RootsWeb: SCT-ISLEOFMULL-L I'm so sorry - I was hit by a bad virus and may have passed it on.

SCT-ISLEOFMULL-L Archives

Archiver > SCT-ISLEOFMULL > 2001-11 > 1007067886

From: "Sue Visser" <>
Subject: I'm so sorry - I was hit by a bad virus and may have passed it on.
Date: Thu, 29 Nov 2001 16:04:46 -0500

To my family and friends: I thought when I bought my new computer 2 weeks ago that my computer woes were finally over. I bought this computer from an independent dealer who assured me that it came completely loaded with Windows XP that had its own virus checker. Three times I asked about virus protection. Well it seems he "made a mistake" and I got hit by "Sorry_about_Yesterday.MP3pif-Win32.Badtrans.29020worm" - a nasty virus. Since it propagates through everyone listed in your address book and does NOT need an attachment, it is possible that some of you whose virus protection was perhaps not up-to-date may have picked this up as well. I am so very sorry. The following is information I've downloaded pertaining to this virus: ............................................................... Dear Trend Micro Customer: Due to an increase in the number of reported infections in the last 12 hours, the risk level of WORM_BADTRANS.B has been upgraded to Medium Risk. This memory-resident Internet worm is a variant of WORM_BADTRANS.A. It propagates via MAPI32, has a Key Logger component, and arrives with randomly selected double-extension filenames. It does not require the email recipient to open the attachment for it to execute. It uses a known vulnerability in Internet Explorer-based email clients (Microsoft Outlook and Microsoft Outlook Express) to automatically execute the file attachment. This vulnerability is also known as Automatic Execution of Embedded MIME type. WORM_BADTRANS.B is detected by pattern file #170 or #970. For more information on WORM_BADTRANS.B please visit our Web site at: http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_BADTRANS .B ............................................................ For anyone who has been hit by this worm, I've been told that it creates 3 files: Sorry_about_Yesterday.MP3pif-Win32.Badtrans.29020worm kdll.dll kernal.exe I was also told that if kernal.exe is renamed kernal.bak it will delete itself and the .dll, and you manually delete the first one. I am not a computer expert so please seek advice about this. I am so very conscious of viruses and try to be extra cautious. I feel dreadful that I may have infected someone else inadvertently. Please accept my apologies. I now have Norton 2002 that scans emails coming in and going out, and updates daily, so this should not happen ever again. Just for your info, in the past week, there have been about 4,000 new viruses identified by Norton 2002 bringing the total coverage to over 58,000 viruses!! Humbly, Sue (McCuaig) Visser

This thread:

I'm so sorry - I was hit by a bad virus and may have passed it on. by "Sue Visser" <>