express, it
causes the loss of all e-mails in a randomly selected directory and / or the
directory that you are in !!! ( Sometimes , you can also see / watch that
e-mails disappear . )

This is a bug of VSC which is not solved yet.

Good Luck..

Orhan


Quote:
> I received an e-mail last night in Outlook Express.  Earlier this week I
> updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
> also am running McAfee and have all my e-mail attachments scanned.  The
> virus was able to run by merely previewing e-mail.  I received it as

> Holiday Savings".  I normally click on this kind of stuff and delete it,
> but when I went back to my inbox, it was empty.  I knew exactly where to
> look and sure enough with a little testing I can easily eliminate all
> mails from my inbox by previewing this e-mail.  Once infected it will
> remove all e-mail from the current folder when you close Outlook
> Express.  I immediately took the computer off line and am using a
> different computer that was turned off at the time of the attack as well
> as I am using Netscape 4.7 for the time being.  I was able to reinstall
> IE 5.5 and Internet components and I believe I have removed the virus
> from my computer.  My mails remain in my inbox when I close and restart
> Outlook Express though I am not up to SP2 yet because the computer it
> still off of any networks until I get this identified.  I am concerned
> that it may still be lying on my disk and waiting until I hook the
> computer up to a network to try and propagate itself since no scanning
> software appears to catch it.  I have provided the virus e-mail to CERT
> and they are looking into it.  Their initial diagnosis was SirCAM, but I
> believe that was a red herring.  The reason it that SirCAM has never
> been reported to delete mail folders as well as McAfee is supposed to
> protect against SirCAM.  Also I had received a couple of e-mails earlier
> in the day that did have SirCAM attached and they went in the Deleted
> File folder.  I was able to look at the virus in a hex editor I can see
> the 2 e-mails that had SirCAM attached and I also see some other e-mails
> that I had previously deleted.  I believe the virus is trying to
> disguise itself by using whatever it finds in the trash, and in my case
> some of my garbage contained SirCAM.  I believe this is a different and
> yet unreported virus.  Has anyone heard of anything like this?  I can't
> find anything about "deleting inbox" on any of the Virus detection
> sites.  I am concerned about propagating it and will keep my computer
> off line until I can identify and eliminate it.
> Thanks for your help!
> Dave



Fri, 12 Mar 2004 18:50:53 GMT  
 Destructive Virus that McAfee can't detect...
Are you suggesting that VirusScan is actually deleting my e-mails!  This is
highly irregular.  I have been waiting until Monday to call McAfee so I will
contact them now and see what they say.  It doesn't seem right though, as I
reinstalled IE 5.5 and Internet Components and the deleting of my mails has
ceased.  I still have the computer offline as I don't know how this virus (if
that is what it is) is propagated.  Thanks for the info.  Anything is
appreciated at this point.
Regards,
Dave
Quote:

> Hi,

> I am not sure about if this issue comes from a virus, but it is also
> possible...

> But I am use of one thing that, if McAfee runs with Outlook Express, it
> causes the loss of all e-mails in a randomly selected directory and / or the
> directory that you are in !!! ( Sometimes , you can also see / watch that
> e-mails disappear . )

> This is a bug of VSC which is not solved yet.

> Good Luck..

> Orhan



> > I received an e-mail last night in Outlook Express.  Earlier this week I
> > updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
> > also am running McAfee and have all my e-mail attachments scanned.  The
> > virus was able to run by merely previewing e-mail.  I received it as

> > Holiday Savings".  I normally click on this kind of stuff and delete it,
> > but when I went back to my inbox, it was empty.  I knew exactly where to
> > look and sure enough with a little testing I can easily eliminate all
> > mails from my inbox by previewing this e-mail.  Once infected it will
> > remove all e-mail from the current folder when you close Outlook
> > Express.  I immediately took the computer off line and am using a
> > different computer that was turned off at the time of the attack as well
> > as I am using Netscape 4.7 for the time being.  I was able to reinstall
> > IE 5.5 and Internet components and I believe I have removed the virus
> > from my computer.  My mails remain in my inbox when I close and restart
> > Outlook Express though I am not up to SP2 yet because the computer it
> > still off of any networks until I get this identified.  I am concerned
> > that it may still be lying on my disk and waiting until I hook the
> > computer up to a network to try and propagate itself since no scanning
> > software appears to catch it.  I have provided the virus e-mail to CERT
> > and they are looking into it.  Their initial diagnosis was SirCAM, but I
> > believe that was a red herring.  The reason it that SirCAM has never
> > been reported to delete mail folders as well as McAfee is supposed to
> > protect against SirCAM.  Also I had received a couple of e-mails earlier
> > in the day that did have SirCAM attached and they went in the Deleted
> > File folder.  I was able to look at the virus in a hex editor I can see
> > the 2 e-mails that had SirCAM attached and I also see some other e-mails
> > that I had previously deleted.  I believe the virus is trying to
> > disguise itself by using whatever it finds in the trash, and in my case
> > some of my garbage contained SirCAM.  I believe this is a different and
> > yet unreported virus.  Has anyone heard of anything like this?  I can't
> > find anything about "deleting inbox" on any of the Virus detection
> > sites.  I am concerned about propagating it and will keep my computer
> > off line until I can identify and eliminate it.
> > Thanks for your help!
> > Dave



Sun, 14 Mar 2004 00:56:54 GMT  
 Destructive Virus that McAfee can't detect...
Hello Orhan,
I have confirmed this with Microsoft, but McAfee had nothing to say.  Actually
Microsoft's official stand was they are unsure what is causing the problem, but
they have had similar reports before and the only commonality was they were all
running McAfee VirusScan.  I am going to provide my Outlook Express .dbx files
to Microsoft for their disposal, but I am now of the belief that this is not a
virus, but rather a viscous bug that destroyed my data.  What's a person to do?
Run virus software and run the risk of it destroying your data or don't run
virus software and run the risk of viscous infection?  Maybe Symantic's product
is better suited for use with Microsoft products.  Any word of problems with
Norton Anti-Virus and Outlook Express?
Thanks for your help,
Dave
Quote:

> Hi,

> I am not sure about if this issue comes from a virus, but it is also
> possible...

> But I am use of one thing that, if McAfee runs with Outlook Express, it
> causes the loss of all e-mails in a randomly selected directory and / or the
> directory that you are in !!! ( Sometimes , you can also see / watch that
> e-mails disappear . )

> This is a bug of VSC which is not solved yet.

> Good Luck..

> Orhan



> > I received an e-mail last night in Outlook Express.  Earlier this week I
> > updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
> > also am running McAfee and have all my e-mail attachments scanned.  The
> > virus was able to run by merely previewing e-mail.  I received it as

> > Holiday Savings".  I normally click on this kind of stuff and delete it,
> > but when I went back to my inbox, it was empty.  I knew exactly where to
> > look and sure enough with a little testing I can easily eliminate all
> > mails from my inbox by previewing this e-mail.  Once infected it will
> > remove all e-mail from the current folder when you close Outlook
> > Express.  I immediately took the computer off line and am using a
> > different computer that was turned off at the time of the attack as well
> > as I am using Netscape 4.7 for the time being.  I was able to reinstall
> > IE 5.5 and Internet components and I believe I have removed the virus
> > from my computer.  My mails remain in my inbox when I close and restart
> > Outlook Express though I am not up to SP2 yet because the computer it
> > still off of any networks until I get this identified.  I am concerned
> > that it may still be lying on my disk and waiting until I hook the
> > computer up to a network to try and propagate itself since no scanning
> > software appears to catch it.  I have provided the virus e-mail to CERT
> > and they are looking into it.  Their initial diagnosis was SirCAM, but I
> > believe that was a red herring.  The reason it that SirCAM has never
> > been reported to delete mail folders as well as McAfee is supposed to
> > protect against SirCAM.  Also I had received a couple of e-mails earlier
> > in the day that did have SirCAM attached and they went in the Deleted
> > File folder.  I was able to look at the virus in a hex editor I can see
> > the 2 e-mails that had SirCAM attached and I also see some other e-mails
> > that I had previously deleted.  I believe the virus is trying to
> > disguise itself by using whatever it finds in the trash, and in my case
> > some of my garbage contained SirCAM.  I believe this is a different and
> > yet unreported virus.  Has anyone heard of anything like this?  I can't
> > find anything about "deleting inbox" on any of the Virus detection
> > sites.  I am concerned about propagating it and will keep my computer
> > off line until I can identify and eliminate it.
> > Thanks for your help!
> > Dave



Sun, 14 Mar 2004 08:40:38 GMT  
 Destructive Virus that McAfee can't detect...
Norton has as many problems with OE and Microsoft as McAfee does.  It is amazing that
the AV programs that work and work well are the free or low cost ones  --- I would
advise looking at AVG  www.grisoft.com or EZ-Trust (paid version of IPE)


: Hello Orhan,
: I have confirmed this with Microsoft, but McAfee had nothing to say.  Actually
: Microsoft's official stand was they are unsure what is causing the problem, but
: they have had similar reports before and the only commonality was they were all
: running McAfee VirusScan.  I am going to provide my Outlook Express .dbx files
: to Microsoft for their disposal, but I am now of the belief that this is not a
: virus, but rather a viscous bug that destroyed my data.  What's a person to do?
: Run virus software and run the risk of it destroying your data or don't run
: virus software and run the risk of viscous infection?  Maybe Symantic's product
: is better suited for use with Microsoft products.  Any word of problems with
: Norton Anti-Virus and Outlook Express?
: Thanks for your help,
: Dave
:
:

:
: > Hi,
: >
: > I am not sure about if this issue comes from a virus, but it is also
: > possible...
: >
: > But I am use of one thing that, if McAfee runs with Outlook Express, it
: > causes the loss of all e-mails in a randomly selected directory and / or the
: > directory that you are in !!! ( Sometimes , you can also see / watch that
: > e-mails disappear . )
: >
: > This is a bug of VSC which is not solved yet.
: >
: > Good Luck..
: >
: > Orhan
: >


: > > I received an e-mail last night in Outlook Express.  Earlier this week I
: > > updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
: > > also am running McAfee and have all my e-mail attachments scanned.  The
: > > virus was able to run by merely previewing e-mail.  I received it as

: > > Holiday Savings".  I normally click on this kind of stuff and delete it,
: > > but when I went back to my inbox, it was empty.  I knew exactly where to
: > > look and sure enough with a little testing I can easily eliminate all
: > > mails from my inbox by previewing this e-mail.  Once infected it will
: > > remove all e-mail from the current folder when you close Outlook
: > > Express.  I immediately took the computer off line and am using a
: > > different computer that was turned off at the time of the attack as well
: > > as I am using Netscape 4.7 for the time being.  I was able to reinstall
: > > IE 5.5 and Internet components and I believe I have removed the virus
: > > from my computer.  My mails remain in my inbox when I close and restart
: > > Outlook Express though I am not up to SP2 yet because the computer it
: > > still off of any networks until I get this identified.  I am concerned
: > > that it may still be lying on my disk and waiting until I hook the
: > > computer up to a network to try and propagate itself since no scanning
: > > software appears to catch it.  I have provided the virus e-mail to CERT
: > > and they are looking into it.  Their initial diagnosis was SirCAM, but I
: > > believe that was a red herring.  The reason it that SirCAM has never
: > > been reported to delete mail folders as well as McAfee is supposed to
: > > protect against SirCAM.  Also I had received a couple of e-mails earlier
: > > in the day that did have SirCAM attached and they went in the Deleted
: > > File folder.  I was able to look at the virus in a hex editor I can see
: > > the 2 e-mails that had SirCAM attached and I also see some other e-mails
: > > that I had previously deleted.  I believe the virus is trying to
: > > disguise itself by using whatever it finds in the trash, and in my case
: > > some of my garbage contained SirCAM.  I believe this is a different and
: > > yet unreported virus.  Has anyone heard of anything like this?  I can't
: > > find anything about "deleting inbox" on any of the Virus detection
: > > sites.  I am concerned about propagating it and will keep my computer
: > > off line until I can identify and eliminate it.
: > > Thanks for your help!
: > > Dave
: > >
: > >
: > >
: > >
:



Sat, 13 Mar 2004 19:57:34 GMT  
 Destructive Virus that McAfee can't detect...
Thank you for your input.  I will check it out.
Warm Regards,
Dave
Quote:

> Norton has as many problems with OE and Microsoft as McAfee does.  It is amazing that
> the AV programs that work and work well are the free or low cost ones  --- I would
> advise looking at AVG  www.grisoft.com or EZ-Trust (paid version of IPE)



> : Hello Orhan,
> : I have confirmed this with Microsoft, but McAfee had nothing to say.  Actually
> : Microsoft's official stand was they are unsure what is causing the problem, but
> : they have had similar reports before and the only commonality was they were all
> : running McAfee VirusScan.  I am going to provide my Outlook Express .dbx files
> : to Microsoft for their disposal, but I am now of the belief that this is not a
> : virus, but rather a viscous bug that destroyed my data.  What's a person to do?
> : Run virus software and run the risk of it destroying your data or don't run
> : virus software and run the risk of viscous infection?  Maybe Symantic's product
> : is better suited for use with Microsoft products.  Any word of problems with
> : Norton Anti-Virus and Outlook Express?
> : Thanks for your help,
> : Dave
> :
> :

> :
> : > Hi,
> : >
> : > I am not sure about if this issue comes from a virus, but it is also
> : > possible...
> : >
> : > But I am use of one thing that, if McAfee runs with Outlook Express, it
> : > causes the loss of all e-mails in a randomly selected directory and / or the
> : > directory that you are in !!! ( Sometimes , you can also see / watch that
> : > e-mails disappear . )
> : >
> : > This is a bug of VSC which is not solved yet.
> : >
> : > Good Luck..
> : >
> : > Orhan
> : >


> : > > I received an e-mail last night in Outlook Express.  Earlier this week I
> : > > updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
> : > > also am running McAfee and have all my e-mail attachments scanned.  The
> : > > virus was able to run by merely previewing e-mail.  I received it as

> : > > Holiday Savings".  I normally click on this kind of stuff and delete it,
> : > > but when I went back to my inbox, it was empty.  I knew exactly where to
> : > > look and sure enough with a little testing I can easily eliminate all
> : > > mails from my inbox by previewing this e-mail.  Once infected it will
> : > > remove all e-mail from the current folder when you close Outlook
> : > > Express.  I immediately took the computer off line and am using a
> : > > different computer that was turned off at the time of the attack as well
> : > > as I am using Netscape 4.7 for the time being.  I was able to reinstall
> : > > IE 5.5 and Internet components and I believe I have removed the virus
> : > > from my computer.  My mails remain in my inbox when I close and restart
> : > > Outlook Express though I am not up to SP2 yet because the computer it
> : > > still off of any networks until I get this identified.  I am concerned
> : > > that it may still be lying on my disk and waiting until I hook the
> : > > computer up to a network to try and propagate itself since no scanning
> : > > software appears to catch it.  I have provided the virus e-mail to CERT
> : > > and they are looking into it.  Their initial diagnosis was SirCAM, but I
> : > > believe that was a red herring.  The reason it that SirCAM has never
> : > > been reported to delete mail folders as well as McAfee is supposed to
> : > > protect against SirCAM.  Also I had received a couple of e-mails earlier
> : > > in the day that did have SirCAM attached and they went in the Deleted
> : > > File folder.  I was able to look at the virus in a hex editor I can see
> : > > the 2 e-mails that had SirCAM attached and I also see some other e-mails
> : > > that I had previously deleted.  I believe the virus is trying to
> : > > disguise itself by using whatever it finds in the trash, and in my case
> : > > some of my garbage contained SirCAM.  I believe this is a different and
> : > > yet unreported virus.  Has anyone heard of anything like this?  I can't
> : > > find anything about "deleting inbox" on any of the Virus detection
> : > > sites.  I am concerned about propagating it and will keep my computer
> : > > off line until I can identify and eliminate it.
> : > > Thanks for your help!
> : > > Dave
> : > >
> : > >
> : > >
> : > >
> :



Sun, 14 Mar 2004 01:15:30 GMT  
 Destructive Virus that McAfee can't detect...


Quote:
> Are you suggesting that VirusScan is actually deleting my e-mails!  

Well I wouldn't call it deleting them - I was call it destroying the data
files which contain the emails :-(
http://members.iinet.net.au/~sandi/MVP/Darnit.htm

--

Please do not send an email unless asked to do so.
________________________________________
Sandi ...
Microsoft MVP (Internet Explorer and Outlook Express)
http://members.iinet.net.au/~sandi/MVP/index.htm



Sun, 14 Mar 2004 14:33:48 GMT  
 Destructive Virus that McAfee can't detect...

unfortunately yes ...


Quote:
> Are you suggesting that VirusScan is actually deleting my e-mails!  This
is
> highly irregular.  I have been waiting until Monday to call McAfee so I
will
> contact them now and see what they say.  It doesn't seem right though, as
I
> reinstalled IE 5.5 and Internet Components and the deleting of my mails
has
> ceased.  I still have the computer offline as I don't know how this virus
(if
> that is what it is) is propagated.  Thanks for the info.  Anything is
> appreciated at this point.
> Regards,
> Dave


> > Hi,

> > I am not sure about if this issue comes from a virus, but it is also
> > possible...

> > But I am use of one thing that, if McAfee runs with Outlook Express, it
> > causes the loss of all e-mails in a randomly selected directory and / or
the
> > directory that you are in !!! ( Sometimes , you can also see / watch
that
> > e-mails disappear . )

> > This is a bug of VSC which is not solved yet.

> > Good Luck..

> > Orhan



> > > I received an e-mail last night in Outlook Express.  Earlier this week
I
> > > updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
> > > also am running McAfee and have all my e-mail attachments scanned.
The
> > > virus was able to run by merely previewing e-mail.  I received it as

> > > Holiday Savings".  I normally click on this kind of stuff and delete
it,
> > > but when I went back to my inbox, it was empty.  I knew exactly where
to
> > > look and sure enough with a little testing I can easily eliminate all
> > > mails from my inbox by previewing this e-mail.  Once infected it will
> > > remove all e-mail from the current folder when you close Outlook
> > > Express.  I immediately took the computer off line and am using a
> > > different computer that was turned off at the time of the attack as
well
> > > as I am using Netscape 4.7 for the time being.  I was able to
reinstall
> > > IE 5.5 and Internet components and I believe I have removed the virus
> > > from my computer.  My mails remain in my inbox when I close and
restart
> > > Outlook Express though I am not up to SP2 yet because the computer it
> > > still off of any networks until I get this identified.  I am concerned
> > > that it may still be lying on my disk and waiting until I hook the
> > > computer up to a network to try and propagate itself since no scanning
> > > software appears to catch it.  I have provided the virus e-mail to
CERT
> > > and they are looking into it.  Their initial diagnosis was SirCAM, but
I
> > > believe that was a red herring.  The reason it that SirCAM has never
> > > been reported to delete mail folders as well as McAfee is supposed to
> > > protect against SirCAM.  Also I had received a couple of e-mails
earlier
> > > in the day that did have SirCAM attached and they went in the Deleted
> > > File folder.  I was able to look at the virus in a hex editor I can
see
> > > the 2 e-mails that had SirCAM attached and I also see some other
e-mails
> > > that I had previously deleted.  I believe the virus is trying to
> > > disguise itself by using whatever it finds in the trash, and in my
case
> > > some of my garbage contained SirCAM.  I believe this is a different
and
> > > yet unreported virus.  Has anyone heard of anything like this?  I
can't
> > > find anything about "deleting inbox" on any of the Virus detection
> > > sites.  I am concerned about propagating it and will keep my computer
> > > off line until I can identify and eliminate it.
> > > Thanks for your help!
> > > Dave



Sun, 14 Mar 2004 20:41:31 GMT  
 Destructive Virus that McAfee can't detect...


Quote:
> Hello Orhan,
> I have confirmed this with Microsoft, but McAfee had nothing to say.
Actually
> Microsoft's official stand was they are unsure what is causing the
problem, but
> they have had similar reports before and the only commonality was they
were all
> running McAfee VirusScan.  I am going to provide my Outlook Express .dbx
files
> to Microsoft for their disposal, but I am now of the belief that this is
not a
> virus, but rather a viscous bug that destroyed my data.  What's a person
to do?
> Run virus software and run the risk of it destroying your data or don't
run
> virus software and run the risk of viscous infection?  Maybe Symantic's
product
> is better suited for use with Microsoft products.  Any word of problems
with
> Norton Anti-Virus and Outlook Express?
> Thanks for your help,
> Dave

Dave,
All products have bugs and while NAV or AVG or (my choice) F-Secure may not
have this problem they all do have their own problems, this is just
VirusScan's own problem you are seeing. Small comfort I know, but I wanted
to say that no product is perfect and you might just be moving your niggles
and problems from email to something else by changing scanners.

In the case of VirusScan, I'd stop it scanning my email and outlook express
email folders, and practice some discipline in being very careful to scan
any files you receive as an attachment, and be sure to practice "safe
computing" when dealing with untrusted files. This will give you as much or
more (providing you are strict about practicing safe computing) protection
as using the scanner to scan email directly. But sadly there is always a
trade-off to be made somewhere.

--
--
Robert Moir, Microsoft MVP
To search the MS Knowledge base use the link below:
http://support.microsoft.com/support/search/c.asp?PSL=1
My Homepage - http://www.robertmoir.co.uk
** Emailed questions will not be answered **



Mon, 15 Mar 2004 03:55:26 GMT  
 Destructive Virus that McAfee can't detect...
Sure you may use AntiVirus and you may also collect and use any data of your
PC in proper...

If VSC 4.x and / or 5.x continue to cause this issue I guess you may try an
another solution:

NVC of Norman
NAV of Symantec
AVP of Kaspersky

OR VSC 6.01 ( new comer of NAI - single user ; but not sure if they have
fixed this issue ! )

regards...

Orhan


Quote:
> Hello Orhan,
> I have confirmed this with Microsoft, but McAfee had nothing to say.
Actually
> Microsoft's official stand was they are unsure what is causing the
problem, but
> they have had similar reports before and the only commonality was they
were all
> running McAfee VirusScan.  I am going to provide my Outlook Express .dbx
files
> to Microsoft for their disposal, but I am now of the belief that this is
not a
> virus, but rather a viscous bug that destroyed my data.  What's a person
to do?
> Run virus software and run the risk of it destroying your data or don't
run
> virus software and run the risk of viscous infection?  Maybe Symantic's
product
> is better suited for use with Microsoft products.  Any word of problems
with
> Norton Anti-Virus and Outlook Express?
> Thanks for your help,
> Dave


> > Hi,

> > I am not sure about if this issue comes from a virus, but it is also
> > possible...

> > But I am use of one thing that, if McAfee runs with Outlook Express, it
> > causes the loss of all e-mails in a randomly selected directory and / or
the
> > directory that you are in !!! ( Sometimes , you can also see / watch
that
> > e-mails disappear . )

> > This is a bug of VSC which is not solved yet.

> > Good Luck..

> > Orhan



> > > I received an e-mail last night in Outlook Express.  Earlier this week
I
> > > updated my Win2K system with SP2 and I also updated to IE 5.5 SP2.  I
> > > also am running McAfee and have all my e-mail attachments scanned.
The
> > > virus was able to run by merely previewing e-mail.  I received it as

> > > Holiday Savings".  I normally click on this kind of stuff and delete
it,
> > > but when I went back to my inbox, it was empty.  I knew exactly where
to
> > > look and sure enough with a little testing I can easily eliminate all
> > > mails from my inbox by previewing this e-mail.  Once infected it will
> > > remove all e-mail from the current folder when you close Outlook
> > > Express.  I immediately took the computer off line and am using a
> > > different computer that was turned off at the time of the attack as
well
> > > as I am using Netscape 4.7 for the time being.  I was able to
reinstall
> > > IE 5.5 and Internet components and I believe I have removed the virus
> > > from my computer.  My mails remain in my inbox when I close and
restart
> > > Outlook Express though I am not up to SP2 yet because the computer it
> > > still off of any networks until I get this identified.  I am concerned
> > > that it may still be lying on my disk and waiting until I hook the
> > > computer up to a network to try and propagate itself since no scanning
> > > software appears to catch it.  I have provided the virus e-mail to
CERT
> > > and they are looking into it.  Their initial diagnosis was SirCAM, but
I
> > > believe that was a red herring.  The reason it that SirCAM has never
> > > been reported to delete mail folders as well as McAfee is supposed to
> > > protect against SirCAM.  Also I had received a couple of e-mails
earlier
> > > in the day that did have SirCAM attached and they went in the Deleted
> > > File folder.  I was able to look at the virus in a hex editor I can
see
> > > the 2 e-mails that had SirCAM attached and I also see some other
e-mails
> > > that I had previously deleted.  I believe the virus is trying to
> > > disguise itself by using whatever it finds in the trash, and in my
case
> > > some of my garbage contained SirCAM.  I believe this is a different
and
> > > yet unreported virus.  Has anyone heard of anything like this?  I
can't
> > > find anything about "deleting inbox" on any of the Virus detection
> > > sites.  I am concerned about propagating it and will keep my computer
> > > off line until I can identify and eliminate it.
> > > Thanks for your help!
> > > Dave



Sun, 21 Mar 2004 20:41:46 GMT  
 
 [ 10 post ] 

 Relevant Pages 

1. Destructive virus that McAfee can't catch...

2. Can't update Mcafee Virus Scan

3. Using CGI module with 'canned queries'

4. Clipper 87 & Mcafee virus Scan

5. McAfee NewsSniffer Warning: Virus posted to this newsgroup

6. uninstalling of McAfee Virus Scan

7. Mcafee virus scan online and signature error

8. McAfee virus upgrade

9. McAfee Virus Scan 6.0

10. McAfee virus scan program

11. used mcafee viruscan online to get rid of virus

12. Phantom Boot Sector Virus with McAfee?

 

 
Powered by phpBB® Forum Software