Yet Another Bulletin Board

Welcome, Guest. Please Login or Register.
May 19th, 2024, 3:17pm

Home Home Help Help Search Search Members Members Member Map Member Map Login Login Register Register
Clusterheadaches.com Message Board « W32/Zafi.d@MM »


   Clusterheadaches.com Message Board
   New Message Board Archives
   2004 Posts (Moderator: DJ)
   W32/Zafi.d@MM		 « Previous topic | Next topic »
Pages: 1  Reply Reply Notify of replies Notify of replies Send Topic Send Topic Print Print
   Author  Topic: W32/Zafi.d@MM  (Read 249 times)
The  mad viking
CH.com Alumnus
New Board Hall of Famer
Norway 
*****




Always Look on The Bright Side of Life

  svennthorn2003@yahoo.no  
WWW Email

Gender: male
 Posts: 3135
W32/Zafi.d@MM
« on: Dec 15th, 2004, 3:19pm »		 Quote Quote Modify Modify
Offering a fake holiday greeting, W32/Zafi.d@MM is a Medium Risk mass-mailing worm that arrives as an email attachment. When run, the worm displays a fake error message (Error in packed file!), infects the host computer and emails itself to stolen email addresses using the infected computer's Internet connection.  
 
Like previous variants, the worm sends itself in different languages depending on the recipient's address. For example, a .COM mail address receives an English message, a .DE mail address receives German.  
 
Note: To fortify your anti-virus defense against threats like W32/Zafi.d@MM that need Internet access to spread, we recommend installing McAfee Personal Firewall Plus.  
 
What should I look for?
 
 
FROM: Varies (forged addresses taken from infected system)  
SUBJECT: Example: Fw: Merry Christmas!  
BODY: Example: Happy Hollydays!  
ATTACHMENT: Example: postcard.php8583.zip  
 
 
How do I know if I've been infected?  
 
Fake error message displayed. Alerts from a desktop firewall (if installed) that a new application is asking for Internet access. TCP port 8181 open on the infected system.  
 
 
How do I find out more?
 
View details about W32/Zafi.d@MM here.
 
Svenn
IP Logged
Always Look on The Bright Side of Life
brain_cramps
New Board Hall of Famer
Canada 
*****





   
Email

Gender: male
 Posts: 2103
Re: W32/Zafi.d@MM
« Reply #1 on: Dec 15th, 2004, 3:44pm »		 Quote Quote Modify Modify
on Dec 15th, 2004, 3:19pm, Svenn wrote:
How do I find out more?
 
View details about W32/Zafi.d@MM here.

 
 
Where?
 
 
Here?     http://securityresponse.symantec.com/avcenter/venc/data/w32.erkez.d@mm.h tml
 
grant    Wink
IP Logged
firebrix
New Board Hall of Famer
New_Zealand 
*****



I must never weaken.

   


Gender: female
 Posts: 683
Re: W32/Zafi.d@MM
« Reply #2 on: Dec 15th, 2004, 4:47pm »		 Quote Quote Modify Modify
Thank you Svenn!
Keeping us safe again!
Last Xmas our friend got a brand new computer. Within one hour of using it, it had been so badly infected it wouldn't boot.  This time of year is often fraught with dangers and maybe the AV people don't have time to update as regularly as usual?
Be careful out there.
firebrix
IP Logged
"All that it takes for the triumph of evil is for good men to do nothing."
Edmund Burke
Pages: 1  Reply Reply Notify of replies Notify of replies Send Topic Send Topic Print Print

« Previous topic | Next topic »


Clusterheadaches.com Message Board » Powered by YaBB 1 Gold - SP 1.3.1!
YaBB © 2000-2003. All Rights Reserved.

©1998-2010 Web Vision Enterprises All rights reserved. All information on this site is protected by international copyright laws. You may not re-distribute any information from this site without written permission from Web Vision Enterprises and the webmaster of this site. Violators will be prosecuted.
You may view our privacy policy and financial disclosure statement here

test rss