LM_NET: Library Media Networking
- Subject: Fwd: Re: GEN:Virus
- From: Jackie Rosenbaum <BookJackie@AOL.COM>
- Date: Fri, 28 Jan 2000 09:21:20 EST
--part1_43.387926.25c2ffe0_boundary
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Hi All: In response to my virus question of yesterday, I received this message.
It helped me. Hope this doesn't happen to you. Thanks to Jo Dervan!
Jackie Rosenbaum, Librarian
The Episcopal Academy
Merion, PA
Bookjackie@aol.com
rosenbau@ea.pvt.k12.pa.us
Dear McAfee.com Dispatch Subscriber:
Please be on the alert for APStrojan.qa and BackDoor-G2.
------------------------------------------------------------
************
APStrojan.qa
************
APStrojan.qa is a trojan and AVERT raised its risk
assessment from Low to Medium--On Watch. It primarily
infects Windows 98 systems, though it may also infect
Windows 95 if the file MSVBVM50.DLL is present.
Please Note: This trojan has been reported by several users
of the America Online Internet service. For this reason,
AVERT researchers suspect it has been distributed by spam
email sent to AOL users.
APStrojan.qa is a password stealer designed to attack
America Online client software to determine user account
passwords. It will then attempt to send the stolen
information to the author of the trojan.
APStrojan.qa has been distributed as an attachment to an
email with the subject line "hey you." The attachment has
been widely reported with the name "MINE.EXE."
Important: If your system has been infected with
APStrojan.qa, AFTER removing the trojan, be sure to choose
a new password for your AOL account!
------------------------------------------------------------
***********
BackDoor-G2
***********
BackDoor-G2 is an Internet Backdoor trojan that infects
Windows 9x systems. It is a new variant of the original
BackDoor-G, which was first discovered 4/15/99. AVERT has
changed its risk assessment from Low to Medium--On Watch for
individual home users (there have as yet been no reports of
infection from corporate clients).
Once it infects your PC, BackDoor-G2 allows anyone running
the appropriate client software to have virtually unlimited
access to your system over the Internet. Your vital, private
files may be read, altered, or destroyed.
------------------------------------------------------------
Note: If you are using McAfee Clinic, please click here to
update Active Shield(TM).
-> http://clinic.mcafee.com/clinic/virusscan/activeshield/start.asp
--McAfee.com
_______________________Virus Fixes__________________________
Find out more about this virus. Click here to go to the
APStrojan Help Center.
-> http://www.mcafee.com/viruses/apstrojan
Click here to go to the BackDoor-G2
Help Center.
-> http://www.mcafee.com/viruses/backdoor-g2
Check if your system is infected, click here to use
VirusScan Online.
-> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=1214
Purchase the latest copy of VirusScan, please click here.
->
http://store.mcafee.com/category.asp?CatID=3&CategoryLevel=1&rfr=VSCALRT
Upgrade to the latest VirusScan. Purchase the VirusScan
Maintenance Plan which entitles you to 12 months of
upgrades, click here.
->
http://store.mcafee.com/category.asp?CatID=18&CategoryLevel=1&rfr=VRSPLN
Download the latest DAT files, click here.
-> http://download.mcafee.com/updates/updates.asp
>
=-=--=-=-=
--
--part1_43.387926.25c2ffe0_boundary
Content-Type: message/rfc822
Content-Disposition: inline
Return-Path: <rderva@injersey.infi.net>
Received: from rly-yd04.mx.aol.com (rly-yd04.mail.aol.com [172.18.150.4]) by
air-yd02.mail.aol.com (v67_b1.21) with ESMTP; Thu, 27 Jan 2000
16:58:35 -0500
Received: from mh005.infi.net (mh005.infi.net [205.219.238.23]) by
rly-yd04.mx.aol.com (v67_b1.21) with ESMTP; Thu, 27 Jan 2000 16:58:30
1900
Received: from injersey.infi.net (NYCMB709-46.splitrock.net
[209.252.235.197])
by mh005.infi.net (8.8.5/8.8.8) with ESMTP id QAA23028
for <BookJackie@AOL.COM>; Thu, 27 Jan 2000 16:58:18 -0500 (EST)
Message-ID: <3890C022.BD404840@injersey.infi.net>
Date: Thu, 27 Jan 2000 17:01:06 -0500
From: Josephine Dervan <rderva@injersey.infi.net>
Reply-To: rderva@injersey.infi.net
X-Mailer: Mozilla 4.5 [en] (Win98; I)
X-Accept-Language: en
MIME-Version: 1.0
To: BookJackie@AOL.COM
Subject: Re: GEN:Virus
References: <200001271656.LAA14957@mh005.infi.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I got this today from McAfee-
(((((((((((((((((( McAfee.com Dispatch )))))))))))))))))))))
_______________________VIRUS ALERT__________________________
[This message is brought to you as a subscriber to the
McAfee.com Dispatch. To unsubscribe, please follow the
instructions at the bottom of the page.]
******* VIRUS ALERT - APStrojan.qa And BackDoor-G2 *********
Dear McAfee.com Dispatch Subscriber:
Please be on the alert for APStrojan.qa and BackDoor-G2.
------------------------------------------------------------
************
APStrojan.qa
************
APStrojan.qa is a trojan and AVERT raised its risk
assessment from Low to Medium--On Watch. It primarily
infects Windows 98 systems, though it may also infect
Windows 95 if the file MSVBVM50.DLL is present.
Please Note: This trojan has been reported by several users
of the America Online Internet service. For this reason,
AVERT researchers suspect it has been distributed by spam
email sent to AOL users.
APStrojan.qa is a password stealer designed to attack
America Online client software to determine user account
passwords. It will then attempt to send the stolen
information to the author of the trojan.
APStrojan.qa has been distributed as an attachment to an
email with the subject line "hey you." The attachment has
been widely reported with the name "MINE.EXE."
Important: If your system has been infected with
APStrojan.qa, AFTER removing the trojan, be sure to choose
a new password for your AOL account!
------------------------------------------------------------
***********
BackDoor-G2
***********
BackDoor-G2 is an Internet Backdoor trojan that infects
Windows 9x systems. It is a new variant of the original
BackDoor-G, which was first discovered 4/15/99. AVERT has
changed its risk assessment from Low to Medium--On Watch for
individual home users (there have as yet been no reports of
infection from corporate clients).
Once it infects your PC, BackDoor-G2 allows anyone running
the appropriate client software to have virtually unlimited
access to your system over the Internet. Your vital, private
files may be read, altered, or destroyed.
------------------------------------------------------------
Note: If you are using McAfee Clinic, please click here to
update Active Shield(TM).
-> http://clinic.mcafee.com/clinic/virusscan/activeshield/start.asp
--McAfee.com
_______________________Virus Fixes__________________________
Find out more about this virus. Click here to go to the
APStrojan Help Center.
-> http://www.mcafee.com/viruses/apstrojan
Click here to go to the BackDoor-G2
Help Center.
-> http://www.mcafee.com/viruses/backdoor-g2
Check if your system is infected, click here to use
VirusScan Online.
-> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=1214
Purchase the latest copy of VirusScan, please click here.
->
http://store.mcafee.com/category.asp?CatID=3&CategoryLevel=1&rfr=VSCALRT
Upgrade to the latest VirusScan. Purchase the VirusScan
Maintenance Plan which entitles you to 12 months of
upgrades, click here.
->
http://store.mcafee.com/category.asp?CatID=18&CategoryLevel=1&rfr=VRSPLN
Download the latest DAT files, click here.
-> http://download.mcafee.com/updates/updates.asp
Jackie Rosenbaum wrote:
>
> Hello All: My home computer has been having some virus-like symptoms and one of
>my students says it sounds like the Trojan Horse virus. Is anyone familiar with
>this one? I ran a virus scan but it picked nothing up. TIA for your wisdom and
>advice!!
>
> Jackie Rosenbaum, Librarian
> The Episcopal Acadey
> Merion, PA
> Bookjackie@aol.com
> rosenbau@ea.pvt.k12.pa.us
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=
> All postings to LM_NET are protected under copyright law.
> To quit LM_NET (or set-reset NOMAIL or DIGEST), send email to:
> listserv@listserv.syr.edu In the message write EITHER:
> 1) SIGNOFF LM_NET 2) SET LM_NET NOMAIL or 3) SET LM_NET DIGEST
> 4) SET LM_NET MAIL * Please allow for confirmation from Listserv.
> For LM_NET Help see: http://ericir.syr.edu/lm_net/
> Archives: http://askeric.org/Virtual/Listserv_Archives/LM_NET.html
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=
--
********************************************************************
Josephine G. Dervan, Library Media Specialist
Strathmore Elementary School
Aberdeen, NJ 07747
Home- rderva@injersey.infi.net
School- jdervan@marsd.k12.nj.us
He who has a garden and a library, wants for nothing- Cicero
--part1_43.387926.25c2ffe0_boundary--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=
All postings to LM_NET are protected under copyright law.
To quit LM_NET (or set-reset NOMAIL or DIGEST), send email to:
listserv@listserv.syr.edu In the message write EITHER:
1) SIGNOFF LM_NET 2) SET LM_NET NOMAIL or 3) SET LM_NET DIGEST
4) SET LM_NET MAIL * Please allow for confirmation from Listserv.
For LM_NET Help see: http://ericir.syr.edu/lm_net/
Archives: http://askeric.org/Virtual/Listserv_Archives/LM_NET.html
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=
LM_NET
Archive Home