Home           FAQ           Calendar           Members List                                Advertise                      Register
 
  #1 (permalink)  
Old 09-25-01
Beth's Avatar
Registered User
  
Join Date: Feb 2000
Location: Germantown, Md USA
Posts: 697
Beth
Exclamation Virus Alert - Wtc.exe
Well, it was a matter of time before someone came out with a virus named after the horror of 9/11.

See below. Update your virus definitions....

Beth


=========================================
In total bad taste, the Vote worm spreads a message of Us vs. Them through the Internet in the aftermath of the World Trade Center bombings. In addition to sending itself out to every address in one's Microsoft Outlook address book, however, Vote (W32.Vote.A@mm) also attempts to delete Windows directory files and/or reformat the infected user's hard drive. At present Vote is not spreading very fast, however, given its ability to delete files, this worm ranks as a 6 on the ZDNet Virus Meter.

How it works
Vote arrives as an e-mail with the following information:

Subject: Fwd: Peace BeTween AmeriCa And IsLam

Body: Hi! iS iT A waR Against AmeriCa Or IsLam! Let's Vote To Live in Peace!

Attached: WTC.EXE

If the attached file is opened, Vote will install two .vbs files on the hard drive.

MixDaLaL.vbs will attempt to overwrite all files ending with .htm or .html with the following phrase:


AmeRiCa ...Few Days WiLL Show You What We Can Do !!! It's Our Turn > > > ZaCkEr is So Sorry For You.
The second .vbs file, ZaCker.vbs, will add a line to the registry that will run the vbs script the next time the computer is rebooted. ZaCker.vbs attempts to delete all files in the Windows directory and add a Format C: command to the autoexec.bat file. It will also display the following message:

I promiss We WiLL Rule The World Again...By The Way,You Are Captured By ZaCker!!!"
Removal
Antivirus software companies are in the process of updating their signature files to include Vote. For more information on removing Vote from your system, see McAfee, Symantec, and Trend Micro.

Prevention
Here are the basic steps for containing the latest worm:

Download Microsoft's Outlook Security Patch. If you haven't already installed it, download the Outlook 98 Security Patch or the Outlook 2000 Security Patch. Please note that this patch does not include Outlook Express. Click here for help with installation, or for more information regarding this patch.

Turn off Windows Scripting Host. Recent virus outbreaks have exploited known vulnerabilities in Visual Basic Scripting under Windows. To limit your risk of infection, you should turn off Windows Scripting Host. For a complete discussion of the pros and cons of removing Windows Scripting Host, read this article: To script or not to script.

"Don't open attachments!" One of the best ways to prevent virus infections is not to open attachments, especially when viruses such as this virus are being actively circulated. Even if the e-mail is from a known source, be careful. A few viruses take the mailing lists from an infected computer and send out new messages with its destructive payload attached. Always scan the attached files first for viruses. Unless it's a file or an image you are expecting, delete it.

Stay informed. Did you know that there are virus and security alerts almost every day? Keep up-to-date on breaking viruses and solutions by bookmarking our Alerts & Solutions page.

Get protected. If you don't already have virus protection software on your machine, you should. If you're a home or individual user, it's as easy as downloading any of these top-rated programs then following the installation instructions. If you're on a network, check with your network administrator first.

Scan your system regularly. If you're just loading anti-virus software for the first time, it's a good idea to let it scan your entire system. It's better to start with your PC clean and free of virus problems. Often the antivirus program can be set to scan each time the computer is rebooted or on a periodic schedule. Some will scan in the background while you are connected to the Internet. Make it a regular habit to scan for viruses.

Update your antivirus software. Now that you have virus protection software installed, make sure it's up-to-date. Some antivirus protection programs have a feature that will automatically link to the Internet and add new virus detection code whenever the software vendor discovers a new threat. You can also scan your system for the latest security updates here.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Virus Alert Mathew Johnson Power Washing 0 12-11-04 04:19 PM
Attention Glenn Virus Alert Richard R. Power Washing 26 12-04-01 01:27 AM
Code Red Virus Alert! Mark Shoot The Bull 20 11-08-01 05:29 PM
Virus Alert - please read Beth Shoot The Bull 9 08-01-01 01:12 PM
Virus Alert (READ THIS ASAP) Dan Flynn Power Washing 1 06-30-01 01:39 PM

 
 
Sponsored Links
Buy.com Coupon
 

SEO by vBSEO 3.1.0 - Contact Us - Power Wash Network - Archive - Top

Powered by vBulletin® Version 3.7.4
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Copyright ©2000-2009, The Power Wash Network