fot
[Top] [All Lists]

Re: W32.Badtrans.B@mm Virus

To: <BillDentin@aol.com>, <fot@autox.team.net>
Subject: Re: W32.Badtrans.B@mm Virus
From: "Rocky Entriken" <rocky@tri.net>
Date: Wed, 12 Dec 2001 16:14:55 -0600
Yeah, I had it too last week. But you probably did not get it through the
FOT list directly.

Bradakis' Team.Net programs strip out all attachments which saves entire
lists from being infected. However, anything that may have been a direct
send could carry it (was the message addressed to you by name, in addition
to being addressed to FOT? Did you get two copies?)

The one I got, I'm sure, did not come from Kas. My suspect message came from
a trusted person in St. Louis, and the attachment appeared to be a subject
in which I would be interested. BOOM!  Then again, my wife got what appeared
to be the same thing from a staffer in Denver, and the subject had something
to do with discount airline rates. Why would a Denver SCCA staffer be
telling us about discount airline rates? The text field was blank, only the
attachment. That's the clue. DELETE!

W32.Badtrans.B@mm is not a real serious virus, but a PITA that degrades
computer performance and makes you crash more. Here's a check to see if you
have it. Do a "find" on folders and files and see if you have one called
KERNEL32.EXE. That's the bad one. Don't just delete it -- that's not enough.
But the fix is fairly simple.

http://www.symantec.com/avcenter/venc/data/w32.badtrans.b@mm.html is the
specific page on the Symantec website that tells you about it and has the
fix. It's an easy and quick download and run.

--Rocky Entriken

----- Original Message -----
From: <BillDentin@aol.com>
To: <fot@autox.team.net>
Sent: Wednesday, December 12, 2001 11:52 AM
Subject: W32.Badtrans.B@mm Virus


> Amici:
>
> Yesterday I was struck with the W32.Badtrans.B@mm virus via the FOT list.
> Not positive, but think it came from my friend Mr. Kastner (you might want
to
> check, Kas).  Must be pretty fresh, as it was discovered by Symantec on
> 11/24/01.  Fix is pretty simple.  You download the free fix file
> (FixBadtr.exefile) from their Website www.symantec.com, in their Security
> Response section.
>
> The message I got had an attachment that said, "YOU_are_FAT!"  Those of
you
> who know me, know that hits pretty close to home, so...sure, I opened it.
> BOOM!  It flashed a "Thank You!" and I was infected.
>
> Be on the alert.
>
> Bill Dentinger
> .

<Prev in Thread] Current Thread [Next in Thread>