My Norton Internet Security has just intercepted a copy. It appeared to be from thestreet.co.uk and had information about a newsletter. The link it contained went to what appeared to be a normal commercial (finance) site. Chris. -----Original Message----- From: owner-photoforum@listserver.isc.rit.edu [mailto:owner-photoforum@listserver.isc.rit.edu]On Behalf Of Doug Seibert Sent: 02 October 2002 20:24 To: List for Photo/Imaging Educators - Professionals - Students Subject: New Virus Alert Thought I'd pass along this warning from the "office": > >" We've been informed by our antivirus vendor of a > new high level virus > > called "BugBear.A". This worm terminates antivirus > processes and > > propagates by sending itself via email using its > own SMTP (Simple Mail > > Transfer Protocol) engine. The email that it sends > out contains no message > > body and uses any of the following as its subject: > > > 7 $150 FREE Bonus! > > 7 25 merchants and rising > > 7 Announcement > > 7 bad news > > 7 CALL FOR INFORMATION! > > 7 click on this! > > 7 Confirmation of Recipes... > > 7 Correction of errors > > 7 Daily Email Reminder > > 7 empty account > > 7 fantastic > > 7 free shipping! > > 7 Get 8 FREE issues - no risk! > > 7 Get a FREE gift! > > 7 Greets! > > 7 hello! > > 7 history screen > > 7 hmm.. > > 7 I need help about script!!! > > 7 Interesting... > > 7 Introduction > > 7 its easy > > 7 Just a reminder > > 7 Lost & Found > > 7 Market Update Report > > 7 Membership Confirmation > > 7 My eBay ads > > 7 New bonus in your cash account > > 7 New Contests > > 7 new reading > > 7 Payment notices > > 7 Please Help... > > 7 Report > > 7 SCAM alert!!! > > 7 Sponsors needed > > 7 Stats > > 7 Today Only > > 7 Tools For Your Online Business > > 7 update > > 7 various > > 7 Warning! > > 7 Your Gift > > 7 Your News Alert > > The email attachment may be one of these: > > 7 Setup.exe > > 7 3 July 2002.doc.pif > > It spoofs the FROM field of the email that it > sends out while the TO field > > contains addresses found in the Windows Address > Book (WAB). > > This worm opens port 36794 on the target system, > allowing a remote user to > > connect thereby compromising network security. It > also uses API > > (Application Program Interface) functions, ...................." Doug __________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com
