Free Web Hosting Provider - Web Hosting - E-commerce - High Speed Internet - Free Web Page
Search the Web

Net Warrior: Free Antivirus, Bug fixes, Y2K tests ( possible fix) and more.
Best with IE4x
Great site, where I get most my information. Word of AOL 6.0 Leaks out! Free DSL plan released!!! Microsoft announced Windows 2000 Professional will launch on Feb. 17, 2000 .. Download of the day introduced. - ! More web accelerators, great search programs, encrypt programs, and more, all FREE!!!-- -- Rebates for Norton Antivirus 2000, Norton Utilities 2000, McAfee Classic 4, and Test And Fix for Y2K.. . IE5 flaw makes PCs vulnerable Internet Explorer 5 design flaw leaves users' PCs vulnerable to malicious code via Web surfing and e-mail. Thanks for visiting.

Section 1

Get Paid While Surfing net

Bug fixes & patches

Search this site

Ask questions Board

Special Requests

Section 2

Viruses&
Antivirus
New Virus 3-31-2000

Section 3
Tests for & links for
Y2k & 2000
Updated 1-1-2000

Section 4

Your
Privacy

Section 5


Great Downloads

New!! Updated

For your latest Microsoft Updates

Section 6

Emergency alert service
FAQ, Help, or staff hiring.

Links

Opinion

Free stuff Coming soon

VIRUSES- DESTROYER OF COMPUTERS (CAI)

==============================================

Win32/Aspam.Trojan trojan

==============================================

Win32/Aspam.Trojan A faked e-mail letter claiming to come from Microsoft is being send around recently. If you receive the following letter, do not run the attached executable. This letter is not send by Microsoft Corporation; it is spoofed, meaning somebody made it look like it has been sent by Microsoft. The attached executable is not a spam filter as claimed in the e-mail. Microsoft does not distribute files by e-mail. The official Microsoft software distribution policy can be reviewed at: http://www.microsoft.com/security/new/swdistribution.asp

----- Original Message -----

From: To: ; Sent: Tuesday, March 21, 2000 5:16 PM Subject: Microsoft Anti-Spam Policy Microsoft Anti-Spamming Policy To All Microsoft Users: Microsoft Corporation does not endorse "spamming"! We do not want people to receive unsolicited e-mail. In the strictest sense of the definition, you can not contact anyone via e-mail unless that person has specifically told you that you can contact them or invited contact (i.e. classified ad). This applies to businesses, non-profit organizations, and individuals. We do support open communications and we feel that 99.9% percent of the Microsoft Users community wants to hear about our new products, critical updates, and be informed about resources that are available on-line. The best way to let this many people know about the important matters, pertinent information, and resources is via e-mail. Most people do not appreciate receiving junk mail (normally without a valid reply address and a questionable "offer" of some kind). However, there are some people that are offended about receiving legitimate e-mail telling them about similar interest matters. Participate in the Microsoft Anti Spam Policy and remember YOU CAN STOP IT! !!! Here we want to say: This is not an UCE-mail, because you are getting something for free!!! Now we are proud to announce that our best developers have a solution to the most troublesome Internet problem nowadays: SPAM e-mail!!!. Let this be the last unexpected mail message you receive. The software included in this mail will navigate you through the things you need to do in order to restrain SPAM e-mails. For more information visit http://www.stopspam.org To all true Microsoft Users...Thank you for your time and understanding. Sincerely, Adam Ross Director of Microsoft Anti Spam Campaign Microsoft Corporation 2000 -----------------------------------------------------------------

The attached executable named Aspam.exe (file size 173,568 bytes) is a trojan horse. If executed, it will display a message box like this: Congratulations Your mail client is now properly configured to use Microsoft Anti Spam Policy® In reality, Aspan drops a DLL called Amcis32.dll (file size 145,408) into the Windows system directory and creates or modifies the following registry keys: HKEY_CLASSES_ROOT\CLSID\{657B9354-BB3B-4500-A9B0-109B4FA64815} = "IEClassObject" HKEY_CLASSES_ROOT\CLSID\{657B9354-BB3B-4500-A9B0-109B4FA64815}\InprocServer3 2 = "C:\WINDOWS\SYSTEM\AMCIS32.DLL" HKEY_CLASSES_ROOT\CLSID\{657B9354-BB3B-4500-A9B0-109B4FA64815}\InprocServer3 2\ThreadingModel = "Apartment" HKEY_CLASSES_ROOT\AMCIS32.IEClass = "IEClassObject" HKEY_CLASSES_ROOT\AMCIS32.IEClass\Clsid = "{657B9354-BB3B-4500-A9B0-109B4FA64815}" HKEY_CLASSES_ROOT\CLSID\{657B9354-BB3B-4500-A9B0-109B4FA64815}\ProgID = "AMCIS32.IEClass" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{657B9354-BB3B-4500-A9B0-109B4FA64815} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{657B9354-BB3B-4500-A9B0-109B4FA64815}\DontDelete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StuckRe cts2\MRU\1 = 43 41 56 46 44 5F 39 38

These entries cause Amcis32.dll to be loaded by the Windows Explorer. Computer Associates antivirus research team is still investigating the payload of the installed trojan. To delete the trojan from an infected system, delete Aspam.exe and Amcis32.dll.

Net Warrior: To protect & inform the public

Special Thanks to:

ZDNET, TuCows, Hit box


FastCounter by LinkExchange