Previous by Date | Next by Date | Date Index
Previous by Thread | Next by Thread
| Thread Index
| LM_NET
Archive
| |
--part1_43.387926.25c2ffe0_boundary Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi All: In response to my virus question of yesterday, I received this message. It helped me. Hope this doesn't happen to you. Thanks to Jo Dervan! Jackie Rosenbaum, Librarian The Episcopal Academy Merion, PA Bookjackie@aol.com rosenbau@ea.pvt.k12.pa.us Dear McAfee.com Dispatch Subscriber: Please be on the alert for APStrojan.qa and BackDoor-G2. ------------------------------------------------------------ ************ APStrojan.qa ************ APStrojan.qa is a trojan and AVERT raised its risk assessment from Low to Medium--On Watch. It primarily infects Windows 98 systems, though it may also infect Windows 95 if the file MSVBVM50.DLL is present. Please Note: This trojan has been reported by several users of the America Online Internet service. For this reason, AVERT researchers suspect it has been distributed by spam email sent to AOL users. APStrojan.qa is a password stealer designed to attack America Online client software to determine user account passwords. It will then attempt to send the stolen information to the author of the trojan. APStrojan.qa has been distributed as an attachment to an email with the subject line "hey you." The attachment has been widely reported with the name "MINE.EXE." Important: If your system has been infected with APStrojan.qa, AFTER removing the trojan, be sure to choose a new password for your AOL account! ------------------------------------------------------------ *********** BackDoor-G2 *********** BackDoor-G2 is an Internet Backdoor trojan that infects Windows 9x systems. It is a new variant of the original BackDoor-G, which was first discovered 4/15/99. AVERT has changed its risk assessment from Low to Medium--On Watch for individual home users (there have as yet been no reports of infection from corporate clients). Once it infects your PC, BackDoor-G2 allows anyone running the appropriate client software to have virtually unlimited access to your system over the Internet. Your vital, private files may be read, altered, or destroyed. ------------------------------------------------------------ Note: If you are using McAfee Clinic, please click here to update Active Shield(TM). -> http://clinic.mcafee.com/clinic/virusscan/activeshield/start.asp --McAfee.com _______________________Virus Fixes__________________________ Find out more about this virus. Click here to go to the APStrojan Help Center. -> http://www.mcafee.com/viruses/apstrojan Click here to go to the BackDoor-G2 Help Center. -> http://www.mcafee.com/viruses/backdoor-g2 Check if your system is infected, click here to use VirusScan Online. -> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=1214 Purchase the latest copy of VirusScan, please click here. -> http://store.mcafee.com/category.asp?CatID=3&CategoryLevel=1&rfr=VSCALRT Upgrade to the latest VirusScan. Purchase the VirusScan Maintenance Plan which entitles you to 12 months of upgrades, click here. -> http://store.mcafee.com/category.asp?CatID=18&CategoryLevel=1&rfr=VRSPLN Download the latest DAT files, click here. -> http://download.mcafee.com/updates/updates.asp > =-=--=-=-= -- --part1_43.387926.25c2ffe0_boundary Content-Type: message/rfc822 Content-Disposition: inline Return-Path: <rderva@injersey.infi.net> Received: from rly-yd04.mx.aol.com (rly-yd04.mail.aol.com [172.18.150.4]) by air-yd02.mail.aol.com (v67_b1.21) with ESMTP; Thu, 27 Jan 2000 16:58:35 -0500 Received: from mh005.infi.net (mh005.infi.net [205.219.238.23]) by rly-yd04.mx.aol.com (v67_b1.21) with ESMTP; Thu, 27 Jan 2000 16:58:30 1900 Received: from injersey.infi.net (NYCMB709-46.splitrock.net [209.252.235.197]) by mh005.infi.net (8.8.5/8.8.8) with ESMTP id QAA23028 for <BookJackie@AOL.COM>; Thu, 27 Jan 2000 16:58:18 -0500 (EST) Message-ID: <3890C022.BD404840@injersey.infi.net> Date: Thu, 27 Jan 2000 17:01:06 -0500 From: Josephine Dervan <rderva@injersey.infi.net> Reply-To: rderva@injersey.infi.net X-Mailer: Mozilla 4.5 [en] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: BookJackie@AOL.COM Subject: Re: GEN:Virus References: <200001271656.LAA14957@mh005.infi.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I got this today from McAfee- (((((((((((((((((( McAfee.com Dispatch ))))))))))))))))))))) _______________________VIRUS ALERT__________________________ [This message is brought to you as a subscriber to the McAfee.com Dispatch. To unsubscribe, please follow the instructions at the bottom of the page.] ******* VIRUS ALERT - APStrojan.qa And BackDoor-G2 ********* Dear McAfee.com Dispatch Subscriber: Please be on the alert for APStrojan.qa and BackDoor-G2. ------------------------------------------------------------ ************ APStrojan.qa ************ APStrojan.qa is a trojan and AVERT raised its risk assessment from Low to Medium--On Watch. It primarily infects Windows 98 systems, though it may also infect Windows 95 if the file MSVBVM50.DLL is present. Please Note: This trojan has been reported by several users of the America Online Internet service. For this reason, AVERT researchers suspect it has been distributed by spam email sent to AOL users. APStrojan.qa is a password stealer designed to attack America Online client software to determine user account passwords. It will then attempt to send the stolen information to the author of the trojan. APStrojan.qa has been distributed as an attachment to an email with the subject line "hey you." The attachment has been widely reported with the name "MINE.EXE." Important: If your system has been infected with APStrojan.qa, AFTER removing the trojan, be sure to choose a new password for your AOL account! ------------------------------------------------------------ *********** BackDoor-G2 *********** BackDoor-G2 is an Internet Backdoor trojan that infects Windows 9x systems. It is a new variant of the original BackDoor-G, which was first discovered 4/15/99. AVERT has changed its risk assessment from Low to Medium--On Watch for individual home users (there have as yet been no reports of infection from corporate clients). Once it infects your PC, BackDoor-G2 allows anyone running the appropriate client software to have virtually unlimited access to your system over the Internet. Your vital, private files may be read, altered, or destroyed. ------------------------------------------------------------ Note: If you are using McAfee Clinic, please click here to update Active Shield(TM). -> http://clinic.mcafee.com/clinic/virusscan/activeshield/start.asp --McAfee.com _______________________Virus Fixes__________________________ Find out more about this virus. Click here to go to the APStrojan Help Center. -> http://www.mcafee.com/viruses/apstrojan Click here to go to the BackDoor-G2 Help Center. -> http://www.mcafee.com/viruses/backdoor-g2 Check if your system is infected, click here to use VirusScan Online. -> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=1214 Purchase the latest copy of VirusScan, please click here. -> http://store.mcafee.com/category.asp?CatID=3&CategoryLevel=1&rfr=VSCALRT Upgrade to the latest VirusScan. Purchase the VirusScan Maintenance Plan which entitles you to 12 months of upgrades, click here. -> http://store.mcafee.com/category.asp?CatID=18&CategoryLevel=1&rfr=VRSPLN Download the latest DAT files, click here. -> http://download.mcafee.com/updates/updates.asp Jackie Rosenbaum wrote: > > Hello All: My home computer has been having some virus-like symptoms and one of >my students says it sounds like the Trojan Horse virus. Is anyone familiar with >this one? I ran a virus scan but it picked nothing up. TIA for your wisdom and >advice!! > > Jackie Rosenbaum, Librarian > The Episcopal Acadey > Merion, PA > Bookjackie@aol.com > rosenbau@ea.pvt.k12.pa.us > > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-= > All postings to LM_NET are protected under copyright law. > To quit LM_NET (or set-reset NOMAIL or DIGEST), send email to: > listserv@listserv.syr.edu In the message write EITHER: > 1) SIGNOFF LM_NET 2) SET LM_NET NOMAIL or 3) SET LM_NET DIGEST > 4) SET LM_NET MAIL * Please allow for confirmation from Listserv. > For LM_NET Help see: http://ericir.syr.edu/lm_net/ > Archives: http://askeric.org/Virtual/Listserv_Archives/LM_NET.html > =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-= -- ******************************************************************** Josephine G. Dervan, Library Media Specialist Strathmore Elementary School Aberdeen, NJ 07747 Home- rderva@injersey.infi.net School- jdervan@marsd.k12.nj.us He who has a garden and a library, wants for nothing- Cicero --part1_43.387926.25c2ffe0_boundary-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-= All postings to LM_NET are protected under copyright law. To quit LM_NET (or set-reset NOMAIL or DIGEST), send email to: listserv@listserv.syr.edu In the message write EITHER: 1) SIGNOFF LM_NET 2) SET LM_NET NOMAIL or 3) SET LM_NET DIGEST 4) SET LM_NET MAIL * Please allow for confirmation from Listserv. For LM_NET Help see: http://ericir.syr.edu/lm_net/ Archives: http://askeric.org/Virtual/Listserv_Archives/LM_NET.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=