LISTSERV 16.0 - MSUNAG Archives

Holy crud -- I got a message about a disaster in China that has
killed "millions", and a web site to see video.  At that point I was
offered beijing.exe, which clam didn't know about as of an hour
ago.  So its definitely spreading.

--STeve Andre'

On Thursday 26 June 2008 11:15:59 Joe Budzyn wrote:
> If it is the one I just saw "Antivirus 2008", it came with a video codec.
>
> Joe
>
> On Thu, Jun 26, 2008 at 11:09:52AM -0400, Chris Wolf wrote:
> > Does anyone know what specific vulnerability is being
> > exploited here?  Were the computers involved completely up-to-date with
> > MS patches and still got infected?
> >
> >   From: MSU Network Administrators Group
> >   [mailto:[log in to unmask]] On Behalf Of Bosman, Don Sent:
> >   Thursday, June 26, 2008 10:07 AM To:
> >   [log in to unmask] Subject: Re: [MSUNAG] XP or Vista Antivirus 2008
> >   ..... Here is one mechanism of infection
> >
> > I
> >   always accepted users comments that they didn&#8217;t know how they got
> > infested because its generally the truth. I didn&#8217;t understand how
> > they couldn&#8217;t have noticed that their machine had slowed, but even
> > on campus the network can get frustratingly slow at times. Now that it
> > happened to me, I can tell you one way to get it. Using MSIE, browse to a
> > recommended site from a news aggregator who has never let you down in the
> > past. After thirty seconds or so your machine slows to the point that any
> > tech knows it&#8217;s been infested. There are thousands of sites that
> > are harboring mal-ware scripts. I know I should have been using Firefox,
> > but for some reason I was in IE.
> >
> > For
> >   my home machine running online scans offered by both
> > www.antivirus.com (Trend Micro) and
> > http://www.kaspersky.com/virusscanner
> >   (Kaspersky Labs) cleaned up the problem. While not requiring much
> > interaction from me, the scan process did take hours.
> >
> > Here
> >   at work I used to trust HitmanPro II
> > http://www.hitmanpro.nl/hitmanpro/
> >   but even it hasn&#8217;t been catching the latest script installed
> > malware.
> >
> > Best
> >   practice as of today &#8211; Run Firefox or Opera with scripting turned
> > off. I was amazed at the number of everyday sites that require scripting
> > to do simple things that could have been better coded. Now I generally
> > recover data from another profile and re-image the machine.
> >
> > Good
> >   luck.
> >
> > Don
> >   Bosman
> > Information
> >   Technologist
> > Libraries,
> >   Michigan State University
> >
> >   100 Library
> >
> >   East Lansing, MI 48824-1048
> >
> >   [log in to unmask]
> >
> >   (517) 432-6123 ext 233
> >
> >   Fax (517) 432-8374