[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Fwd: [PyrNet-L] Non-pyr/Virus warning/hard drive wipe out]
O.K., I did find the information at http://urbanlegends.miningco.com/
Is There a Virus Under Your Tree.exe?
Dateline: 12/23/98
Just in time for the holidays, a new round of virus warnings follows
on the heels of a popular Christmas novelty program which many
people have received as an email attachment.
The program, usually known as "Christmas Tree," comes in the
form of a file called "TREE.EXE." Word on the cyberstreet is that
some copies of it may harbor the dread CIH virus (also known as
"Spacefiller"), which attacks PCs running Windows 95 and 98.
The "payload delivery date" (as they say) of Dec. 26th has nothing
to do with Christmas. CIH is programmed to attack on the 26th of
every month. It attempts to rewrite the flash-BIOS of your computer
and, if successful, renders it unbootable. It also scrambles the
contents of your hard drive. Nasty bugger, eh?
What's the real scoop? According to McAfee, a manufacturer of
antivirus software, the TREE.EXE scare may just be a lot of hype.
Here's a quote from their Website:
We have received a program called TREE.EXE from a number of
customers asking if the file is infected with Spacefiller or CIH. This
appears to be an urban legend going around just now. The several
samples we received so far are all identical and about 2Meg in
size. The first was analyzed and tested and is being used to
compare to the new samples we receive. The results of our testing
so far has not revealed any virus, SPACEFILLER or otherwise. This
does not mean someone could not infect the same program with
any virus and re-release it, either deliberately or even accidentally.
Go ahead and breathe a sigh of relief, but re-read that last
sentence, too. While we know from past examples (such as the
Bud Frogs Screen Saver alert) that pranksters enjoy spoiling the
fun of popular downloads by falsely claiming they contain viruses,
we also know that virtually any such software could be infected.
Files that come to you as email attachments should be regarded
as particularly suspect, because you have no way of knowing
where they originated or how they may have been altered during
their travels.
Based on what we know to date, odds are if you've downloaded and
run TREE.EXE on your PC, you're safe. Just be aware that what
you've done is inherently risky behavior, and if you don't already
have up-to-date antivirus software installed on your computer, you
probably should get some.
"Practice safe computing," warns McAfee. That's just plain good
advice, any time of year.
Janice, janices@jump.net
Admiral & Linsey (newfs), Bianca & Sonny (pyrs)
http://www.jump.net/~janices/
Leander, TX
Visit Old West Newfoundland Club's website at
http://www.jump.net/~janices/ownc/