Automated PC Solutions
VACM - Virus Alerts for the Common Man

get it now:   #1 AntiSpyware    #1 AntiVirus    #1 Personal Firewall      
   
      VACM Home      VACM Links      APCS Home     
            bookmark this page: Bookmark this page on Delicious...

Authentic looking eMail from "Mailer Daemon" is Downloader.BO virus (fix available)

  Your old boxes are worth CASH $$...   Click to learn more... 
 

Electronics
Bargains

 


VACM Home
  VACM How-To Movie:   Learn how to Remove Spyware from your PC for free (really!).   Click to Watch the video.  


Greetings from The VACM Team,

In This Issue:
----------------------
- Authentic looking eMail from "Mailer Daemon" is Downloader.BO virus (fix available)

 You are free to forward this critical information to anyone
 you wish as long as it is not modified in any way.

 People wishing to subscribe to the VACM Alerts may do so at:
     http://apcsnh.com/vacmsign.htm


***************************************************
* The Bottom Line...
***************************************************
Ever get those emails from Mailer Daemon that say "Sorry, we could
not send your email..." once in a while. Well, someone has now
decided to cleverly disguise a virus inside these authentic looking
emails. Don't be fooled!

Downloader.BO is a Trojan horse that downloads a backdoor
Trojan on your system, giving its creator complete remote control
of your PC.

The email arrives with an attachment and a "From" address of
"Mailer Daemon" or similar.  The body of the message varies
somewhat, but basically says that your email could not be sent
and the details are in the attachment.

The attachment is a file called "error.hta" or some other file
ending in ".hta".  As you may know, ".HTA" files are HTML
applications (executables), so it makes no sense whatsoever for
a mail server to send out a "unable to deliver..." message with
an HTML application attachment in the first place.

You may not see the ".HTA" file extension if your system is setup
to hide file extensions of commonly known file types.  See the
"What You Should Do" section below for a remedy for this. This is the
default way that Microsoft Windows is setup unfortunately, but it is
very easy to change this setting.

Once you UnHide file extensions, be aware that these other types of
files are also very commonly used means of spreading viruses in file
attachments:  
  .vbs, .bat, .exe, .pif, .shb, .she and .scr files

Downloader.BO is also know by these other names:
  TROJ_INOR.A, TROJ_INOR.B,
  Troj/Dloader-BO, Downloader-BO, Downloader-BO.b,
  TrojanDownloader.Win32.Inor and Downloader.Trojan

Downloader.BO affects all version of Windows, but does not
affect Macintosh, OS/2, UNIX or Linux.


***************************************************
* What You Should Do
***************************************************
Do these in the order shown-

1. Be SURE your antivirus software is up to date.  Be sure, do an
  update manually.  A full system scan after the update is
  highly advisable, also.

2. Long time VACM subscribers will remember our article regarding
  how to handle email attachments safely.  See our "Fear No
  Attachments" article at:

     http://www.apcsnh.com/vacm/vacm090501.html

  NEVER double-click on an attachment.  Instead, right-click
  on the attachment, do a "Save-As" and save the attachment
  to your Desktop.  This technique will give your antivirus
  software a chance to scan the attachment.  Up to date versions
  of Norton Antivirus easily catch this one.

3. If you have not yet done so, harden your system further by
  referring to the VACM "HowTo" articles at:

     http://www.apcsnh.com/vacm/

  Antivirus software alone is not 100% protection against malware.
  Our HowTo articles will help fill in the "holes" that all
  antivirus software has.




Best Regards,
Marc Deschenes, VACM Editor
The VACM Project at
Automated PC Solutions

 

 

*** Be sure to check out the appendix at the end of this alert
if you are having trouble booting your computer into "Safe Mode".
The process is all spelled out for you there.

 

Why should you be very
concerned about Spyware?		 Learn how to avoid Identity Theft and Windows corruption in this
free VACM Video:
     VACM-tested #1 AntiSpyware Software

How did they steal my Identity?

Why do I get so much SPAM ?

Why is your computer
running so slow ?

Today, every PC needs just a few protection softwares. Find out what and why. Visit our Links Page to avoid Indentiry Theft and costly computer repairs.
   VACM Links to Protection Tools and Softwares
Keep your PC Safe and
Avoid a costly trip to the shop...
with these VACM approved tools.

You need 3 things to protect your PC(s) automatically. Use these links to go directly to the Download and Purchase pages:

     

 

 

Old Shotgun Shell Boxes
are collector's items and
worth good money!
 (yes... just the empty boxes)

get your
  ShotShell BlueBook
price guide
now.
 

 

To cancel your subscription to VACM, reply to this email with the word UNSUBSCRIBE in the subject.

If you click on the link below, the "unsubscribe" email will be created for you and you can simply hit "Send" in you email program:

Create My Unsubscribe Email

IMPORTANT: please include the email address at which you are currently receiving VACM Alerts in the body of the message.

 

 

******** APPENDIX - Handy How-To Tips **********


  * How To Boot into Safe Mode

Shut the computer down so that the power is off.

Turn the computer on, wait 1 second and begin pressing the F8 key
on the keyboard, once every second repeatedly. Do this until
the Windows Startup Menu appears. If you get a keyboard
error, press F1 to resume and then continue pressing the
F8 key once every second, or your PC may tell you to press another key for BIOS setup.

Select Safe Mode from the Windows Startup Menu, then press
the Enter key on the keyboard.

Windows will then boot into Safe Mode.
NOTE: This may take longer than a normal boot.

At the end of the boot process a dialog box will appear
informing you that Windows is in Safe Mode. Click OK on this dialog box.

Windows is now in Safe Mode.

If you miss hitting the F8 at the right time, Windows will boot
normally and you will not see the "Safe Mode" message.  In this
case, start from the top of these instructions until you get the
boot menu screen where you can choose "Safe Mode".  This can be
a little tricky the first time you do it.

 

 

 

 

Locations of visitors to this page