30
2004
W32/[email protected] & W32/[email protected]
An article by 阿維
VIRUS ADVISORY:
W32/[email protected] & W32/[email protected] – Medium Risk
————————————————————
Current VirusScan users with DAT 4403 are protected from
these threats. Learn more about…
W32/[email protected]:
http://us.mcafee.com/root/campaign.asp?cid=12534
W32/[email protected]:
http://us.mcafee.com/root/campaign.asp?cid=12535
FreeScan checks for both W32/[email protected] & W32/[email protected]
Scan now:
http://us.mcafee.com/root/campaign.asp?cid=12536
============================================================
–> What are they?
W32/[email protected] and W32/[email protected] are Medium Risk
mass-mailing worms that try to open up a hacker backdoor on
your computer. Carried inside an email attachment, the
viruses spread by forwarding themselves to e-mail addresses
stolen from an infected PC. Like their predecessors, they
also try to terminate anti-virus and other security software
protection.
Note: To fortify anti-virus defense against viruses that
carry backdoor payloads, we recommend installing McAfee
Personal Firewall Plus.
http://us.mcafee.com/root/campaign.asp?cid=11276
–> What should I look for?
FROM: Varies (spoofed)
SUBJECT: Re:, Re: Hello, Re: Thank you!, Re: Thanks :),
Re: Hi
BODY: :), :))
ATTACHMENT: Price, price, Joke (with an extension of .exe,
.scr, .com or .cpl)
–> How do I know if I’ve been infected?
Presence of wingo.exe file in Windows system directory.
Outgoing messages and attachments as described above.
How do I find out more?
W32/[email protected]:
http://us.mcafee.com/root/campaign.asp?cid=12534
W32/[email protected]:
http://us.mcafee.com/root/campaign.asp?cid=12535
Comments are closed.