IF the user urn the attachment a worm runs using the windows scripting host
program. This is not normally prsent on Win95, NT unless IE 5.0 or greater
has been installed.
This is a VERY nasty one becuase it will try to donwloadn and install an
excutable file called WIN-BUGSFIX.exe from the internet. This is a password
stealing programs that will email any chached passwords to
IF you suspect you've been hit here is a quick way to find out.
The worm copies itself in the following places:
also the following reg keys
If anyone is running MCAFEE Anti Virus I have the extra.dat file and can
e-mail it upon request..
Wahchang an Allegeney Technologies Company
WahChang an Allegeny Technologies Company
Phone: (541) 926-4211 x6321
Fax: (509) 275-2608
For more information about this list (including removal) go to: