Virus/Worm Alert Category 4 [Archive] - SpeedGuide.net Broadband Community
PDA

View Full Version : Virus/Worm Alert Category 4

blebs
11-26-01, 07:35 PM
W32.Aliz.Worm
W32.Badtrans.B@mm
Symantec Security Response is currently tracking two threats, both rated Category 4 (Severe). W32.Badtrans.B@mm is a MAPI worm that emails itself out as one of several different filenames. W32.Aliz.Worm is an SMTP mass mailer worm that can be executed just by reading or previewing the file.

Certified Virus Definitions are available via LiveUpdate or manual download for both threats.

More info on both:
Aliz (http://www.symantec.com/avcenter/venc/data/w32.aliz.worm.html)

Badtrans (http://www.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.html)
minir
11-26-01, 09:40 PM
Hi blebs99



Thanks for the Heads Up

I passed it on to my Addy Book people as well, it's appreciated


regards

minir
blebs
11-27-01, 05:47 AM
Hi minir, sorry it took so long to get the info out. Hope it was useful. I already had 2 people in another forum that were infected with Badtrans. :(
SteveGr
11-28-01, 11:46 AM
Help ... what do do if you have a computer that does not have an antivirus program and it got the Badtrans virus ... how do you cleanse without an antivirus program? Possible save ... how are you sure you got the virus (this computer had Outlook Express 6, so I was thinking that even though the email came in, OE 6 does not have the vulnerability to let this virus do its thing?). Any feedback would be great. Thanks.
blebs
11-28-01, 01:41 PM
Originally posted by SteveGr
Help ... what do do if you have a computer that does not have an antivirus program and it got the Badtrans virus ... how do you cleanse without an antivirus program? Possible save ... how are you sure you got the virus (this computer had Outlook Express 6, so I was thinking that even though the email came in, OE 6 does not have the vulnerability to let this virus do its thing?). Any feedback would be great. Thanks.

http://security1.norton.com/us/vc_about.asp?venid=sym&langid=us&plfid=20&pkj=VSBMLHFEPGEVVSDUXLX

Start Your computer in safe mode, then go to the link above and run the on-line virus scan. I don't know if it will delete any files that it finds infected, so you may want to make a note of all those found infected and delete them manually. Once you've done that, you'll need to open up REGEDIT and go to the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Once at the key, delete the value that says:Kernel32 kernel32.exe
in that key. Then reboot your computer into normal mode and rescan for virus.

Hope this helps you out. If not, send me a Private Message and I'll try to find another way for you to do this.