| |
Specifics Hoaxes
Klez.H is #1 All-Time
The Klez.H version of the Klez virus chain has reached an historic milestone -- It is now generally agreed among those in the industry that it is the top vandal virus of all-time. Klez.H recently outpaced even the SirCam virus that ran rampant through e-mail in boxes causing billions in damage to businesses world-wide.
The later incarnations of the Klez worm have become particularly difficult to track to a source since it will use a random address from the address book of the infected computer as the sender address rather than the actual address -- quite an advancement in the world of virus-writing unfortunately.
For a complete wrap-up on No. 1 Klez, check out this Wired article.
For more on the Klez virus and others, check out The IT Help Desk's Virus Alerts
Klez Virus in Wild
The Klez Worm virus is in the wild and Symantec Corp. recently increased its threat rating to a Category 3. There have been cases of this virus being received on campus. Symantec/Norton AntiVirus have issued new definitions to protect systems against this virus and have also posted a stand-alone Klez Worm clean executable on their website.
The Klez Worm Virus has gone through several mutations and there are now four known variations in the wild. This virus will, according to Symantec, search " ... the Windows address book, the ICQ database, and local files for e-mail addresses. The worm sends an e-mail message to these addresses with itself as an attachment. The worm contains its own SMTP engine and attempts to guess at available SMTP servers." For complete coverage on this threat, consult the Symantec W32.Klez.H@mm page.
The latest version of NAV Corporate Edition installed on Windows 2000 machines throughout campus should have the latest virus definitions. If you are currently running a machine that does not have NAV Corporate Edition installed, call The IT Help Desk (HELP) for a consultation on upgrading the machine to the Windows 2000 build.
As with any e-mail you receive insisting that you do something to your computer, contact The IT Help Desk BEFORE you do anything. Additionally, always backup files onto removable media in case of infection or other catastrophic computer event. The JDBGMGR.EXE Virus Hoax
The latest in a long line of virus hoaxes, the JDBGMGR.EXE virus hoax is reminiscent of the SULFNBK.EXE virus hoax that began in early 2001. The e-mail will instruct the user to conduct a search for the file named JDBGMGR.EXE and then delete the file. The e-mail will purport that it contains a Trojan Horse virus. Of course, it does not contain a virus.
Do not delete this file.
JDBGMGR.EXE is a system file and your computer will become unstable and even unusable if you delete this file.
As with any e-mail you receive insisting that you do something to your computer, contact The IT Help Desk BEFORE you do anything. If you choose to delete this file and your system becomes unusable, there is a very good chance that the files stored on your hard drive will not be recoverable.
More on JDBGMGR.EXE virus hoax
More Wolves @ the Door --
Another False Windows Update = Virus
Another e-mail has begun to circulate claiming to be a Microsoft Windows Update. It is not a Microsoft update; it is the W32.HLLP.Sharpei@mm virus.
The subject line for this e-mail is commonly: "Important: Windows Update". The text within the e-mail typically reads: "Hey, at work we are applying this update because it makes Windows over 50% faster and more secure. I thought I should forward it as you may like it." The attachment (as of this date) is named: "Ms02-010.exe". All of these can change as the e-mail circulates and recirculates. Just bear in mind that Microsoft NEVER sends any software via e-mail.
If you check up on the latest virus news, all of this will sound familiar. It was only on 03.12.02 that The IT Help Desk posted information concerning the W32.Leave.B.Worm virus, an executable that came attached to an e-mail claiming to be a Microsoft update.
As with any e-mail you receive insisting that you do something to your computer, contact The IT Help Desk BEFORE you do anything.
Wolf in sheep's clothing -- Update e-mail = Virus
A new twist on an old virus is now making the rounds of e-mail in boxes.
With a subject line that purports the e-mail to be a 'Security Bulletin' from Microsoft, the attachment is in actuality the W32.Leave.B.Worm virus, first discovered in July of 2001. It is not, of course, from Microsoft. Microsoft NEVER sends any software via e-mail; software is only available through the Microsoft.
As with any e-mail you receive insisting that you do something to your computer, contact The IT Help Desk BEFORE you do anything. The SULFNBK.EXE Virus Hoax
A virus hoax has begun to circulate around campus again (original post 02.13.02). The e-mail will insist that you need to search for a file named SULFNBK.EXE and that you should delete it because it's a Trojan Horse Virus.
Do not delete this file.
This is a system file and your computer will become unstable if you delete this file.
As with any e-mail you receive insisting that you do something to your computer, contact The IT Help Desk BEFORE you do anything. If you choose to delete this file and your system becomes unusable, there is a very good chance that the files stored on your hard drive will not be recoverable.
History on SULFNBK.EXE virus hoax
Will adding 000_ to my address book stop viruses?
In a word? 'No'.
The 'Quick Fix Hoax' perhaps should not be labeled a full-fledged hoax since this addition to the code of a particular piece of legacy software was legitimate at one time many years ago. However, this little kernel of truth has been passed around the e-mail circles long enough that it has lost any sort of meaning and now has a life of its own.
Following the instructions provided in the e-mail will not prevent any viruses from attacking your computer (neither 000_ or !0000 in a variation of this hoax will work). The only way to protect your computer is to get a good antivirus program and keep the virus definitions updated (at least once a week). The Norton AntiVirus Corporate Edition software is available on the IUWare CD and may be purchased by students, staff, faculty, and administration members at the IUN Bookstore for $5.
Get the full story on the 'Quick Fix' hoax
|
|
Privacy Statement
