Virus Info I just Received

[StevieInferior]

Guys,

A member of my IT dept just came up and advised me of a potentially dangerous virus. What they have found out is that it records keystrokes and sends it off to the internet. This is dangerous because if you have logged onto on-line banking or preformed credit card transactions, your numbers could potentially be in someone's hands for identity theft. To see whether you have it go to My Computer. Then Windows (possibly WINNT at work). You may have to click show Files to view elements. Then go into System32. Looke for an executable titled NTOSA32.exe. If you have this file, you have the virus. At this time there is no fix and you can not delete it. SO be careful with senstive info.

[jbooma]

thats the new worm going out

[freakofthesouth]

Thanks for the heads-up...

I was worried, because someone might actually log in to extremeskins, and use my screenname to wreak havoc on the site...

Like maybe a Cowboys fan might crack into my screenname and starting spreading bogus threads...

Maybe I would have woken up one morning only to find that I have a clown as an avatar!!!!AHHHHHH!!!!!

So, err....thanks for helping me avoid that situation.

[SonnyRules]

Thanks for the heads up. I'm clean!

[TK]

Originally posted by freakofthenorth

Like maybe a Cowboys fan might crack into my screenname and starting spreading bogus threads...

You give them way to much credit.

[orlskinsfan]

thanks for the headsup----clean here

[TC4]

Clear here also, Thanks for the heads-up

I do have Norton. Is anyone working to find a way to find a fix for this?

[carlsbadd]

Ever&thin# w@kin% fine Here, N@ P@%$ems.

101010101010 00010001 11101 0001 01110 0101010 100110 100100 10101 0032838 $%%#&%@*&%$*)#^*(&$_

:laugh: :laugh: :laugh: Clean , Thanks

[TC4]

Clear here also, Thanks for the heads-up

I do have Norton. Is anyone working to find a way to find a fix for this?

[In Flames]

clean here, thanks for the heads up. :applause:

[freakofthesouth]

Originally posted by carlsbadd

Ever&thin# w@kin% fine Here, N@ P@%$ems.

101010101010 00010001 11101 0001 01110 0101010 100110 100100 10101 0032838 $%%#&%@*&%$*)#^*(&$_

Now that's funny. :laugh:

TK, I suppose you're right...those pukes.

[BCS:BraveCaringSoul]

a precautionary bump for those who may have missed this

[MidPennSkin]

There are a lot of hoax viruses out there too. Someone will pick an obscure file that is on everyone's Windows folder and send out word that it's a virus and tell everyone to erase it. I've seen that happen a couple of times in the past year.

I did a google search and got no hits on NTOSA32, but there is an NTOSA-5630 web page with a bunch of gibberish on it.

This either will make the list of viruses in Symantec's data base soon, or will make the list at some of the hoax virus debunker's sites.

Or maybe the IT person who found this is mistaken. Time will tell.

[Art]

Guys, this has been known for a couple of days.

There's a removal tool for it here:

http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.anig.removal.tool.html

Here's the information on the virus itself:

http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.anig.html

Defs are expected for this on Wednesday as it's Category 2 and Symantec doesn't release defs until Category 3 normally, unless they are worried about faster rising -- like the latest MIMAIL.

This is a relatively minor virus. There are hundreads of keylogger trojans out there. This is just another and is based on a string of similar viruses in the HLLW family.

[BG]

THere are three potentially bad trojens out there that are set up to flood some web server that is slamming Linux. I heard this on tech-tv. -------I was just flipping through alright....

Anywho, that's alot of alerts in a short period. it would be wise for us to get updates for the OS and new virus defs just to be safe, and don't f*ck with random attatchments!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! :hammer: :hammer: