At the conclusion of this message is information from the McAfee
antivirus network about the 2 latest virus threats. One of them is
really wreaking havoc in commercial networks right now. If you have not
updated your antivirus software in the past week, this would be a good
time to do so.
Larry
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Larry Cartwright <exit60@ia4u.net>
Physics and Physical Science Teacher
Charlotte HS, Charlotte MI USA
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[W32/ExploreZip.worm.pak is a new, compressed variant of the original
W32/ExploreZip.worm. A high-risk threat, approaching outbreak levels!
It reproduces itself by sending replies to incoming email messages, with
itself as an attachment called "zipped_files.exe".]
[It includes a payload: it will search the user's mapped drives and
overwrite all files of types .c, .cpp, .asm, .doc, .xls, .ppt. to zero
Kb.]
!!! [IMPORTANT - If you receive an email with the message "I received
your email and I shall send you a reply ASAP. Till then, take a look at
the attached zipped docs.", DELETE IT IMMEDIATELY! It will have an
attachment called zipped_files.exe"; DO NOT DOUBLE-CLICK OR RUN THIS
ATTACHMENT!] !!!
[W95/Babylonia is a polymorphic virus. A medium risk.]
[The virus was first distributed on at least one newsgroup as a help
file called "serialz.hlp". When executed, the virus infects .EXE and
.HLP files, in some cases damaging them beyond repair. Upon infection,
the virus creates a file called KERNEL32.EXE, which monitors system
activity for Internet connection. When it detects an Internet
connection, it attempts to connect to a Web site hosted by a virus
authoring group, and if successful, it downloads additional components
of the complete virus to the host PC.]