StevieInferior Posted January 29, 2004 Share Posted January 29, 2004 Guys, A member of my IT dept just came up and advised me of a potentially dangerous virus. What they have found out is that it records keystrokes and sends it off to the internet. This is dangerous because if you have logged onto on-line banking or preformed credit card transactions, your numbers could potentially be in someone's hands for identity theft. To see whether you have it go to My Computer. Then Windows (possibly WINNT at work). You may have to click show Files to view elements. Then go into System32. Looke for an executable titled NTOSA32.exe. If you have this file, you have the virus. At this time there is no fix and you can not delete it. SO be careful with senstive info. Link to comment Share on other sites More sharing options...
jbooma Posted January 29, 2004 Share Posted January 29, 2004 thats the new worm going out Link to comment Share on other sites More sharing options...
freakofthesouth Posted January 29, 2004 Share Posted January 29, 2004 Thanks for the heads-up... I was worried, because someone might actually log in to extremeskins, and use my screenname to wreak havoc on the site... Like maybe a Cowboys fan might crack into my screenname and starting spreading bogus threads... Maybe I would have woken up one morning only to find that I have a clown as an avatar!!!!AHHHHHH!!!!! So, err....thanks for helping me avoid that situation. Link to comment Share on other sites More sharing options...
SonnyRules Posted January 29, 2004 Share Posted January 29, 2004 Thanks for the heads up. I'm clean! Link to comment Share on other sites More sharing options...
TK Posted January 29, 2004 Share Posted January 29, 2004 Originally posted by freakofthenorth Like maybe a Cowboys fan might crack into my screenname and starting spreading bogus threads... You give them way to much credit. Link to comment Share on other sites More sharing options...
orlskinsfan Posted January 29, 2004 Share Posted January 29, 2004 thanks for the headsup----clean here Link to comment Share on other sites More sharing options...
TC4 Posted January 29, 2004 Share Posted January 29, 2004 Clear here also, Thanks for the heads-up I do have Norton. Is anyone working to find a way to find a fix for this? Link to comment Share on other sites More sharing options...
carlsbadd Posted January 29, 2004 Share Posted January 29, 2004 Ever&thin# w@kin% fine Here, N@ P@%$ems. 101010101010 00010001 11101 0001 01110 0101010 100110 100100 10101 0032838 $%%#&%@*&%$*)#^*(&$_ :laugh: :laugh: :laugh: Clean , Thanks Link to comment Share on other sites More sharing options...
TC4 Posted January 29, 2004 Share Posted January 29, 2004 Clear here also, Thanks for the heads-up I do have Norton. Is anyone working to find a way to find a fix for this? Link to comment Share on other sites More sharing options...
In Flames Posted January 29, 2004 Share Posted January 29, 2004 clean here, thanks for the heads up. :applause: Link to comment Share on other sites More sharing options...
freakofthesouth Posted January 29, 2004 Share Posted January 29, 2004 Originally posted by carlsbadd Ever&thin# w@kin% fine Here, N@ P@%$ems. 101010101010 00010001 11101 0001 01110 0101010 100110 100100 10101 0032838 $%%#&%@*&%$*)#^*(&$_ Now that's funny. :laugh: TK, I suppose you're right...those pukes. Link to comment Share on other sites More sharing options...
BCS:BraveCaringSoul Posted January 30, 2004 Share Posted January 30, 2004 a precautionary bump for those who may have missed this Link to comment Share on other sites More sharing options...
MidPennSkin Posted January 30, 2004 Share Posted January 30, 2004 There are a lot of hoax viruses out there too. Someone will pick an obscure file that is on everyone's Windows folder and send out word that it's a virus and tell everyone to erase it. I've seen that happen a couple of times in the past year. I did a google search and got no hits on NTOSA32, but there is an NTOSA-5630 web page with a bunch of gibberish on it. This either will make the list of viruses in Symantec's data base soon, or will make the list at some of the hoax virus debunker's sites. Or maybe the IT person who found this is mistaken. Time will tell. Link to comment Share on other sites More sharing options...
Art Posted January 30, 2004 Share Posted January 30, 2004 Guys, this has been known for a couple of days. There's a removal tool for it here: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.anig.removal.tool.html Here's the information on the virus itself: http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw.anig.html Defs are expected for this on Wednesday as it's Category 2 and Symantec doesn't release defs until Category 3 normally, unless they are worried about faster rising -- like the latest MIMAIL. This is a relatively minor virus. There are hundreads of keylogger trojans out there. This is just another and is based on a string of similar viruses in the HLLW family. Link to comment Share on other sites More sharing options...
BG Posted January 31, 2004 Share Posted January 31, 2004 THere are three potentially bad trojens out there that are set up to flood some web server that is slamming Linux. I heard this on tech-tv. -------I was just flipping through alright.... Anywho, that's alot of alerts in a short period. it would be wise for us to get updates for the OS and new virus defs just to be safe, and don't f*ck with random attatchments!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! :hammer: :hammer: Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.