[JA] Virus warning I received from friend
- From: Babette C Bloch <bvcb@xxxxxxxx>
- To: no-tags-request@xxxxxxxxxxxxxxx
- Date: Thu, 3 Oct 2002 09:04:45 -0700
This is a virus warning I got from a list to which I subscribe...relates
to received spam messages with no message in body.
--------- Forwarded message ----------
W32.bugbear
Here's a snippet from
http://www.antivirus.com
Risk rating:Medium
Virus type: Worm
Destructive: No
Aliases: NATOSTA.A, W32/Bugbear-A,Tanatos, W32/Bugbear@MM
Description: This worm terminates antivirus processes and propagates by
sending itself via email using its own SMTP (Simple Mail Transfer
Protocol) engine. The email that it sends out contains no message body
http://www.symantec.com posts this Security Response:
W32.Bugbear@mm is a mass-mailing worm that is rapidly spreading to
Windows users.
The subject and attachment name of incoming emails are randomly chosen.
The attachment will have a double extension ending in .exe, .scr, or
.pif.
When visiting http://www.grisoft.com/ and scrolling down to News, Virus
Alerts and Press Releases, a click on more information will give the
following details:
I-Worm/Bugbear (alias I-Worm/Keywo)
After its launching, this worm copies itself into System folder using the
same filename as in the e-mail. Then it distributes itself onto different
e-mail addresses that are stored in Adress book of the infected computer.
Also, it tries to find a computer where whole disk full access sharing is
allowed, and copies itself into Startup folder, which enables its
launching. . . . and goes on with further description and removal
instructions.
http://www.mcaffee.com posts the following on their site:
W32/Bugbear@MM Help Center
W32/Bugbear@MM is rated as MEDIUM RISK FOR HOME AND CORPORATE USERS. This
mass-mailing worm attempts to send itself to email addresses found on an
infected system. . .
There is more to be read about this worm and what it may do. Don't
panic,
read what you can do to disable it, should you feel you have be subjected
to it. Make SURE that your anti-viral program is installed, up-to-date,
and ACTIVATED. And... with this particular one, I would go and read the
manual removal instructions to be on the safe side. The AVG site
www.grisoft.com has a removal tool specific to this worm. You may want
to visit their site and read more.
IF you don't have anti-virus software, or have not renewed yours in a
long time, you can scan your computer drives while online for free at
http://www.antivirus.com
AVG is also a very good resident anti-virus program. Grisoft also offers
a free downloadable version. You can pay and get technical support too,
if you want, but I have had good results with the free version, as have
had others who recommended it to me.
If you are an Internet Explorer/MS Outlook user, visit
http://www.microsoft.com and download the latest versions or patches.
Another thought to consider is to stop using the fancy html code type of
email and return to plain text messaging only. It may not provide the
pretty colors and bells and whistles, however, it makes it darn hard for
viruses to hide in a message... they cannot.
Check your "help" dictionary in your email client for how to turn off the
HTML encoding.
To unsubscribe, send a message to ecartis@xxxxxxxxxxxxx with
"unsubscribe juno_accmail" in the body or subject.
OR visit //freelists.org
~*~
Other related posts:
