Once again.....don't open ANY unexpected emails, even if reportedly from friends; if one arrives, email and ask your friend if they have send you an email with an attachment. If they haven't, then you both will know that they are infected, and their computer is sending out virus to everyone in their address book. They will need to take care of the problem, and you need to delete unopened the email with the attachment...then, to to your deleted box and delete it from there, too. To keep from ever becoming infected with any virus, just don't open any unexpected email attachment and you'll never have a problem. (until they come up with something else!) -----Original Message----- From: Carol Montrose <cmontrose@beol.net> To: OHBELMON-L@rootsweb.com <OHBELMON-L@rootsweb.com> Date: Saturday, December 02, 2000 5:01 PM Subject: [OHBELMON-L] Fw: VIRUS WARNING > >> The ANTIGEN virus protection program at the University of >> Kansas has already intercepted several messages addressed >> to various of our lists. The general description on this virus >> is: >> >> Virus Name: SHOCKWAVE.A Trojan >> E-mail Subject: "A Great Shockwave Flash Movie" >> E-mail Body: "Check out his new flash movie that I download just >> now...It's Great" >> E-mail Attachments: CREATIVE.EXE >> >> and you may verify the details of this warning at >> <http://www.ukans.edu/computing/virus/shockwave.shtml> >> >> It is clear that the machines of at least some members of our >> lists have been infected. Like most trojan horses, SHOCKWAVE >> gives no indication to the owner of an infected machine. >> >> The Notification describes SHOCKWAVE as follows: >> >> >___________________________________________________________________________ _ >_ >> When executing "CREATIVE.EXE" it will copy itself into: >> C:\CREATIVE.EXE. It will also copy itself in the >> Windows Startup as CREATIVE.EXE. It will then create a file >> Messageforu.txt, which shows all the >> modifications done by CREATIVE.EXE. The Execution of >> CREATIVE.EXE will search for JPG and ZIP files on >> the local system and then to the system root directory. They are >> then renamed to contain "Change at least now >> to LINUX". You can rename the name of the file since these >> renamed files are not damaged. Their original >> locations are found in the Messageforu.txt. The Messageforu.txt >> will also contain the following: >> >> "Hi, guess you have got the message. I have kept a list of files >> that I have infected under this. If you are smart >> enough just reverse back the process. I could have done far >> better damage; I could have even completely wiped >> your hard disk. Remember this is a warning & get it sound and >> clear... - The Penguin" >> >___________________________________________________________________________ _ >_ >> >> Lynn >> >> > >