Recommended Posts

Hi:

I use MajorGeeks for just about ALL my downloads. Never had a problem. Will continue to use it. It is a very trustworthy site. It is the first site I go to if I'm looking for a particular type of software etc.

Good luck Marty, hope you get your computer up and running clean.

Barb B)

Ditto here..should we be wary of "Majorgeeks"?, ..na I don't think so. They are my primary choice of downloads. I respect the fact that they responded to this thread.

Link to post
Share on other sites
Hi:

I use MajorGeeks for just about ALL my downloads. Never had a problem. Will continue to use it. It is a very trustworthy site. It is the first site I go to if I'm looking for a particular type of software etc.

Good luck Marty, hope you get your computer up and running clean.

Barb B)

Ditto here..should we be wary of "Majorgeeks"?, ..na I don't think so. They are my primary choice of downloads. I respect the fact that they responded to this thread.

Yes that really impressed me too, that they responded and kept on trying to reach Marty, even offered to help him with a HJT log.

Sounds like not only is it a good site, but really caring people there.

Has anyone seen Marty lately? Did he get his log read, and computer problems fixed? I hope so.

Hey Marty, check back in with us and let us know what happened. We care.

God bless everyone.

Link to post
Share on other sites

hi team well i havent had the best of the last 2 weeks.ans ive been off the this board for several days.first the trojon thing .and then

workmen where digging next to my isp office and dug the cable up and ruptured it so i couldnt get on line for sometime.

hey i didnt realise how we can miss being on line.

i was like a fish without water.

how ever im on now .i just wanted to post an elert from trend micro.

i havent read the board yet so it may have been posted

marty

(by TrendLabs Global Antivirus and Research Center)

*********************************************************************

------------------------------------------------------------------------

Date: Friday January 14, 2005

------------------------------------------------------------------------

To read an HTML version of this newsletter, go to:

http://www.trendmicro.com/en/security/report/overview.htm

Issue Preview:

1. Trend Micro Updates - Pattern File & Scan Engine Updates

2. Wild Worm - WORM_BUCHON.C (Low Risk)

3. Top 10 Most Prevalent Global Malware

4. TrendLabs'2004 Annual Virus Roundup and 2005 Forecast

NOTE: Long URLs may break into two lines in some mail readers.

Should this occur, please copy and paste the URL into your browser window.

************************************************************************

1. Trend Micro Updates - Pattern File & Scan Engine Updates

------------------------------------------------------------------------

PATTERN FILE: 2.347.00

http://trendnewsletter.rsc03.net/servlet/c...pgLlQgLlQgFV2VR

SCAN ENGINE: 7.100

http://trendnewsletter.rsc03.net/servlet/c...pgLlQgLlQgFV2VS

2. Wild Worm - WORM_BUCHON.C (Low Risk)

------------------------------------------------------------------------

WORM_BUCHON.C mainly propagates via email. It uses its own built-in Simple

Mail Tranfer Protocol (SMTP) engine to send email without using other email

applications like Outlook Express. It obtains its target email recipients

from an infected system, either by searching a user's inbox, or by parsing

files with certain extension names. It then mass-mails copies of itself to

all harvested email addresses. This worm is currently spreading in-the-wild,

and infecting systems running Windows 95, 98, ME, NT, 2000, and XP.

Upon execution, this worm drops the following files in the root directory

(typically C:\):

CSRSS.BIN - a log file used by this worm

CSRSS.EXE - a component that serves as an HTTP proxy machine for downloading

files from Web sites, and detected by Trend Micro as WORM_BUCHON.C

This worm also creates a registry entry that allows it to run at every Windows

startup.

It obtains its target email recipients from an infected system, by searching an

infected user's inbox, or by parsing files with the following extension names:

DAT

DBX

EML

MBX

MDB

TBB

WAB

It also attempts to connect to specific DNS servers to locate its target email

addresses. Using its own SMTP engine, it then mass-mails copies of itself to all

harvested email addresses. The email message it sends contains the following

details:

- - -

From: <Spoofed>

Subject: Mail Delivery failure - <Target user's email address>

Message body:

If the message will not displayed automatically,

you can check original in attached message.txt

Failed message also saved at:

www.$HOST$/inbox/security/read.asp?sessionid-%d

(check attached instructions)

+++ Attachment: No Virus found

+++ MC-Afee AntiVirus - www.mcafee.com

Attachment:

. *.COM

. *.EXE

(Note: The attachment is a copy of the worm. The asterisk (*) is a wildcard

character representing zero or more characters, therefore *.* represents all files

and folders, and *.SYS.

message txt<Spaces>length <malware size> bytes<Spaces>mcafee

- - -

This worm disguises itself as the attached original message in a mail delivery

failure notice, which may trick users into opening the file, thereby running this

worm.

If you would like to scan your computer for WORM_BUCHON.C or thousands of

other worms, viruses, Trojans and malicious code, visit HouseCall, Trend

Micro's free, online virus scanner at:

http://trendnewsletter.rsc03.net/servlet/c...pgLlQgLlQgFV2VT

WORM_BUCHON.C is detected and cleaned by Trend Micro pattern file #2.345.00

and above.

For additional information about WORM_BUCHON.C please visit:

http://trendnewsletter.rsc03.net/servlet/c...pgLlQgLlQgFV2VU

3. Top 10 Most Prevalent Global Malware

(from January 7 to January 13, 2005)

------------------------------------------------------------------------

1. WORM_NETSKY.P

2. HTML_NETSKY.P

3. JAVA_BYTEVER.A

4. WORM_NETSKY.D

5. TROJ_AGENT.FL

6. SPYW_GATOR.D

7. SPYW_GATOR.C

8. SPYW_GATOR.B

9. WORM_NETSKY.B

10. WORM_NETSKY.C

4. TrendLabs' 2004 Annual Virus Roundup and 2005 Forecast

------------------------------------------------------------------------

Read about the past year's virus outbreak incidents, prevailing malware threats,

emerging threats, and forecasts, as analyzed by Trend Micro. Among the issues for

2004 are the BAGLE-NETSKY-MYDOOM malware wars, the emergence of vulnerabilities as

a malware propagation medium, and the creation of malware that spread via mobile

phones.

Read the 2004 Virus Roundup and 2005 Forecast:

http://trendnewsletter.rsc03.net/servlet/c...pgLlQgLlQgFV2VW

********************************************************************************

***

______________________________________________________________________

This message was sent by Trend Micro's Newsletters Editor using Responsys Interact .

To unsubscribe from Trend Micro's Newsletters Editor:

http://trendnewsletter.rsc03.net/servlet/o...RFpgLmDgLmDgSE0

To update your subscription preference, or to change your email address:

http://trendnewsletter.rsc03.net/servlet/w...pkNlyLihkm_U_UX

To view our permission marketing policy:

http://www.rsvp0.net

Copyright 1989-2004 Trend Micro, Inc. All rights reserved

Trend Micro, Inc., 10101 N. De Anza Blvd., Suite 200, Cupertino, CA 95014

--

No virus found in this incoming message.

Checked by AVG Anti-Virus.

Link to post
Share on other sites
hi team well i havent had the best of the last 2 weeks.ans ive been off the this board for several days.first the    trojon thing .and then

workmen where digging next to my isp office and dug the cable up and ruptured it so i couldnt get on line for sometime.

hey i didnt realise how we can miss being on line.

i was like a fish without water.

    marty

   

Hi Marty:

Glad to see you back. Was wondering where you were. Thought maybe your computer was messed up, and couldn't get back on.

Yes. I do understand if I could not get on line, I'd be lost too.

Thanks for the info from TrendMicro. Can't be too safe these days.

Take care

Barb :D

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...