RootsWeb.com Mailing Lists
Home

Results for list 'taylor'

Total: 2/2
    1. [TAYLOR] VIRUS ALERT = W32.Klez. H = Level 3 ( One time Advisory by List Admin)
    2. John A Hansen

    3. Dear All: A new level 3 Virus Alert was issued this week by most of the Major Anti Virus Test Sites and Software Programs The names of the virus will vary but it is generally a form of W32.Klez.X@mm. There is a couple of clever things that this virus does that makes it deceptive. While you will not get the virus from Rootsweb you may well get a email from a subscriber or a friend that you have corresponded with and it will look like a legit response to the email or post that you made. The Virus has two files attached. One will have a random file from the sending computer and the other will be the virus with a double extension with ******.txt.exe etc. So it appears to be a real and innocent attachment. As a result, the email message would have 2 attachments, the first being the worm and the second being the randomly-selected file with a "normal" extensions such as *.doc or *.txt etc Payload and Damage: This worm infects executables by creating a hidden copy of the original host file and then overwriting the original file with itself. The hidden copy is encrypted, but contains no viral data. The name of the hidden file is the same as the original file, but with a random extension. Large scale e-mailing: This worm searches the Windows address book, the ICQ database, and local files for email addresses. The worm sends an email message to these addresses with itself as an attachment. Releases confidential info: Worm randomly chooses a file from the machine to send along with the worm to recipients. So files with the extensions: ".mp8" or ".txt" or ".htm" or ".html" or ".wab" or ".asp" or ".doc" or ".rtf" or ".xls" or ".jpg" or ".cpp" or ".pas" or ".mpg" or ".mpeg" or ".bak" or ".mp3" or ".pdf" would be attached to e-mail messages along with the viral attachment All the normal reference sites are carrying details on how to remove if you do get infected and more technical details on how to identify the incoming virus. Please do not create any posts on the mailing lists. Best Regards John A Hansen List Admin

    04/25/2002 04:27:45
    1. Re: [TAYLOR] VIRUS ALERT = W32.Klez. H = Level 3 ( One time Advisory by List Admin)
    2. Janet Ariciu

    3. My internet services keeps stopping people who have it from getting to me. This virus is everywhere so Be careful Janet ----- Original Message ----- From: "John A Hansen" <jahansen@qwest.net> To: <TAYLOR-L@rootsweb.com> Sent: Thursday, April 25, 2002 12:27 PM Subject: [TAYLOR] VIRUS ALERT = W32.Klez. H = Level 3 ( One time Advisory by List Admin) > > Dear All: > > A new level 3 Virus Alert was issued this week by most > of the Major Anti Virus Test Sites and Software Programs > The names of the virus will vary but it is generally a form of > W32.Klez.X@mm. There is a couple of clever things that > this virus does that makes it deceptive. > > While you will not get the virus from Rootsweb > you may well get a email from a subscriber or a friend > that you have corresponded with and it will look like > a legit response to the email or post that you made. > > The Virus has two files attached. > One will have a random file from the sending computer > and the other will be the virus with a double extension > with ******.txt.exe etc. So it appears to be a real > and innocent attachment. As a result, the email message would > have 2 attachments, the first being the worm and the second > being the randomly-selected file with a "normal" extensions > such as *.doc or *.txt etc > > Payload and Damage: > This worm infects executables by creating a hidden copy of the original > host file and then overwriting the original file with itself. The hidden > copy > is encrypted, but contains no viral data. The name of the hidden file is > the same as the original file, but with a random extension. > > Large scale e-mailing: This worm searches the Windows address book, > the ICQ database, and local files for email addresses. The worm sends > an email message to these addresses with itself as an attachment. > Releases confidential info: Worm randomly chooses a file from the machine > to send along with the worm to recipients. So files with the extensions: > ".mp8" or ".txt" or ".htm" or ".html" or ".wab" or ".asp" or ".doc" > or ".rtf" or ".xls" or ".jpg" or ".cpp" or ".pas" or ".mpg" or ".mpeg" > or ".bak" or ".mp3" or ".pdf" would be attached to e-mail messages > along with the viral attachment > > All the normal reference sites are carrying details on how to remove > if you do get infected and more technical details on how to > identify the incoming virus. > > Please do not create any posts on the mailing lists. > > Best Regards > John A Hansen > List Admin > > > ==== TAYLOR Mailing List ==== > To UNSUBCRIBE from LIST - mailto:TAYLOR-L-REQUEST@rootsweb.com > To UNSUBCRIBE from DIGEST - mailto:TAYLOR-D-REQUEST@rootsweb.com > Leave Subject Line empty; Put Only: UNSUBSCRIBE in body of message > > ============================== > To join Ancestry.com and access our 1.2 billion online genealogy records, go to: > http://www.ancestry.com/rd/redir.asp?targetid=571&sourceid=1237 > > >

    04/25/2002 10:26:26