-=PCTechTalk=- Fw: Virus Alerts [Panda Software reports the appearance of the new Op aserv.Y worm - 09/22/03]
- From: "cris" <cris@xxxxxxxxxxxxxxxx>
- To: "PCTechTalk" <PCTechTalk@xxxxxxxxxxxxx>
- Date: Mon, 22 Sep 2003 13:24:51 -0400
here we go again!
I'm sure my other anti-virus warnings will be pouring in !!
they seem to come in wave's - and this has been one really big wave this past
month!!
cris
----- Original Message -----
From: Virus Alerts
To: VIRUSALERTSCOM@xxxxxxxxxxxxxxxxxxxxxxxxx
Sent: Monday, September 22, 2003 10:07 AM
Subject: Virus Alerts [Panda Software reports the appearance of the new Op
aserv.Y worm - 09/22/03]
- Panda Software reports the appearance
of the new Opaserv.Y worm -
Virus Alerts, by Panda Software (http://www.pandasoftware.com)
Madrid, September 22, 2003 - PandaLabs has detected the appearance of the
new Y variant of the Opaserv worm. According to data gathered by Panda
Software's international technical support services, this malicious code is
already causing incidents.
Opaserv.Y spreads directly through the Internet by looking for computers to
infect. In order to do this, it checks if port 137 is open and unprotected.
If it is, Opaserv.Y gets into the computer through port 139 and copies
itself in the C:\Windows directory under the name Speedy.scr.
At the same time, it generates several entries in the Windows Registry in
order to ensure that it is run whenever the computer is started up. If the
infected computer is connected to a network, Opaserv.Y will exploit the
Windows vulnerability known as Share Level Password - based on an
inconsistency in the protection of network shares in the operating systems
Windows Me/98/95- in order to spread to the rest of the computers in the
network.
Up until now, PandaLabs has detected two versions of Opaserv.Y. The
difference between the two is the compression utility they are packed with.
Another characteristic of this malicious code is that if the user runs the
file carrying the worm from an MS-DOS window, instead of displaying the
following message: "This program requires MS Windows", one of the following
three will be displayed:
- Telefonica ganhe menos e faca mais!!
- Queremos melhores servicos da SPEEDY
- Melhorem o servico Speed seus FDPS!!
Due to the incidents detected and to avoid falling victim to Opaserv.Y,
Panda Software advises users to treat all e-mails received with caution and
to update their antivirus solutions immediately. The company has already
made the updates to its products available to users to ensure their
solutions can detect and eliminate Opaserv.Y. Those whose software is not
configured to update automatically, should update their solutions from
http://www.pandasoftware.com/.
Users can also scan their computers using the free, online antivirus, Panda
ActiveScan, which is available on the company's website at
http://www.pandasoftware.com/.
For more information about Opaserv.Y and other malicious code, visit Panda
Software's Virus Encyclopedia at the following address:
http://www.pandasoftware.com/virus_info/encyclopedia/.
NOTE: The addresses above may not show up on your screen as single lines.
This would prevent you from using the links to access the web pages. If this
happens, just use the "cut" and "paste" options to join the pieces of the
URL.
------------------------------------------------------------
To unsubscribe from Virus Alerts:
Send a message to the following address:
virusalertscom-SIGNOFF-REQUEST@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
------------------------------------------------------------
To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/
For more info:
//www.freelists.org/cgi-bin/list?list_id=pctechtalk
Other related posts:
- » -=PCTechTalk=- Fw: Virus Alerts [Panda Software reports the appearance of the new Op aserv.Y worm - 09/22/03]
