Current Students Faculty and Staff Alumni Parents Business Partners
Directory Contact Us A-Z Index
Admissions Athletics
Virus Alerts
Email This Email a Friend   Print This Print   Larger Font Larger   Smaller Font Smaller
Trojan.Peacomm

All Ball State University computer users should be aware of an ongoing threat of Trojan.Peacomm.  Trojan.Peacomm is a Trojan horse that is being spread by unsolicited spam e-mail related to several different recent news events.

Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP

Also Known As: CME-711 [Common Malware Enumeration], TROJ_SMALL.EDW [Trend Micro], Small.DAM [F-Secure], Downloader-BAI [McAfee], Troj/Dorf-Fam [Sophos]

Trojan.Peacomm reportedly arrives as an attachment to a spammed e-mail and drops a driver program file to download additional security threats.  The attachment is actually a Trojan horse that will install itself on the system as a system driver and then download other malicious programs from various computers on the Internet. The attachment and the Trojan horse it contains will be detected as Trojan.Peacomm. The other malicious programs that are downloaded will be detected variously as Trojan.Abwiz.F and W32.Mixor.Q@mm.

Once installed and running, this threat attempts to establish communication with other infected systems on the Internet via a custom peer-to-peer network. This network is used as the distribution source from which the other malicious programs are downloaded.

Trojan.Peacomm has the following characteristics:

Subject:
One of the following:

  • A killer at 11, he's free at 21 and kill again!
  • U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
  • British Muslims Genocide
  • Naked teens attack home director.
  • 230 dead as storm batters Europe.
  • Re:  Your text
  • Radical Muslim drinking enemies's blood.
  • Chinese missile shot down Russian satellite
  • Chinese missile shot down Russian aircraft
  • Chinese missile shot down USA aircraft
  • Chinese missile shot down USA satellite
  • Russian missile shot down USA aircraft
  • Russian missile shot down USA satellite
  • Russian missile shot down Chinese aircraft
  • Russian missile shot down Chinese satellite
  • Saddam Hussein alive!
  • Saddam Hussein safe and sound!
  • Venezuelan leader:  "Let's the War beginning:".
  • Fidel Castro dead.

Attachment:
One of the following:

  • FullVideo.exe
  • Full Story.exe
  • Video.exe
  • Read More.exe
  • FullClip.exe
  • GreetingPostcard.exe
  • MoreHere.exe
  • FlashPostcard.exe
  • GreetingCard.exe
  • ClickHere.exe
  • ReadMore.exe
  • FlashPostcard.exe
  • FullNews.exe

To protect your PC from this Trojan horse you should be running Symantec Antivirus definitions from at least 01/19/2007.  If you do not have Symantec Antivirus already installed on your computer system please visit http://www.bsu.edu/antivirus/.

Also all Windows computer users should be perform regular updates by going to http://windowsupdate.microsoft.com/ or by configuring the Windows Update Service to perform automatic updates to your computer.


Ball State University Copyright © 2008 Ball State University   2000 W. University Ave. Muncie, IN 47306
800-382-8540 and 765-289-1241
Legal Information    |    Employment    |    TTY Numbers
"Education Redefined" is a registered trademark of Ball State University.