|
PureBytes Links
Trading Reference Links
|
<IMG height=1
src="http://vil.mcafee.com/common/images/clear.gif"; width=10>
<TABLE cellSpacing=0 cellPadding=0 width="100%" bgColor=#edf3ff
border=0 summary="Virus Search Box">
<FONT
size=2>
Virus Profile
<IMG height=9
src="http://vil.mcafee.com/common/images/standard/corner_border_blue2_tl_9x9.gif";
width=9>
<IMG height=2
src="http://vil.mcafee.com/common/images/clear.gif";
width=2>
<IMG height=9
src="http://vil.mcafee.com/common/images/standard/corner_border_blue2_tr_9x9.gif";
width=9>
<IMG height=7
src="http://vil.mcafee.com/common/images/clear.gif";
width=1>
<IMG height=9
src="http://vil.mcafee.com/common/images/standard/corner_border_blue2_bl_9x9.gif";
width=9>
<IMG height=7
src="http://vil.mcafee.com/common/images/clear.gif";
width=1>
<IMG height=9
src="http://vil.mcafee.com/common/images/standard/corner_border_blue2_br_9x9.gif";
width=9>
<IMG height=2
src="http://vil.mcafee.com/common/images/clear.gif";
width=2>
Virus
Name:VBS/SST.gen@xx
<IMG height=1
src="http://vil.mcafee.com/common/images/clear.gif";
width=20>
Date Added:5/9/01
5:56:35 AM
<TABLE cellSpacing=0 cellPadding=0 width="80%" bgColor=#ffffff
border=0 noshade>
<TABLE cellSpacing=0 cellPadding=0 width="100%"
bgColor=#7f99cc>
<IMG height=10
src="http://vil.mcafee.com/images/corner_trans_filled_tl_10x10.gif";
width=10>
<IMG height=2
src="http://vil.mcafee.com/common/images/clear.gif";
width=2>VIRUS FAMILY
STATISTICSOver the Past 30 Days
<IMG height=10
src="http://vil.mcafee.com/images/corner_trans_filled_tr_10x10.gif";
width=10>
<IMG height=2
src="http://vil.mcafee.com/common/images/clear.gif";
width=2>
Virus
Name
<FONT
color=#ffffff>InfectedFiles
<FONT
color=#ffffff>ScannedFiles
%
InfectedComputers
VBS/SST.gen@xx
1,933
17,860,182
0.28
VBS/SST
0
0
0.00
VBS/SST@xx
145
2,866,068
<TD
align=right>0.03
<IMG height=2
src="http://vil.mcafee.com/common/images/clear.gif";
width=2>
<IMG height=2
src="http://vil.mcafee.com/common/images/clear.gif";
width=2>
Virus Characteristics:<FONT
style="FONT-SIZE: 11px">VBS/SST.gen@xx is a generic detection aimed
to catch many variants that are generated by the VBSWG (VBScript
Worm Generation) kit.
This virus is in the same family as <A target=_blank
href="http://vil.mcafee.com/dispvirus.asp?virus_k=99011";>VBS/VBSWG.gen@xx.
----- On May 15, 2001 a new variant was discovered
-----
This variant is sometimes referred to as "VBS.VBSWG2.Y@xx". This
variant is detected using the current Dats, and is also detected
with older DATs, starting with the 4123 DAT released on 2/21/2001.
It may arrive in an email message containing the
following information:
Subject: NUEVAS MEDIDAS DEL EJECUTIVO (NEW EXECUTIVE
MEASURES) Body:
Lo que nos faltaba: Batlle se desnuda para combatir la aftosa
!!Tenés que verlo, es impresionante!
Attachment: Batlle_Desnudo.JPG.vbs
----- End variant -----
----- On May 9, 2001 a new variant was discovered
-----
This variant is sometimes referred to as "VBS/VBSWG.X@xx" or
"Homepage". This variant is detected using the current Dats, 4136,
as "VBS/SST.gen@xx", and is also detected with older DATs, starting
with the 4123 DAT released on 2/21/2001. It may arrive
in an email message containing the following information:
Subject: Homepage Body: Hi! You've got to see
this page! It's really cool ;O) File Attachment:
homepage.HTML.vbs
Attachment: homepage.HTML.vbs
It may open the default browser to one of 4 different
pornographic websites.
----- End variant -----
<A class=bodyTextLink
href="http://vil.mcafee.com/sendMail.asp?VIRUS_ID=.99082&NEW=YES&";>Send
This Virus Information To A Friend?
Indications Of Infection:<FONT
style="FONT-SIZE: 11px">- Presence of homepage.HTML.vbs -
Presence of Batlle_Desnudo.JPG.vbs
Method Of Infection:This
script arrives as an e-mail attachment. Opening the attachment
infects your machine. Once infected, it tries to e-mail itself to
all recipients found in the Microsoft Outlook address book.
Note that when Outlook Express and Outlook98/2000 are both
installed (and with wsh support enabled) , if the user receives and
launches an infected .vbs file attachment while in Outlook Express,
the virus might still spread by sending itself silently to all
addresses using Outlook98/2000. So the virus might spread without
the user actually having Outlook98/2000 open.
Removal Instructions:Use
specified engine and DAT files for detection and removal.
Using File Filtering with WebShield SMTP for WindowsNT(not
applicable for Solaris):Within the Configuration console
select content filtering.Select Add.Add a Description for
the content filter rule such as VBSBlock.Select Filter on
Attachment File name.Filter on .vbsSelect OK.
AVERT Recommended Updates:
* <A target=_blank
href="http://office.microsoft.com/productupdates/default.aspx";>Office2000
Updates
* <A target=_blank
href="http://www.microsoft.com/technet/security/bulletin/ms99-032.asp";>scriptlet.typelib/Eyedog
vulnerability patch
* Outlook as an <A target=_blank
href="http://office.microsoft.com/downloads/2000/Out2ksec.aspx";>email
attachment security update
* Exchange 5.5 <A target=_blank
href="http://support.microsoft.com/support/kb/articles/Q248/8/38.asp";>post
SP3 Information Store Patch 5.5.2652.42 - this patch corrects
detection issues with GroupShield
For a list of attachments blocked by the Outlook patch and a
general FAQ, <A target=_blank
href="http://office.microsoft.com/assistance/2000/Out2ksecFAQ.aspx";>visit
this link. Additionally, Network Administrators can
configure this update using an available tool - visit <A
target=_blank
href="http://support.microsoft.com/support/kb/articles/Q263/2/97.asp";>this
link for more information.
Virus Information:
Discovery
Date:
5/9/01
<TD vAlign=top align=right
width="50%">Origin:
Unknown
<TD vAlign=top align=right
width="50%">Length:
Varies
<TD vAlign=top align=right
width="50%">Type:
Virus
<TD vAlign=top align=right
width="50%">SubType:
VBScript worm
Risk
Assessment:
Medium
AliasesHome Page., HomePage., I-Worm.Homepage (AVP),
VBS.VBSWG2.D@xx (NAV), VBS.VBSWG2.Y@xx (NAV), VBS/VBSWG-X (Sophos),
VBS_HomePage.A (Trend), VBSWG.X (CA, Panda) , VBSWG.X@xx (F-Secure)
<BLOCKQUOTE
style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px">
----- Original Message -----
<DIV
style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black">From:
CRLeBeau@xxxxxxx
To: <A title=realtraders@xxxxxxxxxxxxxxx
href="mailto:realtraders@xxxxxxxxxxxxxxx";>realtraders@xxxxxxxxxxxxxxx
Sent: Friday, June 01, 2001 3:47 PM
Subject: [RT] Virus alert - help needed
I am sending this
message from my laptop so no virus attached. A few minutes ago my
desktop computer was infected by an e-mail virus known as " "<A
href="mailto:VBS/SST.gen@xx";>VBS/SST.gen@xx virus" it is contained in a
file "homepage.HTML.vbs" and it is commonly known as the
"HomepageVirus". The virus has already sent a message to everyone in
my address book telling them to "Check out this homepage. Pretty
cool!" and I have unknowingly infected many friends and associates.
I have been paying money to McAfee Online for a supposed state of the
art virus protection product that is updated almost every day but somehow
this virus slipped by. Very disappointing. This is the first
time I have been infected with any virus because I am very careful.
I was able to get the info above only after I found out I was
infected and had already sent the virus to everyone else in my desktop
address book. Any info about what else this virus might do to my
computer and how to get rid of it would be appreciated. I am not a
computer wizard so even the most basic advice would be helpful.
Fortunately I monitor this realtraders list from my laptop which has
not been infected. Chuck LeBeau To
unsubscribe from this group, send an email
to:realtraders-unsubscribe@xxxxxxxxxxxxxxxYour
use of Yahoo! Groups is subject to the <A
href="http://docs.yahoo.com/info/terms/";>Yahoo! Terms of Service.
Yahoo! Groups Sponsor
To unsubscribe from this group, send an email to:
realtraders-unsubscribe@xxxxxxxxxxxxxxx
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
Attachment:
Description: ""
Attachment:
Description: ""
Attachment:
Description: ""
Attachment:
Description: ""
Attachment:
Description: ""
Attachment:
Description: ""
Attachment:
Description: ""
|
![http://vil.mcafee.com/common/images/clear.gif"](http://vil.mcafee.com/common/images/clear.gif"){kind=link}
![http://vil.mcafee.com/common/images/standard/corner_border_blue2_tl_9x9.gif"](http://vil.mcafee.com/common/images/standard/corner_border_blue2_tl_9x9.gif"){kind=link}
![http://vil.mcafee.com/common/images/standard/corner_border_blue2_tr_9x9.gif"](http://vil.mcafee.com/common/images/standard/corner_border_blue2_tr_9x9.gif"){kind=link}
![http://vil.mcafee.com/common/images/standard/corner_border_blue2_bl_9x9.gif"](http://vil.mcafee.com/common/images/standard/corner_border_blue2_bl_9x9.gif"){kind=link}
![http://vil.mcafee.com/common/images/standard/corner_border_blue2_br_9x9.gif"](http://vil.mcafee.com/common/images/standard/corner_border_blue2_br_9x9.gif"){kind=link}
![http://vil.mcafee.com/images/corner_trans_filled_tl_10x10.gif"](http://vil.mcafee.com/images/corner_trans_filled_tl_10x10.gif"){kind=link}
![http://vil.mcafee.com/images/corner_trans_filled_tr_10x10.gif"](http://vil.mcafee.com/images/corner_trans_filled_tr_10x10.gif"){kind=link}