Posted on 11/29/2001 11:40:41 AM PST by -No Way-
VIRUS ALERT! W32/Badtrans.B -----Original Message----- - The W32/Badtrans.B virus continues to spread - Oxygen3 24h-365d, by Panda Software (
Madrid, November 29 2001 -- The number of infections being caused by W32/Badtrans is reaching epidemic proportions in some countries. The areas hardest hit by the virus so far are the United States, France, Portugal, Germany, the United Kingdom, and Scandinavia.
Panda Software offers Gdogs the PQREMOVE(*) utility, free of charge. This tool automatically eliminates W32/Badtrans.B from infected systems. This application can be downloaded from: http://updates.pandasoftware.com/pqremove/pqremove.com To prevent infection from W32/Badtrans.B, Panda Software advises all Gdogs to update their antiviruses, immediately, from the Customer Area on the website at As Oxygen3 24h-365d recently reported, W32/Badtrans.B is a dangerous worm that spreads rapidly via e-mail. The file it is contained in has a variable name, which it makes up from three separate word lists. It also installs a Trojan designed to steal confidential data (passwords etc.) from the infected machine. Oxygen3 24h-365d reminds you that W32/Badtrans.b exploits a known vulnerability in versions 5.01 and 5.5 of Microsoft Internet Explorer. This vulnerability allows an attached file to be run through the message preview pane in Outlook e-mail clients. Gdogs with these versions are advised to download the corresponding patch from: http://www.microsoft.com/technet/security/bulletin/MS01-020.asp More information about W32/Badtrans.B is available in Panda Software's Virus Encyclopedia at: http://service.pandasoftware.es/library/virusCard.jsp?Virus=W32/Badtrans.B (*) If you are using Netscape Navigator, follow these steps to download the PQREMOVE utility: First, right-click the corresponding link, then select the 'Save Link as...' option. Finally, indicate the directory to which you want to save the file. NOTE: The addresses above may not show up on your screen as single lines. This would prevent you from using the links to access the web pages. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.
The IT manager has been having one hell of a time!
The worm also drops a file called KDLL.DLL which should be deleted. Check any of the anti-virus software vendor sites for further information.
Even using Netscape mail if you open the attachment it will infect your system. Since you're not an Outlook user the virus can't send itself to people in your address book BUT the virus installs a backdoor which sends your IP address to the author and may allow the author to "control" your PC right down to formatting your hard drive.
Also note: A keystroke registry which will watch for passwords, credit cards numbers, etc. entered at the keyboard is installed and can send this info out over your web connection.
If you don't have virus protection regularly updated you're playing ruskie roulette.
You can get McAfee for 29.95 (Virus Scan) and updates are free via the web.
Symantec - Norton AntiVirus allows a year of "free" updates but then you have to pay for updates - which last time I looked were "3.950" per year. Frankly, I suspect its 39.50 a year as $3.95 annually seems hardly worth the processing costs - anyone want to help out?
Run Netscape 4.7x for browsing and mail (avoid v.6.x). To reduce your exposure to .exe attachments, buy a Mac. If you must run Windoze, Eudora is a fine e-mail app.
Anyone who uses Outlook for mail is just asking to be delivered to hell, and I find it hard to have sympathy for them. It's not like this is new and unheard of.
If you receive an e-mail entitled "Bad Times," delete it immediately! Do not open it! Apparently this one is pretty nasty. It will not only erase everything on your hard drive, it will also delete anything on disks within 20 feet of your computer.
It demagnetizes the strips on all of your credit cards. It reprograms your ATM access code, screws up the tracking on your VCR, and uses subspace field harmonics to scratch any CDs you attempt to play. It will program your phone auto dial to call only 900 numbers. The virus will mix antifreeze into your fish tank. It will cause your toilet to flush while you are showering. It will drink all of your beer.
For God's sake, are you listening to me?
It will leave dirty underwear on the coffee table when you are expecting company. It will replace your shampoo with Nair and your Nair with Rogaine, all the while dating your current boy- or girlfriend behind your back and billing the hotel rendezvous to your Visa card, which has been wiped clean.
It will cause you to run with scissors and throw things in a way that is only fun till someone loses an eye. It will rewrite your backup files, change all of your active verbs to passive tense, and incorporate undetectable misspellings which will grossly change the interpretations of key sentences.
If the badness message is opened in a Windows 95 or 98 environment, it will leave the toilet seat up and leave your hair dryer plugged in dangerously close to a full bathtub. It will not only remove the forbidden tags from your mattress and pillows, it will also refill your skim milk with whole milk.
Warn as many people as you can! If you don't send this to 5,000 people within 20 seconds, you'll expel gas so hard your right leg will spasm and shoot straight out in front of you, sending sparks that will ignite the person next to you!
Be careful with this one.
You folks running Outlook or Outlook express are just inviting big trouble. I can understand your not liking Netscape, but Eudora has a swell email client and it is as free as Outlook and not nearly as prone to viruses. HEADS UP!
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.