Hi, Wally! I did a little research on this virus last week, as I had been
hearing of it from several other lists. Perhaps this will help us all
understand...Sorry I could't copy your list AND forward this on the
same post. I recognized a lot of the "Bible" list, so maybe you can
forward this to those who are not on our list...Pat Darnell
---------- Forwarded message ----------
**********************************************************
PROGRAMMER PLEADS GUILTY OF DEFRAUDING AOL
A former Yale computer science student has pleaded guilty to defrauding
America Online and faces a maximum sentence of five years in prison, a
$250,000 fine, and restitution to AOL for using that company's services
without paying for them. AOL estimates it lost between $40,000 and $70,000
in service charges because the student distributed his computer program,
which he called AOL4FREE, to hundreds of other computer users. (UPI 9 Jan
97)
**********************************************************
> Anyone who receives this must send it to as many people
> as you can. It is essential that this problem be reconciled
> as soon as possible. A few hours ago, I opened an E-mail that
> had the subject heading of "AOL4FREE.COM". Within seconds of
> opening it, a window appeared and began to display my files that
> were being deleted. I immediately shut down my computer, but it
> was too late. This virus wiped me out. It ate the Anti-Virus
> software that comes with the Windows '95 program along with
> F-Prot AVS. Neither was able to detect it. Please be careful and
> send this to as many people as possible, so maybe this new virus can
> be eliminated.
>
> DON'T OPEN E_MAIL NOTING "AOL4FREE"
>
> Be aware that there are letters going around that you have won free
> AOL until 1998...or AOL 4 Free...Please Delete...contains a virus
> that will wipe out your harddrive .. after you download and it
executes....
> it is too late.
>
> Please be very careful!!
**********************************************************
Also, go take a look at:
http://www.Europe.DataFellows.com/news/hoax.htm
where it discusses that a copycat trojan is doing what the original virus
scare was *meant* to do. This is a good one (in the bad sense), in that
the word went out that the program was safe, then someone did a copycat and
made it bad:
The original hoax message was widespread during March and the first and
second weeks of April, 1997. On the 16th of April, we received a copy of a
simple trojan horse, which attempts to execute the following commands on
your machine:
C:
CD\
DELTREE /y *.*
On most current PC machines, this will delete all files on your drive C:.
This is an obvious copycat attempt. Someone has read the original hoax
warning, seen the messages that announce the warning as a
hoax and then written a new trojan and named it AOL4FREE.COM - to confuse
things further.
In general, you should never execute programs received from unknown
sources.
As AOL4FREE is a totally new trojan horse (it does not spread so it's not
a virus), it will not be detected by current antivirus programs. If you
would like to scan for it with F-PROT, you can add the following
user-defined pattern to detect it:
CE AOL4FREE.COM Trojan
2F79202A2E2A0D00FFFFCD04054543484F4F594F
As AOL4FREE.COM is a trojan, it can not be disinfected, only deleted.
As far as we know, the AOL4FREE.COM trojan horse is not widespread. It
has been e-mailed as an attachment to several people, but it does
not spread by itself. This trojan can not be considered a serious threat
and should cause no widespread concern.
This PTG archive page provided courtesy of Moy Piano Service, LLC