Genealogy Chat
Welcome to the Genes Reunited community boards!
- The Genes Reunited community is made up of millions of people with similar interests. Discover your family history and make life long friends along the way.
- You will find a close knit but welcoming group of keen genealogists all prepared to offer advice and help to new members.
- And it's not all serious business. The boards are often a place to relax and be entertained by all kinds of subjects.
- The Genes community will go out of their way to help you, so don’t be shy about asking for help.
Quick Search
Single word search
Icons
- New posts
- No new posts
- Thread closed
- Stickied, new posts
- Stickied, no new posts
Bagle bites again
| Profile | Posted by | Options | Post Date |
|---|---|---|---|
|
Devon Dweller | Report | 28 Jan 2005 18:07 |
|
Yes, also beware on messenger because files are coming through via address books without the person even talking to you. If you get one just close the window Sheila |
|||
|
Heather | Report | 28 Jan 2005 17:48 |
|
Thanks Bob I had that a year or so ago. Its very embarrassing because it sends copies of your mails to other people in your list! |
|||
|
Bob | Report | 28 Jan 2005 17:45 |
|
News The return of the Bagle 12:03PM Friday 28th January 2005 A new variant of the Bagle worm appears to be spreading rapidly. Kaspersky Lab says it has already caused a serious outbreak and uses a range of methods to ensure propagation. The worm arrives as an email with a range of short messages in the subject and message fields and a file attached named wsd01, viupd02, siupd02, guupd02, zupd02, upd02 or Jol03. The files are either Windows executables (.exe) or may have a prepended Windows Control Panel Applet (CPL) stub. Once run, the worm copies itself locally and edits the Registry to ensure that it is run each time the computer is started. It scans the hard drive for email addresses which it uses to propagate itself. However, it avoids sending copies of itelf to antivirus companies and email addresses that might be related to help and support services. To avoid detection for as long as possible, Bagle searches out and closes down any processes it finds running that it believes are connected to antivirus or security software. This will leave the system open to further attacks. It also copies itself under a variety of filenames to folders with 'shar' in the name in the hope that they will be copied into file-sharing networks and across shared resources in local networks. In addition it opens a backdoor, listening for commands over port 81. It tells the attacker of the presence of the infected system by contacting a set of URLs. The author further protects the backdoor from use by other attackers by encrypting the channel and adding password protection. Most antivirus companies have already added the new Bagle variant to their databases and their customers should be protecteed if their software is up to date. |
|||
|
Bob | Report | 28 Jan 2005 17:44 |
|
A new form of the Bagle worm is doing the rounds |
|||