Note: The Rootsweb Mailing Lists will be shut down on April 6, 2023. (More info)
RootsWeb.com Mailing Lists
Home

Results for list 'arkansas'

Total: 1/1
    1. [ARKANSAS] BadTrans-Read Immediately! From List Mom
    2. Diana Boothe

    3. Hey everybody, I hate to start this already, and hopefully this won't be the topic of discussion for the next three days, but the BadTrans virus is still on the loose. DO NOT OPEN ANY ATTACHMENTS FROM ANYONE YOU DON'T KNOW! I would recommend for everyone, if they don't already, to get some type of anti-virus protection for your computer. There are really good ones out there, and some are even free, so please, protect yourselves! I am sending on to you Symantec's breakdown of the BadTrans virus, or, you can read it yourself, here........... http://www.symantec.com/avcenter/venc/data/[email protected] It's sneaky, it will appear as a response to an e-mail you sent, since it replys to unanswered mail. Remember, you will NEVER receive an attachment from RootsWeb............they come from the individuals computer that has become infected. Most of the time, they are not even aware that they have it. PLEASE watch out for yourselves. If anyone needs help finding anti-virus software, or if you have any questions, please contact me OFF list. Diana [email protected] Discovered on: April 11, 2001 Last Updated on: September 4, 2001 at 03:19:58 PM PDT Printer-friendly version Tell a Friend Due to the decreased number of reports, the threat level for this worm has been downgraded from 4 to 3. It is a MAPI worm that replies to all unread messages in your email message folders and drops a backdoor Trojan. Also Known As: W32/Badtrans-A, W32/[email protected], BadTrans, IWorm_Badtrans, I-Worm.Badtrans, TROJ_BADTRANS.A, Pws-AV Trojan Type: Worm Infection Length: 13312 Virus Definitions: April 11, 2001 Threat Assessment: Wild: High Damage: Medium Distribution: High Wild: Number of infections: 50 - 999 Number of sites: More than 10 Geographical distribution: High Threat containment: Easy Removal: Easy Damage: Payload: Large scale e-mailing: It replies to all unread messages in the message folders within the default MAPI email program. Compromises security settings: It drops a backdoor Trojan. Technical description: When the worm is executed, it drops the backdoor Trojan Hkk32.exe into the \Windows folder and executes it. It then copies itself into the \Windows folder as inetd.exe, adds a run= line to the Win.ini file, and displays the following message: The next time that the computer is restarted, the worm waits for five minutes and then uses MAPI to find all unread email messages and reply to all of them. The worm attaches itself to the message using one of the following file names: Pics.ZIP.scr images.pif README.TXT.pif New_Napster_Site.DOC.scr news_doc.scr hamster.ZIP.scr YOU_are_FAT!.TXT.pif searchURL.scr SETUP.pif Card.pif Me_nude.AVI.pif Sorry_about_yesterday.DOC.pif s3msong.MP3.pif docs.scr Humor.TXT.pif fun.pif

    09/05/2001 07:22:01