Not just Bill!! I received about 10 messages this am with the Badtrans.B@mm
virus in them. The messages automatically pop up the box that asks if you
want to open them. DO NOT DO IT!!! Now that I just ran Live Update to update
my virus protection (that was only 3 days old!!) it detects the virus in the
e-mail messages. I also did virus scan of my whole system and found two
system files infected/created?. C:\Windows\SYSTEM\kdll.dll and
C:\Windows\SYSTEM\KERNEL32.EXE They would not repair or quarantene and had
to be deleted. Usually this would require file restoring from a clean source
and after reading the information on this virus at
www.symantec.com I don't
beleive it is necessary as the virus creates the \kdll.dll file and makes a
copy of the Kernel32.dll file and renames it an Kernel32.EXE so my deleting
of both the infected files should have been what the worm created. Not
original files I HOPE ANYWAYS!! Instructions for cleaning up your infected
computer that has been sending out e-mail to people automatically is
available at the above
www.symantec.com The virus is listed right on the
opening page and you don't have to go to virus search to find this one!
Apparently if your computer is sending out to others, you have to go through
and edit your registry to remove the kernel32.3xe
Do yourself a favour and do not open any attachments until you have the
latest, updated virus protection in place as these messages are coming from
peoples names you will recognize and probably/possibly trust! My virus
protection, like I said was only about 3 days old! Guess we will have to
start doing Live update each day before we read our mail to try and stay
ahead of these people with WAY too much time ontheir hands!
While I typed this, on a second full scan of my computer it just came up and
told me that I am still infected with this virus, in the same files I
supposable deleted. This looks like it will be the same nightmare to remove
as the Sirc32 virus that had to be manual caught like picking dew worms in
the yard (and you know how hard that can be at times!!), so DO NOT OPEN ANY
ATTACHMENTS until you update your protection and not that this one is 29,000
bits so easy to spot if you click the paperclip to view files size first and
also it has a double extension.
Regards,
Wayne G. O'Shea
www.irishfield.on.ca
----- Original Message -----
From: "Murray & Carol" <
cherkas@shaw.ca>
To: <
murphy-rebel@dcsol.com>
Sent: Tuesday, November 27, 2001 9:33 AM
Subject: Bill Allen VIRUS
Hi Bill
You have a VIRUS in your computer.
-----------------------------------------------------------------
List archives located at:
https://mail.dcsol.com/login
username "rebel" password "builder"
Unsubscribe:
rebel-builders-unsubscribe@dcsol.com
List administrator:
mike.davis@dcsol.com
-----------------------------------------------------------------