10 月
30
2004

W32/[email protected] & W32/[email protected]

VIRUS ADVISORY:

W32/[email protected] & W32/[email protected] – Medium Risk

————————————————————

Current VirusScan users with DAT 4403 are protected from

these threats. Learn more about…

W32/[email protected]:

http://us.mcafee.com/root/campaign.asp?cid=12534

W32/[email protected]:

http://us.mcafee.com/root/campaign.asp?cid=12535

FreeScan checks for both W32/[email protected] & W32/[email protected]

Scan now:

http://us.mcafee.com/root/campaign.asp?cid=12536

============================================================

–> What are they?

W32/[email protected] and W32/[email protected] are Medium Risk

mass-mailing worms that try to open up a hacker backdoor on

your computer. Carried inside an email attachment, the

viruses spread by forwarding themselves to e-mail addresses

stolen from an infected PC. Like their predecessors, they

also try to terminate anti-virus and other security software

protection.

Note: To fortify anti-virus defense against viruses that

carry backdoor payloads, we recommend installing McAfee

Personal Firewall Plus.

http://us.mcafee.com/root/campaign.asp?cid=11276

–> What should I look for?

FROM: Varies (spoofed)

SUBJECT: Re:, Re: Hello, Re: Thank you!, Re: Thanks :),

Re: Hi

BODY: :), :))

ATTACHMENT: Price, price, Joke (with an extension of .exe,

.scr, .com or .cpl)

–> How do I know if I’ve been infected?

Presence of wingo.exe file in Windows system directory.

Outgoing messages and attachments as described above.

How do I find out more?

W32/[email protected]:

http://us.mcafee.com/root/campaign.asp?cid=12534

W32/[email protected]:

http://us.mcafee.com/root/campaign.asp?cid=12535

Comments are closed.