Everyone,
I received 2 emails this weekend with attachments that appeared as if they were
sent by Microsoft. I did not even open the attachment, just looked at the email
in the preview pane only and still got infected. The virus is brand new (Norton
only discovered it Yesterday). One of the attachments was called docs.doc.pif
and
the other was ME_nude.MP3.scr. If you have received these, please disinfect your
machines.
Details:
1. Virus is called W32/BadTrans@MM or WORM_BADTRANS.B
2. It is spred via email
3. It sends itself to everyone in your address book (which is why I'm
alerting the list - some of you are in my address book)
4. It also writes a "back door" trojan in your registry that records all
your keystrokes- which could allow someone via the net to access all your
passwords, etc.
If you have Norton AV with latest definitions you should be ok. If you want to
be
sure, look in your C:\Windows\System directory for two files: Kernal32.exe and
kdll.dll. If you have these files, delete them! Also, look in your registry
(use
REGEDIT) for this entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current
Version\RunOnce\Kernal32=Kernal32.exe
If you have that entry, delete it (not the entire directories, just the
Kernal32=Kernal32.exe part) Keep an eye out for this one - its nasty.
|