[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fwd: [PyrNet-L] Non-pyr/Virus warning/hard drive wipe out]

To: pyrnet-l@gamerz.net
Subject: Re: [Fwd: [PyrNet-L] Non-pyr/Virus warning/hard drive wipe out]
From: "Janice Swenson" <janices@jump.net>
Date: Thu, 24 Dec 1998 18:44:36 -0600
Priority: normal
Reply-To: pyrnet-l@pyrnet.org
Sender: owner-pyrnet-l@pyrnet.org

O.K., I did find the information at http://urbanlegends.miningco.com/

Is There a Virus Under Your Tree.exe? 

                         Dateline: 12/23/98 

Just in time for the holidays, a new round of virus warnings follows 
on the heels of a popular Christmas novelty program which many 
people have received as an email attachment.  

The program, usually known as "Christmas Tree," comes in the 
form of a file called "TREE.EXE."  Word on the cyberstreet is that 
some copies of it may harbor the dread CIH virus (also known as 
"Spacefiller"), which attacks PCs running Windows 95 and 98.  

The "payload delivery date" (as they say) of Dec. 26th has nothing 
to do with Christmas. CIH is programmed to attack on the 26th of 
every month. It attempts to rewrite the flash-BIOS of your computer 
and, if successful, renders it unbootable. It also scrambles the 
contents of your hard drive. Nasty bugger, eh?  

What's the real scoop? According to McAfee, a manufacturer of 
antivirus software, the TREE.EXE scare may just be a lot of hype. 
Here's a quote from their Website:  

We have received a program called TREE.EXE from a number of 
customers asking if the file is infected with Spacefiller or CIH. This 
appears to be an urban legend going around just now. The several 
samples we received so far are all identical and about 2Meg in 
size. The first was analyzed and tested and is being used to 
compare to the new samples we receive. The results of our testing 
so far has not revealed any virus, SPACEFILLER or otherwise. This 
does not mean someone could not infect the same program with 
any virus and re-release it, either deliberately or even accidentally.  

Go ahead and breathe a sigh of relief, but re-read that last 
sentence, too. While we know from past examples (such as the 
Bud Frogs Screen Saver alert) that pranksters enjoy spoiling the 
fun of popular downloads by falsely claiming they contain viruses, 
we also know that virtually any such software could be infected. 
Files that come to you as email attachments should be regarded 
as particularly suspect, because you have no way of knowing 
where they originated or how they may have been altered during 
their travels.  

Based on what we know to date, odds are if you've downloaded and 
run TREE.EXE on your PC, you're safe. Just be aware that what 
you've done is inherently risky behavior, and if you don't already 
have up-to-date antivirus software installed on your computer, you 
probably should get some.  

"Practice safe computing," warns McAfee. That's just plain good 
advice, any time of year.  

Janice, janices@jump.net
Admiral & Linsey (newfs), Bianca & Sonny (pyrs)  
http://www.jump.net/~janices/
Leander, TX
Visit Old West Newfoundland Club's website at  
http://www.jump.net/~janices/ownc/

Prev by Date: Re: [PyrNet-L] CHAT:S.Maine snow
Next by Date: Re: [PyrNet-L] Flock Guardian Pyr Problem
Prev by thread: Re: [Fwd: [PyrNet-L] Non-pyr/Virus warning/hard drive wipe out]
Next by thread: Re: [PyrNet-L] A few questions.
Index(es):
- Date
- Thread