Re: Sorry...

Subject: Re: Sorry...
From: Greg Madden (pabi@gci.net)
Date: Mon Jan 19 2004 - 10:31:00 AKST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Greg Madden: "Radeon 7000"
• Previous message: James Zuelow: "Re: Sorry..."
• In reply to: James Zuelow: "Re: Sorry..."
• Reply: Greg Madden: "Re: Sorry..."
• Reply: Greg Madden: "Re: Sorry..."

On Mon, 2004-01-19 at 09:58, James Zuelow wrote:
>
> On Mon, 19 Jan 2004 09:12:08 -0900
> blair parker <cmjvpp@corecom.net> wrote:
>
> >
> > The previous message was sent to AKLUG by someone spoofing the return address as ME !.. That really chaps my hide...
> >
> >
> FYI:
>
> --link--
> http://www.viruslist.com/eng/alert.html?id=783050
> --link--
>
> Cheers,
>
> James

This seems to be a good illustration of why it is advisable not to run
as root. Though on a W9X box you don't have a choice.

"The worm is activated only when a user clicks on the attached file.
Then the worm copies itself to the System directory under the name
"bbeagle.exe" and registers this file in the system registry auto-run
key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
 "d3dupdate.exe" = "%system%\bbeagle.exe"

-- 
Greg Madden
Precision Air Balance, Inc.
Phone: 907-276-0461
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Greg Madden: "Radeon 7000"
• Previous message: James Zuelow: "Re: Sorry..."
• In reply to: James Zuelow: "Re: Sorry..."
• Reply: Greg Madden: "Re: Sorry..."
• Reply: Greg Madden: "Re: Sorry..."

This archive was generated by hypermail 2a23 : Mon Jan 19 2004 - 10:31:06 AKST