Note: The Rootsweb Mailing Lists will be shut down on April 6, 2023. (More info)
RootsWeb.com Mailing Lists
Home

Results for list 'folklore'

Total: 1/1
    1. Re: [FOLKLORE FAMILY] Bad-Trans.B Virus going around
    2. Kath

    3. Thanks LindaBee, HUGS, kath > This is a copy of the email I just sent to the Candyman Lists. So far I've > received three infected emails within 4 hours. Please be careful. > > Linda Bee > > > > Those of you on the Genie-Angels list know that several of us received the > Bad-Trans.B virus today. Please check your email subject line before you > open it and > if it has an attachment check below to see if it might be part of the > Bad-Trans.B > virus. You can tell if it is a Bad-Trans.B virus because there is an > underline before the return address in your inbox. As an example, instead of > being from "[email protected]" the email would be from > "[email protected]" with the underline first. > > Delete it immediately, then empty your trash folder. Update your virus > definitions and run a scan to be sure you are clean. > > This virus was discovered yesterday in Europe. I tried to update my Norton > and it is insisting that I'm up to date. I'm running a virus scan anyway. > When that is done I'll check Trend Micro's 'House Call'. If that includes > Bad-Trans.B, I'll run that. If not, I'll go to F-Secure and run their > program. Almost all of the anti-virus programs will let you try their > product for a free trial. > > Note: House Call is a free anti-virus program. It has also caught virus's > on my computer that Norton missed. > <A HREF="http://www.antivirus.com/pc-cillin/">Trend Micro PC-cillin, antivirus software</A> > http://www.antivirus.com/pc-cillin/ > > Under "Purchase Software" there is a line called 'try before you buy'. > <A HREF="http://www.fsecure.com/">Welcome to F-Secure, Securing the Mobile Enterprise</A> > http://www.fsecure.com/ > > I'm paraphrasing the information I've included below from F-Secure....The > Bad-Trans.B virus will take the addresses from all your unread email and send > it out with the worm attached. It doesn't start working until your computer > is shut down and then restarted. It then takes 5 minutes before it starts to > send email. > > If the Bad.Trans.B worm is sent to a computer that has an unread email with > "Reply" it will send that out. If the reply is to you, your computer will be > reinfected if you open that attachment. > > I received two infected emails today, both from the same person. They had > different subject lines but both had attachments. The attachment names are > in three parts which are listed below. The first one I received was > PICS.DOC.scf. I don't know what the second one had..I never opened it, just > deleted it and emptied my trash folder. > > Linda Bee > > Note: I just received another one from someone else on the lists. With all > three infected emails that I received I believe that almost all the lists > have someone on > them who is infected. I'm sure the people involved realized it now. Just in > case, I sent an email to the one who was just infected; the other happened > this afternoon so I'm sure they know. > > > Name of the attachment: > > FUN > HUMOR > DOC > SS3M > SONG > Sorry_about_yesterday > ME_NUDE > CARD > SETUP > SEARCHURL > YOU_ARE_FAT! > HAMSTER > NEWS_DOC > New_Napster_Site > README > IMAGES > PICS > > First extension: > > DOC > MP3ZIP > > Second extension: > > pif > scr > > > <A HREF="http://www.datafellows.com/v-descs/badtrans.shtml">F-Secure Computer Virus Information Pages: BadTrans</A> > http://www.datafellows.com/v-descs/badtrans.shtml > > <A HREF="http://www.datafellows.com/v-descs/info/variant.shtml">VARIANT:</A> Badtrans.B > <A HREF="http://www.datafellows.com/v-descs/info/alias.shtml">ALIAS:</A> BadtransII, I-Worm.BadtransII > Badtrans.B e-mail worm has been found from several locations in Europe on > 24th of November 2001. This worm sends e-mail messages without message text. > The attachments are variably named and with double extensions: > Name of the attachment: > FUN HUMOR DOC SS3M SONG Sorry_about_yesterday ME_NUDE CARD SETUP > SEARCHURL YOU_ARE_FAT! HAMSTER NEWS_DOC New_Napster_Site README > IMAGES PICS > > First extension: DOC MP3ZIP > > Second extinction: pif scr > > The attachment might execute automatically when the emails are viewed. To do > this Badtrans.B uses a known vulnerability in IE that allows execution of an > email attachment. This vulnerability is fixed and a patch for it is available > on Microsoft site: <A HREF="http://www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp"> > http://www.microsoft.com/windows/ie/downloads/critical/q290108/default.asp</A> > > The worm also drops a password stealing trogan KDLL.DLL detected by F-Secure > Anti-Virus as Trojan.PSW.Hooker. F-Secure Anti-Virus detects both variants > of Badtrans worm and trojan components with the updates published on November > 24, 2001 / 23:29 GMT. [F-Secure Corporation and Kaspersky Lab, November 24, > 2001] > > > > ==== FOLKLORE Mailing List ==== > Listresses > Missi [email protected] & Kath [email protected] > »§«:*´`³¤³´´`*:»§«:*´`³¤³´`*:»§«:*´`³¤³´´`*:»§«:*´`³¤³´`*:»§« > >

    11/25/2001 03:14:57