BadTrans virus bites Windows users hard

26 Nov 01 15:33 by CDFreaks in category Uncategorized To news archive

A new week and new virus trouble is out so time to update the virus scanners and becarefull with your email.

Computer users turned on their PCs this morning to find their In-boxes flooded with copies of the latest mass mailing virus.

BadTrans.B is spreading rapidly.

BadTrans.B is a variant of a virus which first appeared in April. It usually arrives as an email with either the subject line Re: (name of file attachment) or Re: (the subject line of a previous message thread). The email contains a double attachment and a name made up of a series of elements which “alternate like a fruit machine“, according to Mark Sumner, CTO of MessageLabs.

BadTrans.B uses a known exploit, related to the processing of certain unusual MIME types, in certain versions of Outlook Express 5 so as to launch an attachment automatically. The trick, which was also used by the authors of the Nimda worm, means simply previewing an infected email is enough to get infected. Users who double click on an infected attachment also risk infection.

BadTrans.B uses MAPI to spread and gets target addresses from unread messages in a user’s email client. The worm also drops a file named kdll.dll, which is the password stealing Trojan PWS-AV , on an infected user’s PC.

read the full story Here

Source: TheRegister

Similar posts:

9 Comments

guest
Posts: 15288
Posted on: 26 Nov 01 16:21
Damn I have the kdll.dll file... Should I be alarmed? Let's see what NAV2002 finds...
guest
Posts: 15288
Posted on: 26 Nov 01 16:40
Hmm it did find the virus but said 'Can't repair it' Well that's big help...
theEye
Posts: 462
Posted on: 26 Nov 01 17:26
Sorry GAM3FR3AK, but NAV200x simply SUX :r Better get the scanner from www.avp.ch
MarcoR
Posts: 44
Posted on: 26 Nov 01 18:32
I know it sucks ...All the viruses NAV has found for me it doesn't repair
guest
Posts: 15288
Posted on: 26 Nov 01 19:21
To GAM3FR3AK Be sure it's really kdll.dll (trojan) and not skdll.dll (Micro$oft)... if it's the trojan, try to quanrantine the file.
guest
Posts: 15288
Posted on: 27 Nov 01 04:43
When are they going to hunt down those virus makers and hang them? And while they're at it, why not hang Bill 'security hole' Gates. I get about 20 virusses each day in my mailbox.
guest
Posts: 15288
Posted on: 27 Nov 01 05:27
GAM3FR3AK: If NAV says it can't fix it, it's usually because the file is resident in memory and the file is locked by the OS for writing/deletion. Just reboot into dos and delete the file manually and rerun your NAV to be sure you got it all...
guest
Posts: 15288
Posted on: 27 Nov 01 11:19
Thanks all for the help... I'll try some things and see if it works. I got 10 more copies today of the virus via e-mail. Really irritating because the subject line is mostly 'Re:' and I get a lot of mail each day so I usually just open it. Now when I open such an e-mail NAV pops up "You have a virus ... can't repair, blablabla" but Outlook Express (6) does warn me if I want to open the mail because it might contain a virus (and indeed it does). I've always selected No so I wonder if I'm really infected. I do have a proper firewall installed (ZoneAlarm Pro) and no app has tried to connect thus far nor did my mail program send out messages containing the virus (at least none I know of).
vexorg
Posts: 1
Posted on: 27 Nov 01 23:30
1. don't use outlook. it is worse than the virus. if no one used outlook there would be very few virus. MS should be fined every time a virus came out, then maybe they fix their program. 2. anti-virus programs don't help in situations like this. new virus just slip by as the anti-virus programs don't look for new virus. 3. gamefr3ak: firewall won't help. unless it is like the nimda virus which looks for web servers, and again only MS IIS, anyone seeing a patern here??

Post a comment

Hello guest,
default
To benefit from all extra features you need to log in or sign up.

Most popular headlines

Sony's new ad mocks Wii, Xbox 360 (3)

  • Sat 20 Mar 10:02 by Randomus
  • Game Consoles

A week after publicly unveiling its PlayStation 3 Move motion controller at GDC, Sony has launch a new ad attacking the Microsoft Xbox 360 and Nintendo Wii game consoles.

Microsoft: PS3's Blu-ray is a burden (5)

  • Thu 18 Mar 00:00 by JaredNewman
  • Blu-Ray writers & players, Game Consoles

Microsoft's Xbox product director Aaron Greenberg said the Xbox 360's lack of a Blu-ray player has actually been crucial to the console's success.

Spain allows P2P, link-sharing of copyrighted works (10)

As long as no profits are made, it's legal to share copyrighted material through peer-to-peer transfers or link to it through a Web site, a Spanish court ruled.

Sony considers discontinuing the PSP Go (4)

  • Thu 18 Mar 02:00 by Randomus
  • Game Consoles

It's possible Sony will pull the plug on its struggling PSP Go mobile gaming unit, as it has become obvious the company dropped the ball a bit in the mobile gaming business.

See all headlines

Active Commenters