Spam & Virus Mail With Harmful Attachment: How TO GET OUT FROM IT

Have you received the Spam mail which is as same as mention below or any other spam mail which is of almost same type.

Receiving Spam mail is not problem the problem occur if you have installed the Document 08#3203.exe and instantly a pop start showing on your desktop.

The biggest question is why you have received this message in your mail and the comment is that you have sign up in any of the job searching website or you have publicly shared you email.

So this hacker or can say use your email to send an attachment in a ZIP File which if you open than after certain time a pop will show pay them some money or hardware will get crash

This provided below mail have been still send from two email id that i am providing below.If you received any other email address provide me so that i can up date

EMAIL ADDRESS:

1.asm_snehal@patcofood.com

2.cynthia@sariwangi.co.in

You can check the record of spam in the following web site:

1.http://hidebox.org/mail/re-request-for-qoutation-ashleytaylor019-2515348913

2.http://tools.cisco.com/security/center/viewAlert.x?alertId=37887

You can also check the Domain of Email when it registed and who registered

1.http://who.is/whois/patcofood.com

2.http://who.is/whois/sariwangi.co.in

See the image for your reference

Specimen of Virus / Spam Mail

Name Size in Bytes MD5 Checksum
Document 08#3203.exe / Document 08#3203.exe 454,656  0x14DE51E9C601D1947FAAAA3C9FB2313B


The following text is a sample of the email message that is associated with this threat outbreak:

Subject: Request for qoutation

Message Body:

Good day,
This is Sariwangi Trading Pty, Mumbai India. We are looking to replenish our stock this first quarter of 2015. We were referred to you by one of your satisfied customers. Please review the attached specification sheet containing the drawings and reply us with your best quote.
Cynthia Agarwal
Sariwangi Trading Pty
Mumbai, India

Cisco security appliances can help protect customers during the critical period between the first exploit of a virus outbreak and the release of vendor antivirus signatures. Cisco Web Security Appliances help secure and control web and email traffic by offering layers of malware protection. Cisco security appliances are automatically updated to help prevent both spam email and hostile web URLs from being passed to the end user.

Process To uninstall threat Mail application

I am really very sorry that i cant upload any video or image of this process because i had removed the threat from my P.C which i will write. So because i have removed it i dont have its original or copy

1.First close all the application running .If excel is running save it and close it(Close application from TASK BAR Completely It should not run in back ground).

2. After Press Window Key + R and Type it in the box %temp% and then Click OK (as shown in below picture)

3. When TEMP Folder will open then delete all the file one by one.

This is because when you click on spam or virus or Threat attachement (what ever you like to say it).At the time of click the installation process does not get shown and that application get installed.

Why installation not get shown

In normal installation procedure when any application is installed it ask path of installation folder of C: Driver by default in Program File or other Driver.

when any application does not ask installation procedure it means that by default it got save in TEMP Folder.

TEMP Folder is the folder which does not required any authentication by window and can save any file in it.

This Hacker use to steal inforation or Threat people

So in future if you receive any threat POP UP Message just close all the application and deleted the all file or folder created in TEMP Folder.

Thank You.

Loading Facebook Comments ...

No Trackbacks.

LIKE US ON FACEBOOK & SHARE ON GOOGLE , TWITTER, FACEBOOK