MiMail is spreading-- Virus alert!
Straight_Man
Geeky, in my own wayNaples, FL Icrontian
RAV Virus Alert
VIRUS ALERT! Win32/Mimail.C@mm
November 3rd, 2003 - RAV AntiVirus Team is alerting all computer users that a dangerous Internet worm, called Win32/Mimail.C@mm (and the variants Win32/Mimail.E@mm and Win32/Mimail.F@mm), is reported to have a high infection level in the last 24 hours. This worm is classified as "Potentially destructive" by RAV Team and its spreading process has been carefully followed in the last 24 hours.
The signature of Win32/Mimail.C@mm is included in the database of RAV Engine starting with October 31, 2003. All RAV AntiVirus products using daily updates after this date are able to detect and clean the worm.
For a complete description of the worm, please read http://www.ravantivirus.com/virus/showvirus.php?v=203
_____________
(Cut for brevity- shortness of message)
_____________
This worm has 6 varieties. MiMail.A through MiMail.F, and A, C, And F are most rapidly spreading. This is a triple thread (copies itself 3X onto computers that activate it by trying to open the attachment) Internet\Email spread worm that hides as a purported zip of some photos. I recommend sysadmins read at the link about it. Attachment name for MiMail.C is "photos.zip" .
This is a W32 virus, name RAV is using is "Win32/MiMail.C@mm" and it might be a Sober related thing in that it has three threads. This means that Windows through ME are affected, I do not know about the more Enterprise Windows yet, but its actions set is to install itself as an undocumented Windows API IF Internet connectivity is present (it tries to resolve http://www.google.com/ ) and then if it can installs itself 3X on local machine, so cleaning should find three copies for each activation.
Security Rule one for end users needs to be to NOT open attachments that have not been scanned by a VERY rECENTLY UPDATED Antivirus. PC-Cillin, RAV, KAV, have defs in place for this, have not checked Norton AV yet to see. Unknown sender attachments should be deleted immediately if you do not have AV updated to today's definitions, ESPECIALLY if they are of the form ".zip" and talk about photos in message. Lots of newer viruses claim to be photo or graphic archives but instead are self-extracting viruses. Reject zips you did not ask for that are not from mfr sites or reputable places and downloaded KNOWING what they are by YOU, and all .zip attachments unless you requested same by alternate communications means-- not repquested in email.
Otherwise, use a non-Windows email pickup system and forward orr esend to others NOTHING.
John.
VIRUS ALERT! Win32/Mimail.C@mm
November 3rd, 2003 - RAV AntiVirus Team is alerting all computer users that a dangerous Internet worm, called Win32/Mimail.C@mm (and the variants Win32/Mimail.E@mm and Win32/Mimail.F@mm), is reported to have a high infection level in the last 24 hours. This worm is classified as "Potentially destructive" by RAV Team and its spreading process has been carefully followed in the last 24 hours.
The signature of Win32/Mimail.C@mm is included in the database of RAV Engine starting with October 31, 2003. All RAV AntiVirus products using daily updates after this date are able to detect and clean the worm.
For a complete description of the worm, please read http://www.ravantivirus.com/virus/showvirus.php?v=203
_____________
(Cut for brevity- shortness of message)
_____________
This worm has 6 varieties. MiMail.A through MiMail.F, and A, C, And F are most rapidly spreading. This is a triple thread (copies itself 3X onto computers that activate it by trying to open the attachment) Internet\Email spread worm that hides as a purported zip of some photos. I recommend sysadmins read at the link about it. Attachment name for MiMail.C is "photos.zip" .
This is a W32 virus, name RAV is using is "Win32/MiMail.C@mm" and it might be a Sober related thing in that it has three threads. This means that Windows through ME are affected, I do not know about the more Enterprise Windows yet, but its actions set is to install itself as an undocumented Windows API IF Internet connectivity is present (it tries to resolve http://www.google.com/ ) and then if it can installs itself 3X on local machine, so cleaning should find three copies for each activation.
Security Rule one for end users needs to be to NOT open attachments that have not been scanned by a VERY rECENTLY UPDATED Antivirus. PC-Cillin, RAV, KAV, have defs in place for this, have not checked Norton AV yet to see. Unknown sender attachments should be deleted immediately if you do not have AV updated to today's definitions, ESPECIALLY if they are of the form ".zip" and talk about photos in message. Lots of newer viruses claim to be photo or graphic archives but instead are self-extracting viruses. Reject zips you did not ask for that are not from mfr sites or reputable places and downloaded KNOWING what they are by YOU, and all .zip attachments unless you requested same by alternate communications means-- not repquested in email.
Otherwise, use a non-Windows email pickup system and forward orr esend to others NOTHING.
John.
0
Comments
More useless spam ensues.
NS
Same here