RE: New Virus
- From: "Zoran" <zmarjanovic@xxxxxxxx>
- To: exchangelist@xxxxxxxxxxxxx
- Date: Wed, 28 Jan 2004 05:35:26 -0700
Read this
http://securityresponse.symantec.com/avcenter/venc/data/w32.novarg.a@xxxxxxx
> This is a multi-part message in MIME format.
>
> ------_=_NextPart_001_01C3E596.37E87B46
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> Hi guys
> =20
> please tell how do you know you have this virus on your network?
> =20
> thanks
> Lettah
>
> -----Original Message-----
> From: Jason Merrique [mailto:j.merrique@xxxxxxxxxxxxxxx]
> Sent: Tuesday, January 27, 2004 1:11 PM
> To: [ExchangeList]
> Subject: [exchangelist] RE: New Virus
>
>
> http://www.MSExchange.org/
>
> Viruses such as these are only of risk if they're executed by your mail =
> client. Outlook 2003 doesn't allow this by default (you need to save the =
> file first), am I right to feel complacent? Of course I do have AV on =
> the mail gateway, I'm just polling to see how confident fellow admins =
> are with Outlook 2003's. Is it taking steps in the right direction to =
> protect the use from viruses such as this?
>
>
> _____ =20
>
> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]=20
> Sent: 26 January 2004 22:30
> To: [ExchangeList]
> Subject: [exchangelist] New Virus
> Importance: High
>
>
> http://www.MSExchange.org/
>
>
> There is a new virus spreading rapidly. The AV vendors are working on =
> it.
>
> =20
>
> This one is going to be bad, as it is using zip attachments as well as =
> pif, scr and exe.
>
> =20
>
> Be prepared.
>
> =20
>
> John Tolmachoff
>
> Engineer/Consultant/Owner
>
> eServices For You
>
> =20
>
> ------------------------------------------------------
> List Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3Dexchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------=20
>
> ------------------------------------------------------
> List Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3Dexchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------=20
>
>
> ------_=_NextPart_001_01C3E596.37E87B46
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
> charset=3Diso-8859-1">
>
>
> <META content=3D"MSHTML 5.00.3700.6699" name=3DGENERATOR>
> <STYLE>@font-face {
> font-family: Verdana;
> }
> P.MsoNormal {
> FONT-FAMILY: "Times New Roman"; FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt
> }
> LI.MsoNormal {
> FONT-FAMILY: "Times New Roman"; FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt
> }
> DIV.MsoNormal {
> FONT-FAMILY: "Times New Roman"; FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt
> }
> A:link {
> COLOR: blue; TEXT-DECORATION: underline
> }
> SPAN.MsoHyperlink {
> COLOR: blue; TEXT-DECORATION: underline
> }
> A:visited {
> COLOR: purple; TEXT-DECORATION: underline
> }
> SPAN.MsoHyperlinkFollowed {
> COLOR: purple; TEXT-DECORATION: underline
> }
> P.MsoPlainText {
> FONT-FAMILY: "Courier New"; FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt
> }
> LI.MsoPlainText {
> FONT-FAMILY: "Courier New"; FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt
> }
> DIV.MsoPlainText {
> FONT-FAMILY: "Courier New"; FONT-SIZE: 10pt; MARGIN: 0in 0in 0pt
> }
> SPAN.EmailStyle17 {
> COLOR: windowtext; FONT-FAMILY: Arial
> }
> DIV.Section1 {
> page: Section1
> }
> </STYLE>
> </HEAD>
> <BODY lang=3DEN-US link=3Dblue vLink=3Dpurple>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN =
> class=3D133105711-28012004>Hi=20
> guys</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
> class=3D133105711-28012004></SPAN></FONT> </DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN =
> class=3D133105711-28012004>please=20
> tell how do you know you have this virus on your =
> network?</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
> class=3D133105711-28012004></SPAN></FONT> </DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
> class=3D133105711-28012004>thanks</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
> class=3D133105711-28012004>Lettah</SPAN></FONT></DIV>
> <BLOCKQUOTE>
> <DIV align=3Dleft class=3DOutlookMessageHeader dir=3Dltr><FONT =
> face=3DTahoma=20
> size=3D2>-----Original Message-----<BR><B>From:</B> Jason Merrique=20
> [mailto:j.merrique@xxxxxxxxxxxxxxx]<BR><B>Sent:</B> Tuesday, January =
> 27, 2004=20
> 1:11 PM<BR><B>To:</B> [ExchangeList]<BR><B>Subject:</B> [exchangelist] =
> RE: New=20
> Virus<BR><BR></DIV></FONT>http://www.MSExchange.org/<BR>
> <DIV><SPAN class=3D784031109-27012004><FONT face=3DVerdana =
> size=3D2>Viruses such as=20
> these are only of risk if they're executed by your mail client. =
> Outlook 2003=20
> doesn't allow this by default (you need to save the file first), =
> am I=20
> right to feel complacent? Of course I do have AV on the mail gateway, =
> I'm just=20
> polling to see how confident fellow admins are with Outlook 2003's. Is =
> it=20
> taking steps in the right direction to protect the use from =
> viruses such=20
> as this?</FONT></SPAN></DIV><BR>
> <BLOCKQUOTE=20
> style=3D"BORDER-LEFT: #0000ff 2px solid; MARGIN-LEFT: 5px; =
> MARGIN-RIGHT: 0px; PADDING-LEFT: 5px">
> <DIV align=3Dleft class=3DOutlookMessageHeader dir=3Dltr =
> lang=3Den-us>
> <HR tabIndex=3D-1>
> <FONT face=3DTahoma size=3D2><B>From:</B> John Tolmachoff (Lists)=20
> [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] <BR><B>Sent:</B> 26 January =
> 2004=20
> 22:30<BR><B>To:</B> [ExchangeList]<BR><B>Subject:</B> [exchangelist] =
> New=20
> Virus<BR><B>Importance:</B> High<BR></FONT><BR></DIV>
> <DIV></DIV>http://www.MSExchange.org/<BR>
> <DIV class=3DSection1>
> <P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Arial; FONT-SIZE: 10pt">There is a new virus =
> spreading=20
> rapidly. The AV vendors are working on it.</SPAN></FONT></P>
> <P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Arial; FONT-SIZE: =
> 10pt"></SPAN></FONT> </P>
> <P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Arial; FONT-SIZE: 10pt">This one is going to =
> be bad, as=20
> it is using zip attachments as well as pif, scr and =
> exe.</SPAN></FONT></P>
> <P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Arial; FONT-SIZE: =
> 10pt"></SPAN></FONT> </P>
> <P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Arial; FONT-SIZE: 10pt">Be =
> prepared.</SPAN></FONT></P>
> <P class=3DMsoNormal><FONT face=3DArial size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Arial; FONT-SIZE: =
> 10pt"></SPAN></FONT> </P>
> <P class=3DMsoNormal><STRONG><B><FONT face=3DVerdana size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Verdana; FONT-SIZE: 10pt">John=20
> Tolmachoff</SPAN></FONT></B></STRONG></P>
> <P class=3DMsoNormal><STRONG><B><FONT face=3DVerdana size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Verdana; FONT-SIZE: =
> 10pt">Engineer/Consultant/Owner</SPAN></FONT></B></STRONG></P>
> <P class=3DMsoNormal><STRONG><B><FONT face=3DVerdana size=3D2><SPAN=20
> style=3D"FONT-FAMILY: Verdana; FONT-SIZE: 10pt">eServices For=20
> You</SPAN></FONT></B></STRONG></P>
> <P class=3DMsoNormal><FONT face=3D"Times New Roman" size=3D3><SPAN=20
> style=3D"FONT-SIZE: =
> 12pt"></SPAN></FONT> </P></DIV>-------------------------------------=
> -----------------<BR>List=20
> Archives:=20
> =
> http://www.webelists.com/cgi/lyris.pl?enter=3Dexchangelist<BR>Exchange=20
> Newsletters: =
> http://www.msexchange.org/pages/newsletter.asp<BR>Exchange FAQ:=20
> =
> http://www.msexchange.org/pages/larticle.asp?type=3DFAQ<BR>--------------=
> ----------------------------------------<BR>Other=20
> Internet Software Marketing Sites:<BR>Leading Network Software =
> Directory:=20
> http://www.serverfiles.com<BR>No.1 ISA Server Resource Site:=20
> http://www.isaserver.org<BR>Windows Security Resource Site:=20
> http://www.windowsecurity.com/<BR>Network Security Library:=20
> http://www.secinf.net/<BR>Windows 2000/NT Fax Solutions:=20
> =
> http://www.ntfaxfaq.com<BR>----------------------------------------------=
> --------=20
> =
> </BLOCKQUOTE>------------------------------------------------------<BR>Li=
> st=20
> Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3Dexchangelist<BR>Exchange=20
> Newsletters: =
> http://www.msexchange.org/pages/newsletter.asp<BR>Exchange FAQ:=20
> =
> http://www.msexchange.org/pages/larticle.asp?type=3DFAQ<BR>--------------=
> ----------------------------------------<BR>Other=20
> Internet Software Marketing Sites:<BR>Leading Network Software =
> Directory:=20
> http://www.serverfiles.com<BR>No.1 ISA Server Resource Site:=20
> http://www.isaserver.org<BR>Windows Security Resource Site:=20
> http://www.windowsecurity.com/<BR>Network Security Library:=20
> http://www.secinf.net/<BR>Windows 2000/NT Fax Solutions:=20
> =
> http://www.ntfaxfaq.com<BR>----------------------------------------------=
> --------=20
> </BLOCKQUOTE></BODY></HTML>
>
> ------_=_NextPart_001_01C3E596.37E87B46--
Other related posts: