[Bristol-Birds] Bristol Birders: Watch for e-mail infection
- From: Wallace Coffey <jwcoffey@xxxxxxxxxx>
- To: 1-A Bristol-Birds <bristol-birds@xxxxxxxxxxxxx>
- Date: Tue, 27 Jan 2004 15:03:31 -0400
Bristol Area Birders::
The mass-mailing worm W32.Novarg.A@mm was discovererd on January 26, 2004
and is causing a serious problem for e-mail users.
I am not aware of any such messages making it to the TN-Birds list. It is
reported as a worm that does not damage your computer but it will spread by
e-mail and send massive messages to persons in your address books.
YOU CAN PREVENT THE PROGRESS OF THIS WORM BY NOT OPENING THE ATTACHMENT.
THIS IS EXTREMELY IMPORTANT TO PROTECT THOSE IN YOUR ADDRESS BOOK.
If your computer system is: Windows 2000, Windows 95, Windows 98, Windows
Me, Windows NT, Windows Server 2003, Windows XP are not affected by this worm.
It does not affect the systems: DOS, Linux, Macintosh, OS/2, UNIX, Windows 3.
The messages usually arrive in your e-mail with one of the following subject
lines:
test
hi
hello
Mail Delivery System
Mail Transaction Failed
Server Report
Status
Error
The actual body of the message that you can see and read without opening the
attachment has one of the following messages:
Mail transaction failed.
Partial message is available.
The message contains Unicode characters and has been sent as a binary
attachment.
The message cannot be represented in 7-bit ASCII encoding and has been sent
as a binary attachment.
So far I have received a few messages with the worm but my Symnantec
Security antivirus program appears to be catching and deleting them as far
as I can determine.
W32.Novarg.A@mm is a mass-mailing worm that arrives as an attachment with
the file extension .bat, .cmd, .exe, .pif, .scr, or .zip.
When a computer is infected, the worm will set up a backdoor into the system
by opening TCP ports 3127 through 3198, which can potentially allow an
attacker to connect to the computer and use it as a proxy to gain access to
its network resources.
In addition, the backdoor can download and execute arbitrary files.
The worm will perform a Denial of Service (DoS) starting on February 1,
2004. It also has a trigger date to stop spreading on February 12, 2004.
We may see the internet and e-mail delivery slow down considerably in the
next few days as this virus spreads.
If any of you have the ability to go online and update your virus protection
software, please do so as soon as possible. Most software vendors are up
and running online with updates at this hours. You can also download a tool
which will clean the worm from your system if you determine it has been
infected.
I hope this helps subscribers better deal with this worm and that everything
returns to normal soon.
Let's go birding......
Wallace Coffey
Bristol Birds Moderator
Bristol, TN
*************************************************
BRISTOL BIRDS NET LIST
This is a regional birding list sponsored by the
Bristol Bird Club to facilitate communications
between birders and bird clubs of Southwest Virginia
and Northeast Tennessee. It serves the Russell County
Bird Club, Herndon TOS Chapter, Blue Ridge
Birders Club, Butternut Nature Club, Buchanan County
Bird Club, Bristol Bird Club, Clinch Valley Bird Club
and Cumberland Nature Club.
--------------------------------------------------
You are subscribed to Bristol-Birds.
To post to this mailing list, simply send an email
to: bristol-birds@xxxxxxxxxxxxxx To unsubscribe, send
an email to bristol-birds-request@xxxxxxxxxxxxx with
the one word 'unsubscribe' in the Subject field.
--------------------------------------------------
Wallace Coffey, Moderator
wallace@xxxxxxxxxxxxxxxxxxx
(423)764-****
Other related posts:
- » [Bristol-Birds] Bristol Birders: Watch for e-mail infection
