Virus Alert

Princess_Aurora

Princess_Aurora

<font color=green>President of the Clueless Club..
Joined
Jan 1, 2000
Messages
1,702
I just got a call from DH telling me to disconnect all the computers from the internet because there is a pretty nasty virus going around...and FAST. They don't know how you get it, they don't really know what it does, but they know it's bad. They've ruled out the possibility of it solely being spred through email so that means if you visit a webpage that has been infected, you can get infected also. All they know about it is it opens up your computer to anyone out there so they can do whatever they want to it. I just thought I'd give you guys a heads-up so you know to be safe. Also, you can't count on your anti-virus protection as this virus apparently just started today so they can't protect you from it.
 
Are you sure it just started today? I was wondering because over the weekend, I received about 20 returned email that supposedly came from me that went to people that I don't even know and aren't in my address book. I haven't received any since, and I did a virus scan and nothing showed up.
 
There are several new virus definitions available today at symantec (Norton AntiVirus) that may be related to this. It's difficult to tell since you are unable to provide any specifics. I would suggest people who have NAV make sure they have the June 3 virus definitions.
 
It may be a little older...al DH told me was that a lot of the computers at his work got hit and he was too busy trying to get them all fixed and preventing others from getting infected to tell me much more about it. I would just make sure your virus protection program is up-to-date just to be sure. I know this virus has got to be pretty bad because DH doesn't usually freak out this much about viruses.
 

I did get an email this weekend that in the subject all it said was Screensaver and in the guts of the email it said - you have to open this to see it. I didn't know who it was from and thus didn't open it (we have a viewing thing on our email that we can view an email without actually opening - for these reasons). Maybe that WAS something too....you never know.
 
Here's some more info I found on McAfee's webpage:

Virus Characteristics

-- Update June 03, 2003 --
Avert has received a handful of field reports of this worm. Files submitted suggest that there may be many more versions of this worm to come. The file names represented here are easily changed, and samples received already deviate from those mentioned. It is also foreseeable that other applications and malware may be thrown in to these scripts and future infections may vary in functionality. This description is meant as a guide.
This worm uses a set of batch files, a few utility programs, and a trojan to spread. It simply copies a set of 17 different files to target systems, and remotely executes a batch file on that system to spread further. The worm scans for IP addresses to infect, then copies over the various files, and runs again. It does not contain a damaging payload. The worm intends to capture typed keystrokes and send email to a configured address. However, samples received by AVERT have a key program (PCGhost) replaced with the (nView Desktop Manager). The worm can continue to propagate, spreading this innocent file along the way. PCGhost is a "Potentially Unwanted Program" that monitors system usage, including typed keystrokes, logs this information to a file, and can send the information to a defined email address.

The following files are associated with this worm. 10.BAT Runs HFind.exe, calls other BAT files
hack.bat Attempts to copy all other files to remote share (admin$\system32) and remotely execute START.BAT
HFind.exe IPScan trojan
ipc.bat Loops through IP list and calls HACK.BAT
IPCPass.txt Temp file
MUMA.BAT Creates log file and runs NWIZ.EXE
NEAR.BAT Creates temp file and calls 10.bat
NWIZe.EXE NVidia Desktop Manager application [At some point was the PCGhost application]
NWIZe.INI NWIZe.exe config file
NWIZe.IN_ NWIZe.exe config file
pcMsg.dll PCGhost application file
RANDOM.BAT Creates random numbers, used for IP addresses to ping
rep.EXE String replace application
replace.bat Calls rep.exe with parameters
START.BAT Main program that calls other BAT files
tihuan.txt Work file
 
You must log in or register to reply here.

Share this page


New Threads

slo
  • Poll Poll
slo’s THURSDAY 3/12 poll - Rice Cakes
Replies
3
Views
62
WDWEPCOT
WDWEPCOT
focusondisney
March 12 Late Summer discounts & GP Free Dining released
Replies
0
Views
89
focusondisney
focusondisney
D
I wonder why Disney Parks don't have any other Princess character dining in the parks?
Replies
1
Views
255
Harmacist
H
4Hawks
3-night on the Dream or 5-night on the Destiny?
Replies
1
Views
332
Douglas Dubh
Douglas Dubh
Cheburashka
?
Replies
0
Views
866
Cheburashka
Cheburashka
UA DVC Member
Air conditioning
Replies
0
Views
1K
UA DVC Member
UA DVC Member
TinkerbellLuvr7
Boarding Group Coronado Springs Transfer?
Replies
0
Views
984
TinkerbellLuvr7
TinkerbellLuvr7
gottalovepluto
MCO TSA Pre touchless operating
Replies
1
Views
989
VGCgroupie
VGCgroupie
NEWS & UPDATES

New Posts


Disney Vacation Planning. Free. Done for You.
Our Authorized Disney Vacation Planners are here to provide personalized, expert advice, answer every question, and uncover the best discounts. Let Dreams Unlimited Travel take care of all the details, so you can sit back, relax, and enjoy a stress-free vacation.
Start Your Disney Vacation
Disney EarMarked Producer

New Posts

J
Which ship have you not been on that you would most like to try?
Replies
14
Views
1K
ruadisneyfan2
ruadisneyfan2
PollyannaMom
Three Things...Gratitude Thread
830 831 832
Replies
17K
Views
997K
slo
slo
P
Destiny March 14-19 2026
2
Replies
22
Views
6K
wnissen
wnissen
IsDVCForMe?
Buying from an international seller?
2 3
Replies
41
Views
6K
IsDVCForMe?
IsDVCForMe?
LilyWDW
GLP-1 Medications
5 6 7
Replies
120
Views
22K
#1hoosierfan
#1hoosierfan
SheHulk
2026 Strength Training Accountability Thread
15 16 17
Replies
337
Views
64K
SheHulk
SheHulk
bobbiwoz
Connections anyone? The puzzle…
288 289 290
Replies
6K
Views
384K
mickey916
mickey916
A
Palo Brunch - how long does it take in your experience? Ours was almost 3 hours and it could have been even longer...
Replies
17
Views
795
DynamicDisneyDuo
D
slo
  • Poll Poll
slo’s THURSDAY 3/12 poll - Rice Cakes
Replies
3
Views
62
WDWEPCOT
WDWEPCOT
SunDial
Where In The World 21. We are now completely legal!!!
3070 3071 3072
Replies
61K
Views
3M
Diane♥Disney
Diane♥Disney
View more…






DIS Facebook DIS youtube DIS Instagram DIS Pinterest DIS Tiktok DIS Twitter

Add as a preferred source on Google

Back
Top Bottom