Re: FIX for VIRUS (safe to execute!)

From: Clara Chen (clara27@ms27.hinet.net)
Date: Wed Feb 14 2001 - 04:48:36 EET

Next message: Ian Gibson: "Internet conference"
Previous message: Pike, Jim: "RE: Best solidification software?"
In reply to: Jason L. Dickman: "FIX for VIRUS (safe to execute!)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Dear Mr. Dickman,

Someone I sent email to told me my mail carried a virus, however I can't
detect any virus using Norton. How can I know I've been infected
immediately? Thanks for your help.

Clara Chen
www.synctech.com.tw
SyncTech Inc., Taiwan
Tel: 886-2-89819981 ext. 507
Fax:886-2-89819777

----- Original Message -----
From: "Jason L. Dickman" <jdickman@sharedreplicators.com>
To: "Rp-Ml (E-mail)" <rp-ml@bart.lpt.fi>
Sent: Tuesday, February 13, 2001 10:40 PM
Subject: FIX for VIRUS (safe to execute!)

> All,
> I agree with Derek, this is a pain.
> I have done some searching and found the following info about this latest
> virus.
>
>
> INFORMATION________________________________________________________
> VBS.SST.A is an encrypted Visual Basic Script worm.
> The worm travels via an email message with the following text:
> Subject line: Here you have, ;0)
> Message body:
> Hi:
> Check This!
> File attachment: AnnaKournikova.jpg.vbs
> The worm attempts to trick users into executing the file attached
> to the e-mail message by pretending to be a jpeg graphic image of
> the Russian tennis player Anna Kournikova.
> On January 26th the worm attempts to connect to a website
> www.dynabyte.nl
>
> The worm modifies the systems registry by creating an entry named
> HKEY_CURRENT_USER\software\OnTheFly
>
> When the worm is activated it emails itself to every address in the
> Outlook address book
>
> THE FIX____________________________________________________________
>
> Run the attached
>
> If it tells you to restart your machine then it was infected...
> After you restart run this program again and it should tell you "no virus
> detected"
> I hope this helps...
>
> Jason
>
> ______________________________________
> Jason L. Dickman
> VP Lab Operations
> Shared Replicators, Inc.
> 3638 South Memorial Dr.
> Tulsa, OK USA
> 74145
> Voice: 918-270-8923
> Fax: 918-622-1138
> Web: jdickman@sharedreplicators.com
>
>

For more information about the rp-ml, see http://ltk.hut.fi/rp-ml/

Next message: Ian Gibson: "Internet conference"
Previous message: Pike, Jim: "RE: Best solidification software?"
In reply to: Jason L. Dickman: "FIX for VIRUS (safe to execute!)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.2 : Fri Jan 04 2002 - 09:56:50 EET