BadTrans virus bites Windows users hard

26 Nov 01 15:33 by CDFreaks in category Uncategorized To news archive

A new week and new virus trouble is out so time to update the virus scanners and becarefull with your email.

Computer users turned on their PCs this morning to find their In-boxes flooded with copies of the latest mass mailing virus.

BadTrans.B is spreading rapidly.

BadTrans.B is a variant of a virus which first appeared in April. It usually arrives as an email with either the subject line Re: (name of file attachment) or Re: (the subject line of a previous message thread). The email contains a double attachment and a name made up of a series of elements which “alternate like a fruit machine“, according to Mark Sumner, CTO of MessageLabs.

BadTrans.B uses a known exploit, related to the processing of certain unusual MIME types, in certain versions of Outlook Express 5 so as to launch an attachment automatically. The trick, which was also used by the authors of the Nimda worm, means simply previewing an infected email is enough to get infected. Users who double click on an infected attachment also risk infection.

BadTrans.B uses MAPI to spread and gets target addresses from unread messages in a user’s email client. The worm also drops a file named kdll.dll, which is the password stealing Trojan PWS-AV , on an infected user’s PC.

read the full story Here

Source: TheRegister

9 Comments

guest
Posts: 15288
Posted on: 26 Nov 01 16:21
Damn I have the kdll.dll file... Should I be alarmed? Let's see what NAV2002 finds...
guest
Posts: 15288
Posted on: 26 Nov 01 16:40
Hmm it did find the virus but said 'Can't repair it' Well that's big help...
theEye
Posts: 462
Posted on: 26 Nov 01 17:26
Sorry GAM3FR3AK, but NAV200x simply SUX :r Better get the scanner from www.avp.ch
MarcoR
Posts: 44
Posted on: 26 Nov 01 18:32
I know it sucks ...All the viruses NAV has found for me it doesn't repair
guest
Posts: 15288
Posted on: 26 Nov 01 19:21
To GAM3FR3AK Be sure it's really kdll.dll (trojan) and not skdll.dll (Micro$oft)... if it's the trojan, try to quanrantine the file.
guest
Posts: 15288
Posted on: 27 Nov 01 04:43
When are they going to hunt down those virus makers and hang them? And while they're at it, why not hang Bill 'security hole' Gates. I get about 20 virusses each day in my mailbox.
guest
Posts: 15288
Posted on: 27 Nov 01 05:27
GAM3FR3AK: If NAV says it can't fix it, it's usually because the file is resident in memory and the file is locked by the OS for writing/deletion. Just reboot into dos and delete the file manually and rerun your NAV to be sure you got it all...
guest
Posts: 15288
Posted on: 27 Nov 01 11:19
Thanks all for the help... I'll try some things and see if it works. I got 10 more copies today of the virus via e-mail. Really irritating because the subject line is mostly 'Re:' and I get a lot of mail each day so I usually just open it. Now when I open such an e-mail NAV pops up "You have a virus ... can't repair, blablabla" but Outlook Express (6) does warn me if I want to open the mail because it might contain a virus (and indeed it does). I've always selected No so I wonder if I'm really infected. I do have a proper firewall installed (ZoneAlarm Pro) and no app has tried to connect thus far nor did my mail program send out messages containing the virus (at least none I know of).
vexorg
Posts: 1
Posted on: 27 Nov 01 23:30
1. don't use outlook. it is worse than the virus. if no one used outlook there would be very few virus. MS should be fined every time a virus came out, then maybe they fix their program. 2. anti-virus programs don't help in situations like this. new virus just slip by as the anti-virus programs don't look for new virus. 3. gamefr3ak: firewall won't help. unless it is like the nimda virus which looks for web servers, and again only MS IIS, anyone seeing a patern here??

Post a comment

Hello guest,
default
To benefit from all extra features you need to log in or sign up.

Most popular headlines

Grandmother is falsely accused of file-sharing (11)

A woman falsely accused of downloading copyrighted movies might've lost her Internet connection had she not taken her case to the media.

PS3 closing ground on Xbox 360 (1)

  • Sat 6 Feb 14:00 by Randomus
  • Game Consoles

After years of trailing the Nintendo Wii and Microsoft Xbox 360 on the sales charts, the Sony PlayStation 3 continues to close the gap on the Xbox 360.

Blame Blu-ray for lack of PS3 game downloads (14)

Don't expect Sony to offer its full game catalog for download over the Playstation 3 any time soon.

Murdoch: Avatar DVD won't be 3D (17)

  • Thu 4 Feb 00:00 by Randomus
  • Blu-Ray writers & players, LCD TV

News Corp. CEO Robert Murdoch confirmed the DVD release of Avatar won't have 3D support, with no word on a possible 3D Blu-ray version.

See all headlines

Active Commenters