Hi Ian and all:
I checked with a friend who messes with computers all day long and he
says this virus has been around since April 2001. So most of the
current Norton stuff would be (I assume) able to filter it out.
He also had some advice for me about NOT sending info regarding viruses
as "attachments". Since it's quick and easy, I didn't think of the
consequenses:
He says; the virus can be transmitted as an attachment. The majority of
viruses that attack windows boxes do it via fake attachment files." He
says that since viruses can't be transmitted as text files, I should
copy the text and put it into a new message.
Also, he says; "the recommendation to use the REGEDIT to "fix" the
registry is dangerous. If you've never tweaked your system's registry,
beware. If you delete the wrong thing, you could make your entire
computer inoperable". Scared the heck out of ME!
Anyway, I wanted to pass his response on to you and everyone else and to
thank you for sounding the warning. Rather have a warning that turns
out to have been (hopefully) something my system is capable of screening
against than to NOT be warned and get zapped instead.
Again, thanks.
David Sosna
Ian Spencer wrote:
>
> Everyone,
> I received 2 emails this weekend with attachments that appeared as if they
>were
> sent by Microsoft. I did not even open the attachment, just looked at the
>email
> in the preview pane only and still got infected. The virus is brand new
>(Norton
> only discovered it Yesterday). One of the attachments was called docs.doc.pif
>and
> the other was ME_nude.MP3.scr. If you have received these, please disinfect
>your
> machines.
>
> Details:
>
> 1. Virus is called W32/BadTrans@MM or WORM_BADTRANS.B
> 2. It is spred via email
> 3. It sends itself to everyone in your address book (which is why I'm
> alerting the list - some of you are in my address book)
> 4. It also writes a "back door" trojan in your registry that records all
> your keystrokes- which could allow someone via the net to access all your
> passwords, etc.
>
> If you have Norton AV with latest definitions you should be ok. If you want
>to be
> sure, look in your C:\Windows\System directory for two files: Kernal32.exe and
> kdll.dll. If you have these files, delete them! Also, look in your registry
>(use
> REGEDIT) for this entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current
> Version\RunOnce\Kernal32=Kernal32.exe
>
> If you have that entry, delete it (not the entire directories, just the
> Kernal32=Kernal32.exe part) Keep an eye out for this one - its nasty.
|