W32/Zafi.b@MM is a
Medium Risk mass-mailing worm that spreads via email and peer-to-peer applications.
When spreading via email, the worm will both spoof the sender's From address and send itself out in different languages depending on the top level domain of the recipient's email address. For example, if the address ends in .COM, the virus's email body will appear in English. If the address ends in .DE, the email will appear in German.
The worm also attempts to cripple anti-virus and firewall software installed on a user's system by locating and overwriting a user's security software with copies of itself. Furthermore, the worm will attempt to thwart manual detection by terminating key Windows processes.
Up-to-date McAfee VirusScan users with DAT 4366 are protected from this threat.
Learn More about W32/Zafi.b@MMScan for W32/Zafi.b@MM WHAT TO LOOK FOR: |
| FROM: Varies (forged addresses taken from infected system). SUBJECT: Varies. Examples: - You've got 1 VoiceMessage!
- Don't worry, be happy!
- Check this out kid!!!
BODY: Varies. - Hi Honey! I'm in hurry, but i still love ya... (as you can see on the picture) Bye - Bye:
- Send me back bro, when you'll be done...(if you know what i mean...) See ya,
ATTACHMENT: Varies. The worm will be attached with a .pif file extension. |
Simple solution....Never, never open an email from somebody you don't know.
Also, I get emails from "Microsoft" all the time telling me to use their patch. Never, never open this either. Microsoft will never send anybody an email as such.
Be careful.
Katie