** VIRUS WARNING - W32/magistr.b@mm **

FYI
I just recieved this email...

McAfee.com has seen a large and growing number of systems infected with the W32/magistr.b@mm worm in Europe and South
America. Currently, there is a low incidence of this worm in North America. This is a MEDIUM RISK virus that is spread via email.

The messages sent by the worm contain varying subject headings, body text, and attachments. The body of the message is derived from the contents of other files on the victim's computer. It may send more than one attachment and may include non-EXE or non-viral files along with an
infectious .EXE file.

Five minutes after the virus is activated, it attempts to send copies of itself to email addresses found in the Windows
Address Book, and in the Outlook Express, Netscape and Eudora mailboxes on the hard drive.

The virus payload may also cause the following:

· Erasure of CMOS/BIOS info
· Destruction of sectors on the hard
disk
· Deletion of all .NTZ files on the machine
· Termination of Zone Alarm firewall program
· Creation of a SYSTEM.INI shell value to
run itself at startup
· Overwrites the WIN.COM/NTLDR

For detection and removal instructions for the W32/Magistr.b@mm virus, url= http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3D2429[b]click here[/url].

Hey...thanks for the heads up.

I have added a fictious name and address to my Outlook Express book that should thwart any virus I could wind up with from sending anything out.

Here is what I did. I placed a name of AAA in my address book with an email address of 'Jonny1#abc.com' (anything simular will work, and yes I used the # sign) Now, Outlook Express complained that this wasn't a valid email address...but it took it anyway. Then I attempted to send a test email to myself at 4 different addresses I have and included jonney1#abc.com. When I hit send, it would not transmit and gave me an error...so, nothing was sent, and if it had been a real virus trying to send to everybody in my address book, I would have been warned before, and could take action to clear the virus.

Of course, I never open any attachment anyway, but someday I will get infected...goes with the territory.

This virus is evil http://www.sysopt.com/forum/frown.gif

We got hit with an earlier version on our NT network before we went Win2k.

It trashed the HAL layer & rendered our PDC unbootable + wrecked the CMOS on another server.

Checkout:
http://securityresponse.symantec.com/avcenter/venc/data/w32.magistr.39921@mm.html

Regards

Eddy

Of course, I never open any attachment anyway, but someday I will get infected...goes with the territory.
Well, I don't necessarily agree, I think you can both open attachments and not get a virus. The email progy I use doesn't do anything automatically like some do. It lists every attachment with the extension and size. Pegasus (http://www.pmail.com)
I think part of the whole virus problem is bloated email clients to succor the user with flashing lights and colorful dancing bunnies that you can send to your friends. ... oops.. http://www.sysopt.com/forum/redface.gif

sigh, just sign me,
Surreal Curmudgeon

[This message has been edited by surrealchereal (edited 09-08-2001).]