
	Where results make sense

Topic: Badtrans

Related Topics

Smurf attack

Law enforcement agent

Gemini 9

Spring Hill, Iowa

Zelienople, Pennsylvania

West Providence Township, Pennsylvania

Pharmacist

Step by Step

Karl Gauss

Thetford Township, Michigan

Kingdom of Serbs, Croats and Slovenes

Sproul Plaza

Scopidae

Hanna Barbera

UN Security Council Resolution 678

In the News (Sun 20 Dec 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	Badtrans
		BadTrans is a malicious Microsoft Windows computer worm distributed by e-mail.
		Because of a known vulnerability in Internet Explorer, some e-mail programs, such as Microsoft's Outlook Express and Outlook programs, may install and execute the worm as soon as the e-mail message is viewed.
		Badtrans then transmits the data to one of several e-mail addresses.
	www.ebroadcast.com.au /lookup/encyclopedia/ba/Badtrans.html (272 words)

	ISS X-Force Database: badtrans-worm(7607): Badtrans worm with keystroke logging functionality
		Badtrans is a mass-emailer worm that includes some enhanced functionality to record an infected user's keystrokes.
		Badtrans is not intentionally destructive to files or data, but it may cause network traffic difficulties.
		The author of the Badtrans worm used a modified version of the "Hooker" keystroke logging software, which was designed to gather security-sensitive information on the host by looking for passwords, gathering IP addresses, and capturing keystrokes.
	xforce.iss.net /xforce/xfdb/7607 (333 words)

	Encyclopedia: Badtrans (Site not responding. Last check: 2007-10-20)
		BadTrans is a malicious Microsoft Windows computer worm distributed by e-mail.
		Because of a known vulnerability in Internet Explorer, some e-mail programs, such as Microsoft's Outlook Express and Outlook programs, may install and execute the worm as soon as the e-mail message is viewed.
		Badtrans then transmits the data to one of several e-mail addresses.
	www.nationmaster.com /encyclopedia/Badtrans (300 words)

	CNN.com - 'Badtrans' worm still spawns at slower pace - November 27, 2001
		Badtrans is capable of spawning itself even if a user reads e-mail in the preview mode of Outlook.
		The social engineering of Badtrans is equally nefarious: It arrives in the recipient's in-box with a "Re:" subject line that appears to be a response to an e-mail actually sent by the user.
		Badtrans does not appear to delete data or cause any other damage.
	edition.cnn.com /2001/TECH/internet/11/27/badtrans.update (582 words)

	G4 - Feature - 'Badtrans' Worm Continues Spread
		Badtrans exploits a known flaw in Internet Explorer that is integrated in Outlook.
		In geek speak, Badtrans uses the MIME header of a message to fool Outlook into opening an executable virus.
		In the case of Badtrans, the program then emails the logged data back to the virus writer or attacker at a myriad of anonymous email accounts.
	www.g4tv.com /techtvvault/features/35089/Badtrans_Worm_Continues_Spread.html (362 words)

	CNN.com - 'Badtrans' worm leaves backdoors, logs data - November 26, 2001
		The worm, called "Badtrans.B," is a new variant of the older "Badtrans" virus, according to antivirus companies.
		Badtrans is even more devious in that it arrives in the recipient's in-box with a "Re:" subject line to an e-mail actually sent by the user, according to McAfee.com and TruSecure.
		What happens next isn't in doubt, however, as all companies agree that the worm then installs a Trojan horse, or backdoor, program that will allow an attacker to gain access to the infected computer and then attempts to sends the IP address of the infected machine to the worm's author.
	archives.cnn.com /2001/TECH/internet/11/26/badtrans.worm.idg/index.html (522 words)

	Virus Alert—BadTrans is Bad News - News and Analysis by PC Magazine (Site not responding. Last check: 2007-10-20)
		The threat, classified as a worm because it spreads via e-mail clients, is called BadTrans, and it comes on the heels of several damaging and costly viruses and worms seen in recent months.
		BadTrans infections were occurring about 12 times more frequently than SirCam infections, according to MessageLabs' numbers.
		BadTrans comes at a particularly bad time for businesses already struggling to enhance high-tech security in the wake of the September 11 terrorist attacks.
	www.pcmag.com /article2/0,1895,2009,00.asp (475 words)

	InfoSatellite.com - Badtrans worm has flash distribution
		The so-called Badtrans B is a MAPI worm that emails itself out as one of several different file names.
		The Badtrans worm is known to come from the UK, affecting 37 other countries, but mainly United States, Germany and UK itself.
		In Symantec, Badtrans is rated medium wild and high distribution, although the damage is considered low.
	www.infosatellite.com /news/2001/11/a261101badtrans.html (386 words)

	Smart Computing Article - How To Get Rid Of BadTrans (Site not responding. Last check: 2007-10-20)
		Reaching full steam in November 2001, BadTrans is a nondestructive yet dangerous worm that propagates via email using its own SMTP (Simple Mail Transfer Protocol) engine and becoming resident in memory upon execution.
		BadTrans spreads via email by replying to all the unread email messages on your system and including itself as an attachment.
		The worm was first discovered in the wild on April 12, 2001, and attempts to use known vulnerabilities that have since been patched to compromise systems and further propagate.
	www.smartcomputing.com /editorial/article.asp?article=articles/2005/w1602/02w03/02w03.asp&ArticleID=25455&guid=5423458F264944A7BE23941CFA1E91DB (987 words)

	CNN.com - 'Badtrans' worm picks up speed - November 26, 2001
		Faris said home users are the most susceptible to Badtrans since most corporations can stop it at the Internet gateway.
		Once Badtrans is launched, it begins distributing files on the infected user's machine and installs the backdoor program, giving a potential hacker remote access.
		She said it was unclear how many people may have had access to it, and she was also not aware of any reports of people's information being stolen to date.
	edition.cnn.com /2001/TECH/internet/11/26/badtrans.worm/index.html (545 words)

	[No title]
		Badtrans spreads through security flaws in Microsoft mail software and transmits everything the victim types.
		Since November 24, Badtrans has violated the privacy of millions of Internet users, and now the FBI wants to take part in the spying.
		Victims of Badtrans are infected when they receive an email containing the worm in an attachment and either run the program by clicking on it, or use an email reader like Microsoft Outlook which may automatically run it without user intervention.
	www.politechbot.com /p-02943.html (379 words)

	BadTrans Computer Worm Alert (Site not responding. Last check: 2007-10-20)
		McAfee is now advising DAT 4172 for protection against the new variant of the BadTrans worm.
		Badtrans spreads via e-mail, by locating all unread messages from a system's e-mail inbox and replying to them.
		Badtrans drops a spying Trojan into infected systems.
	www.sc.edu /announce/general/112601.g.badtrans.html (268 words)

	W32/BadTrans@MM
		This is due to the fact that home users tend to update their DAT files less frequently.
		As noted below, the virus is detected as W32/Badtrans@MM as the detection technology, which identified the virus first, uses this naming convention for both variants of the Badtrans virus.
		This new variant of Badtrans drops a password stealing trojan which is detected as PWS-Hooker with the 4173 DATs, or greater, and a variant of PWS-AV with the 4172 DATs.
	vil.nai.com /vil/content/v_99069.htm (2330 words)

	BADtrans Worm
		As of 2001-12-28, I have received 17 copies of this worm, 16 of which were from people I do not know.
		The badtrans worm (similar to a virus) transmits itself via electronic mail.
		Note that the badtrans worm typically sends email from your email address with an underscore added to the begining.
	www.freelabs.com /~whitis/security/viruses/badtrans.html (969 words)

	Badtrans (Site not responding. Last check: 2007-10-20)
		Hati-hati dengan virus Badtrans, virus ini menggunakan Win32 dan menyebar melalui email, dapat menginfeksi Win 98 dan Win NT / 2000.
		BadTrans is a worm spreading with e-mail messages from Win32 systems.
		The worm sends email messages with infected attached files, as well as installs a spying trojan component to steal information from infected systems.
	www.vaksin.com /virusnews/2001/badtrans.htm (519 words)

	PC World - Antivirus Vendors Warn of Badtrans Worm
		Users are also urged to apply an available patch to close the security hole that the worm exploits.
		The latest Badtrans virus is even more devious than its predecessor, in that it arrives in the recipient's in-box with a "Re:" subject line to an e-mail actually sent by the user, according to McAfee.com and TruSecure.
		What happens next isn't in doubt, however, as all companies agree that the worm then installs a Trojan horse, or backdoor, program that will allow an attacker to gain access to the infected computer and then attempts to sends the IP (Internet Protocol) address of the infected machine to the worm's author.
	www.pcworld.com /news/article/0,aid,72944,00.asp (761 words)

	ZDNetIndia (Site not responding. Last check: 2007-10-20)
		A revised version of the Badtrans worm from April 2001 is loose on the Internet.
		Badtrans.B behaves in a similar manner to the original, loading a password-stealing Trojan horse that can log keystrokes and reveal password and credit card information to malicious users.
		Badtrans uses a known vulnerability in Internet Explorer that automatically opens attachments.
	www.zdnetindia.com /help/specials/virusworkshop/stories/44651.html (246 words)

	BadTrans virus fizzles on Good Friday \| CNET News.com
		The new message will have the same subject line and message body as the original e-mail, and the sender will be the victim's username.
		While it has some of the makings of a successful mass-mailer, BadTrans has effectively fizzled out, said Vincent Gullotto, director of Network Associates' antivirus emergency response team.
		On Thursday the company received only 10 reports of the worm, he said.
	news.com.com /2100-1001-255820.html (484 words)

	Badtrans worm - it's bad - Security Strategy - Breaking Business and Technology News at silicon.com (Site not responding. Last check: 2007-10-20)
		The Badtrans worm is continuing to spread like wildfire, prompting anti-virus companies to urge users to make sure they're fully protected.
		It spreads via email and because it automatically generates replies to unread messages in Microsoft Outlook it is able to spread faster than the average trojan.
		It was first spotted on 23 November in the UK and has since been active in 37 countries.
	www.silicon.com /software/security/0,39024655,11029500,00.htm (376 words)

	Badtrans worm leaves backdoors, logs data
		The variant is executed when a user opens an infected e-mail and does not require a user to click on an attachment, as many mass mailer worms do, according to Activis and TruSecure virus alerts.
		Badtrans is even more devious in that it arrives in the recipient's in-box with a "Re:" subject line to an e-mail actually sent by the user, according to McAfee.com and TruSecure.
		After execution, Badtrans also runs a keylogger program that can record all data entered via the keyboard, including passwords, credit card numbers, and other personal information, according to Activis and McAfee.com.
	www.infoworld.com /articles/hn/xml/01/11/26/011126hnbadtrans.html?1126alert (887 words)

	Alerts - Badtrans-Aliz (Site not responding. Last check: 2007-10-20)
		Users of Symantec's "NAV for Gateways" or "Carrier Scan" should be running the new versions of these programs released last week.
		Aliz was first detected in May 2001, and Badtrans.B is a new variant of the Badtrans worm from April 2001.
		The standard email security practice, which we highly recommend, of blocking executable attachments will block both worms - Badtrans.B arrives as a ".pif" or ".scr" file, Aliz as a ".exe".
	www.systemhouse.com /alerts/archive/badtrans_aliz.htm (231 words)

	BBC News \| SCI/TECH \| BadTrans computer virus strikes
		A sneaky Windows computer virus is circulating that tries to install software that monitors what users are typing and passes it to the malicious program's creator.
		The virus also regularly swaps the name of the attachment travelling with it, in an attempt to conceal its pernicious payload.
		BadTrans-B is a variant of the original BadTrans virus that was first discovered in April.
	news.bbc.co.uk /hi/english/sci/tech/newsid_1678000/1678578.stm (377 words)

	Virus Alert - W32/Badtrans@MM Virus
		This is due to the fact that home users tend to update their DAT files less frequently.
		As noted below, the virus is detected as W32/Badtrans@MM as the detection technology, which identified the virus first, uses this naming convention for both variants of the Badtrans virus.
		This new variant of Badtrans drops a password stealing trojan which is detected as PWS-Hooker with the 4173 DATs, or greater, and a variant of PWS-AV with the 4172 DATs.
	www.kentcc.com /techpages/virus/W32Badtrans.htm (1126 words)

	The Daily Rotten (Site not responding. Last check: 2007-10-20)
		Coincidentally, just four days before the breakout of Badtrans it was revealed that the FBI was developing their own keystroke-logging virus, called Magic Lantern.
		This is a significant improvement over Carnivore, which can only see data after it has been transmitted over the Internet, at which point the passwords may have been encrypted.
		After Badtrans pilfers keystrokes the data is sent back to one of twenty-two email addresses (this is according to the FBI-- leading anti-virus vendors have only reported seventeen email addresses).
	www.dailyrotten.com /articles/archive/189387.html (766 words)

	I-Worm.Badtrans Removal Utility
		This is the list of common file names that it is known to use.
		It should be noted that files arriving in email with these names is not necessarily an indication that the file contains the BADTRANS malware, as it is known to share file names with other malware, particularly W32/MTX@MM virus.
		It creates a copy of itself as a file named INETD.EXE in the %windir% directory, then it adds to the "run=" of WIN.INI for Windows 9x or a key to the registry for NT/2000.
	www.claymania.com /badtrans-removal.html (788 words)

	Badtrans worm leaves backdoors, logs data (Site not responding. Last check: 2007-10-20)
		The worm, called Badtrans.B, is a new variant of the older Badtrans virus, according to anti-virus companies.
		The worm exploits a security vulnerability in Microsoft's Outlook and Outlook Express e-mail clients to automatically execute the attachment when the e-mail is opened, they said.
		What happens next isn't in doubt, however, as all companies agree that the worm then installs a Trojan horse, or backdoor, program that will allow an attacker to gain access to the infected computer and then attempts to sends the IP address of the infected machine to the worm's author.
	infoworld.com /articles/hn/xml/01/11/26/011126hnbadtrans.html?1126alert (887 words)

	Riotous BadTrans.B and a fix for its wagon (Site not responding. Last check: 2007-10-20)
		BadTrans uses keystroke loggers’ function to store all infected user data in CP_25389.NLS.
		Though not yet in the wild, watch out for Aliz worm and the Final Doom or Finaldo.
		BadTrans uses this function to store all infected user data in CP_25389.NLS.
	www.ciol.com /content/opinion/freeloader/101120301.asp (950 words)

	New BadTrans Worm Variant Exploits Old IE Hole (Site not responding. Last check: 2007-10-20)
		A new version of an Internet worm discovered seven months ago is in the wild and could spread rapidly, virus researchers warned.
		But the latest version of BadTrans has the potential to create greater mischief, according to researchers who discovered the new worm late last week.
		Besides attempting to propagate to other computers using e-mail addresses stored on a victim's PC, both variants of BadTrans try to install a program that logs users' keystrokes and attempts to capture passwords and other confidential information.
	www.intelligentx.com /newsletters/technology/articles/story_tech1_112701.html (374 words)

	Remove BadTrans Trojan, Delete kd.dll, kernel32.dll
		This trojan is another in a long line of trojans sent via email.
		This should get rid of the BadTrans virus, but be sure to update your software and run a thorough virus scan of your system to check for other viruses.
		This variant of BadTrans logs keystrokes, sends log file including cached passwords, and sends email messages.
	www.securemost.com /articles/trou_4_badtrans.htm (746 words)

Try your search on: Qwika (all wikis)