|
|
This topic comprises 2 pages: 1 2
|
|
Author
|
Topic: Bugbear virus warning
|
Peter Berrett
Jedi Master Film Handler
Posts: 602
From: Victoria, Australia
Registered: Nov 2000
|
posted 10-03-2002 02:36 AM
Hi allJust a quick warning for people to be on the look out for the bugbear virus. For most of this this will not be a problem - we either don't use outlook or we have a good virus scanner (this should be mandatory). However even then software can be vulnerable. Recently I experienced a case of the bugbear virus on a standalone I was working on. I received an email titled 'greets' and as soon as I opened the email the virus was activated. It didn't require me to open an attachment. Just opening the email was sufficient to activate the virus. The curious thing was that at the time there was a tsr-resident virus scanner running and it didn't pick up the virus, either immediately or on a scan. At home I run an anti-virus program called AVT which is very effective. It is a tsr-resident scanner and does pick up the bugbear virus. I recommend it highly (no I don't have shares in the company). I received the bugbear virus today and the scanner killed it off immediately. This is a particularly nasty virus in that it can copy keystrokes and give a hacker access to those keystrokes eg you might have typed your credit card number. Full details are available on the following link. The page also includes a small program put out by sophos to clean your system of the virus. It would be worth downloading it and checking as your virus scanner may not have picked up the virus.
Click Here I might add that the above virus has been spreading very rapidly over the past few days. cheers Peter
| IP: Logged
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Peter Berrett
Jedi Master Film Handler
Posts: 602
From: Victoria, Australia
Registered: Nov 2000
|
posted 10-04-2002 07:36 AM
I received yet another instance of the virus today. I didn't open the email but immediately AVT saw that the virus was trying to get access to my disk and queried me as to whether I should allow it or not. Naturally I said no and deleted the email.From my experiences over the past few days I'd say that this virus is spreading like wildfire. Check out the following
Media Article 1
Media Article 2
Media Article 3
Media Article 4 I might add that the rating of the seriousness of the virus has been upgraded for the second time. Believe me - it's nasty. If it continues at this rate can you imagine how many infected emails we will be receiving per day by the end of this week? At one stage I got up to about 7 Klez emails a day. This could surpass that. cheers Peter
| IP: Logged
|
|
|
|
Sam Hunter
Jedi Master Film Handler
Posts: 779
From: West Monroe, LA, USA
Registered: Jan 2002
|
posted 10-04-2002 01:29 PM
Sorry for the delay in getting back. Lili kept me a little busy.
Anyway, this is a couple of methods I used;
In Outlook Express click "Tools\Options\Read" uncheck the box marked "Mark message read after displaying for 5 Seconds" and also uncheck "Automatically download message when veiwing in the preview pane".
This should keep you from unitentally openening the door to these bad guys.  ------------------
Samual Hunter Sr. KC5ZSL
| IP: Logged
|
|
Gerard S. Cohen
Jedi Master Film Handler
Posts: 975
From: Forest Hills, NY, USA
Registered: Sep 2001
|
posted 10-05-2002 03:44 PM
My bugbear virus arrived today in an attachment to a message from Microsoft with a subject announcing a new policy in accessing newsgroups. Since I haven't been able to access them since I began with MSN a couple of years ago, and my inquiries were answered with "...Microsoft Network does not support newsgroups..." I was tempted to read this happy announcement. But the screen was framed
by a red McAffee virus warning around the attachment, asking me to clean it, or if that was found impossible, to delete it and substitute
a clean copy.[???how???] Needless to say, it couldn't be cleaned or deleted, until I closed the window and then deleted the message with the attachment inside. The message included an abstract of the content of the attachment, which was about users of a certain program being asked their passwords when trying to access newsgroups.
Not what I was hoping for, but I'm thankful to McAffee!
| IP: Logged
|
|
|
|
Ray Brown
Expert Film Handler
Posts: 111
From: Dayton, WA, USA
Registered: Sep 2002
|
posted 10-06-2002 01:12 AM
The #1 rule I learned is not to open attachments from anybody unless you are actually expecting them to send you a specific file.If you use Outlook/Outlook Express, be sure to disable the preview pane so the self executing viruses like Bad Trans don't infect your computer. I use Poco Mail because I don't trust Outlook or Outlook Express. Poco mail lets you preview your headers on the server with out downloading. Anything that looks suspicious or spam gets deleted directly off the server. My main POP3 account got bomb with the Klez virus this summer and this feature really came in handy. If you do download something accidently (like Bad Trans) it won't self execute like it does with Outlook/Outlook Express. I think every ISP should have a virus and spam filter. It would really help to eliminate alot of these problems.
| IP: Logged
|
|
Paul G. Thompson
The Weenie Man
Posts: 4718
From: Mount Vernon WA USA
Registered: Nov 2000
|
posted 10-06-2002 01:36 AM
Just recently, I had someone squawking to me about how goofy their computer was running. Just for the heck of it, I ran a sysedit and discovered an entry in the load= (maybe it was the run=) line of the win.ini that didn't belong there. The command line was "rape.exe" - and when I asked him what the hell was that, he said the when the computer crashes, it says "you have been raped" or words to that effect.I didn't edit it out of there. Not yet, anyway. OK.......well, I wonder what might have also been inserted in the registry....  This must be a new one - as I have not found anything on McAfee that talks aboout rape.exe - has anyone ever heard of it?
| IP: Logged
|
|
|
|
All times are Central (GMT -6:00)
|
This topic comprises 2 pages: 1 2
|
Powered by Infopop Corporation
UBB.classicTM
6.3.1.2
The Film-Tech Forums are designed for various members related to the cinema industry to express their opinions, viewpoints and testimonials on various products, services and events based upon speculation, personal knowledge and factual information through use, therefore all views represented here allow no liability upon the publishers of this web site and the owners of said views assume no liability for any ill will resulting from these postings. The posts made here are for educational as well as entertainment purposes and as such anyone viewing this portion of the website must accept these views as statements of the author of that opinion
and agrees to release the authors from any and all liability.
|
Home
Printer-friendly view of this topic