9 月
30
2004

VIRUS ADVISORY – W32/[email protected]

VIRUS ADVISORY: W32/[email protected] – Medium Risk

————————————————————

Current VirusScan users with DAT 4395 are protected from

this threat. Learn more about W32/[email protected] here:

http://us.mcafee.com/root/campaign.asp?cid=11984

FreeScan checks for W32/[email protected]

Scan now:

http://us.mcafee.com/root/campaign.asp?cid=11985

============================================================

–> What is it?

W32/[email protected] is a Medium Risk mass-mailing worm that installs

a Remote Access component that can provide hackers access to

your computer. Carried inside an email attachment, the virus

spreads by emailing itself to e-mail addresses found on

your computer and copies itself to folders used by popular

file-sharing programs such as KaZaa, Bearshare and Limewire.

Like its predecessors, it also tries to terminate anti-virus

and other security software protection.

Note: To fortify anti-virus defense against viruses that

carry backdoor payloads, we recommend installing McAfee Personal

Firewall Plus.

http://us.mcafee.com/root/campaign.asp?cid=11276

–> What should I look for?

FROM: Varies (spoofed)

SUBJECT: Re:, Re: Hello, Re: Thank you!, Re: Thanks :),

Re: Hi

BODY: :), :))

ATTACHMENT: Price, price, Joke (with an extension of .exe,

.scr, .com or .cpl)

–> How do I know if I’ve been infected?

Communication Port 81 (TCP) open. Outgoing messages with

noted body content and attachments.

–> How do I find out more?

View details about W32/[email protected] here.

http://us.mcafee.com/root/campaign.asp?cid=11984

Comments are closed.