|
This topic comprises 2 pages: 1 2
|
Author
|
Topic: Virus alert
|
Brad Miller
Administrator
Posts: 17775
From: Plano, TX (36.2 miles NW of Rockwall)
Registered: May 99
|
posted 11-27-2001 01:49 AM
I don't know if this is an old virus, or something that has just turned up, but as of the last 2 days I've been seeing a lot of this one (and I've never seen it before).The email comes in with the subject "Re:" and nothing else. The email address is generally fake and it comes with two attachments. One is a txt document which has nothing in it and the other is a random file. There is no text in the body of the email. Delete the email entirely without opening the attachments.
| IP: Logged
|
|
|
|
Mark Lensenmayer
Phenomenal Film Handler
Posts: 1605
From: Upper Arlington, OH
Registered: Sep 1999
|
posted 11-27-2001 08:11 AM
This is a new variant on an older worm called BADTRANS.B I was sent an alert on this yesterday.It can only be activated if you open the attached files. Unfortunately, with some older versions of IE (5.0 and 5.5) the file can launch automatically, so if you are running one of these, get the patch from Microsoft. This worm does some very nasty things...it installs a trojan horse back door to your system, sends out your IP address to the author, then runs a keylogger that tracks every keystroke (including passwords, credit card numbers, etc) and places this file on your hard drive for the author to harvest. Brad is right...be VERY careful when opening attachments. For info on this virus, check out this link: http://www.infoworld.com/articles/hn/xml/01/11/26/011126hnbadtrans.xml?1126alert As always, be sure to check regularly for new virus definition files. Since November 1, Norton Antivirus has added 141 new definitions, and since February, they have added approximately 10,000!!!!!
| IP: Logged
|
|
Paul G. Thompson
The Weenie Man
Posts: 4718
From: Mount Vernon WA USA
Registered: Nov 2000
|
posted 11-27-2001 12:50 PM
Be especially careful with Microsoft's Outlook Express. We have had nothing but problems at the radio station of virus programs sneaking through on the *.eml attachments. I never received a virus via AOL. But that does not mean I won't. Take Brad's advice. Better yet, don't open anything you get from a stranger. Let your virus scan engine look at any attachment you download, even if it comes from a friend. Sometimes the virus will attach itself without your friend even knowing it. If you download a supposingly legit file, scan before opening it. Remember what happened to Josh's drive with that kmd.exe? Keep your virus scan programs up to date. Paul
| IP: Logged
|
|
|
|
|
|
Leo Enticknap
Film God
Posts: 7474
From: Loma Linda, CA
Registered: Jul 2000
|
posted 11-29-2001 04:28 AM
Tim - this worm disguises itself by looking through SMTP information cached in the computer and then inserting a header fields from this data at random, in order to make the e-mail look like it comes from someone you know. If the infected computer which sent you the e-mail has ever sent or received one from 'nostalgia entertainment inc' and/or with the subject 'Re: Film-Tech' then that could be the reason why.I don't think this in itself means that Film-Tech readers are being targeted with viruses, though, that having been said, I have received 4 Badtrans e-mails since yesterday. The Symantec website (see the link on my earlier post) states: quote: If SMTP information can be found on the computer, then it will be used for the From: field. Otherwise, the From: field will be one of these:"Mary L. Adams" <mary@c-com.net> "Monika Prado" <monika@telia.com> "Support" <support@cyberramp.net> " Admin" <admin@gte.net> " Administrator" <administrator@border.net> "JESSICA BENAVIDES" <jessica@aol.com> "Joanna" <joanna@mail.utexas.edu> "Mon S" <spiderroll@hotmail.com> "Linda" <lgonzal@hotmail.com> " Andy" <andy@hweb-media.com> "Kelly Andersen" <Gravity49@aol.com> "Tina" <tina0828@yahoo.com> "Rita Tulliani" <powerpuff@videotron.ca> "JUDY" <JUJUB271@AOL.COM> " Anna" <aizzo@home.com>
| IP: Logged
|
|
|
|
Tal Marks
Film Handler
Posts: 57
From: New York, NY
Registered: Oct 1999
|
posted 11-29-2001 10:45 PM
I just received an email with an attachment containing a virus (worm).Just to fill you in on the specs: from: cronk.ps@verizon.net subject: midterm-school law body: "Hi! How are you? I send you this file in order to have your advice See you later. Thanks" attachment: "midterm_school_law.doc.bat" virus: Virus W32.Sircam.Worm@mm I received it @ yahoo.com which has the built-in "scan with norton anti-virus". It's still in my Inbox if anyone wants me to forward it to them so they can poke around in it. Disclaimer: none.
| IP: Logged
|
|
Adam Martin
I'm not even gonna point out the irony.
Posts: 3686
From: Dallas, TX
Registered: Nov 2000
|
posted 11-30-2001 11:56 AM
I just learned a new thing about Outlook Express.In version 6, available at windowsupdate.microsoft.com, click on: Tools -> Options -> Security and check the boxes for "Warn me when other applications try to send mail as me" and "Do not allow attachments to be saved or opened that could potentially be a virus". These options are not available in OE 5, and I'm sure that in a week someone will have come up with a workaround for this security device, also. And there's still no excuse not to have up-to-date virus protection, too.
| IP: Logged
|
|
|
|
All times are Central (GMT -6:00)
|
This topic comprises 2 pages: 1 2
|
Powered by Infopop Corporation
UBB.classicTM
6.3.1.2
The Film-Tech Forums are designed for various members related to the cinema industry to express their opinions, viewpoints and testimonials on various products, services and events based upon speculation, personal knowledge and factual information through use, therefore all views represented here allow no liability upon the publishers of this web site and the owners of said views assume no liability for any ill will resulting from these postings. The posts made here are for educational as well as entertainment purposes and as such anyone viewing this portion of the website must accept these views as statements of the author of that opinion
and agrees to release the authors from any and all liability.
|