RootsWeb.com Mailing Lists
Home

Results for list 'dutton'

Total: 1/1
    1. W32/ExploreZip.worm Virus
    2. Carole Dutton Malisiak

    3. McAfee can do an online virus search for pc users. http://www.mcafee.com/clinic/virusscan.asp carole _________________ > From: Larsen, Robert MAJ LARSENR > Sent: Friday, June 11, 1999 8:56 AM > To: 'Atlanta- MEPS'; 'Barry, Kathy'; 'Callahan, Barbara, Ms., SAPA'; > Delaney, William LTC DELANEYW; 'Diane Buck'; 'Doyle Coons'; 'Fink, > Robert'; 'Gibson, Chris, MAJ, OCLL'; Greenwood, Robert GREENWOR; > 'Horne, Debi'; 'Humphries, George LTC(R)'; 'Larry Adams'; 'Larsen Dennis > L'; 'Wegenhofts'; Martinson, Charles MARTINSC; Summers, Crystal SGT > SUMMERS; Wilson, Patty Mil Rev WILSONP1; Bourgeois, Christy BOURGEOC; > Davis, Phil DAC Mil Rev DAVISP; Giangreco, Dennis GIANGRED; Neeld, > Vaughn Mil Rev NEELDV; Roddin, Mike LTC RODDINM; Seefeldt, Larry MAJ > SEEFELDL; Acosta, Hector J. LTC ACOSTAH; Blue, Peggy DAC Mil Rev BLUEP; > Ganem, Louis Mil Rev GANEML; Gomez, Eileen GOMEZE; Palombo, Peter MAJ > PALOMBOP; Rezac, Lore Mil Rev REZACL; Sell, Miriam Mil Rev SELLM; > Stroble, Winona DAC, Mil Rev > Subject: FW: W32/ExploreZip.worm Virus > Importance: High > > fyi, this came from our Directorate of Educational Technology, therefore I > believe the source. > > -----Original Message----- > From: Parker, Robert LTC PARKERR > Sent: Thursday, June 10, 1999 9:36 PM > To: DL CGSC ADMN; DL CGSC DIR > Subject: W32/ExploreZip.worm Virus > > All: There is a new and particulary nasty virus on the streets known as > the W32.ExploreZip.worm virus. See Message Below. Please get the word > out to all personnel. We won't know if the virus has affected CGSC unless > you report it, so report ANY instances of it to the CGSC help desk. > > Any questions can be directed to the CGSC help desk at 8-3222. > > LTC Bob Parker > > > -----Original Message----- > From: Weidner, J.J. WEIDNERJ > Sent: Thursday, June 10, 1999 9:10 PM > To: DL IMO Alternates; DL IMOs > Cc: White, Ron WHITER > Subject: W32/ExploreZip.worm > > To all IMOs: > Today a notice from ACERT was put out about a new virus called ExploreZip. > The DOIM has updated the antivirus software on the E-mail systems and > Novell servers. Currently, there has not been any instances of this virus > on either one of these systems at Fort Leavenworth. > > This following is information from McAfee about the virus: > Characteristics: This is a 32bit Worm that travels by sending email > messages to users. It drops the file explore.exe and modifies either the > WIN.INI (Win9x) or modifies the registry (WinNT). > Information: > This worm attempts to invoke the MAPI aware email applications as in MS > Outlook, MS Outlook Express, MS Exchange and confirmed in Netscape-mail. > This worm replies to messages received with an email message with the > following body: > I received your email and I shall send you a reply ASAP. > Till then, take a look at the attached zipped docs. > The subject line is not constant as the message is a reply. The worm > (named "zipped_files.exe") is attached, with a file size of 210,432 bytes. > The file has a Winzip icon which is designed to fool unsuspecting users to > run it as a self-extracting file. User who run this attachment will be > presented with a fake error message that says > "Cannot open file: it does not appear to be a valid archive. If this file > is part of a ZIP format backup set, insert the last disk of the backup set > and try again. Please press F1 for help." > The Worm has a payload; immediately after execution it will search all > mapped drives for the following file types, and when it finds them, it > will erase their contents and the file will be zero bytes: > .c > .cpp > .h > .asm > .doc > .xls > .ppt > > > > What you can do: > > McAfee has put out a fix to detect and clean this virus. It is required > that both the latest dat files 4029 and a special dat file called > extra.dat be installed on the workstation. The 4029 dat files should have > been updated automatically during the last week, but if not, a manual > update within the McAfee software can be performed. Then the extra dat > files are enclosed in this E-mail and need to be installed. There are two > versions, one for Windows NT and Windows 9x (Windows 3.11 is not > affected). You just need to double click on the appropriate one, and > respond to the option to open it. It is a self extracting ZIP file. > > The most important thing that you can do is educate your users is if they > do see an E-mail with the attachment that meets the criteria about, not to > open the attachment, but to delete it immediately. > > > > > JJ Weidner > Computer Specialist > Directorate of Information Management > Fort Leavenworth, Kansas >

    06/11/1999 04:33:01