-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I just received this update from Sophos. Perhaps this is the virus that is spreading? === Tim ********************************************** Tim Winders, MCSE, CNE, CCNA Associate Dean of Information Technology South Plains College Levelland, TX 79336 Phone: 806-894-9611 x 2369 FAX: 806-894-1549 Email: TWinders@SPC.cc.tx.us ********************************************** Date: Tue, 18 Sep 2001 16:45:07 +0100 (BST) From: Sophos Alert System <listmaster@sophos.com> Reply-To: sophos-list-bounce@sophos.com To: Undisclosed recipients: ; Subject: Sophos Anti-Virus IDE alert: W32/Nimda-A Name: W32/Nimda-A Type: W32 executable file virus Date: 18 September 2001 A virus identity file (IDE) which provides protection is available now from our website and will be incorporated into the November 2001 (3.51) release of Sophos Anti-Virus. Sophos has received many reports of this virus from the wild. Description: W32/Nimda-A is an email-aware virus that spreads using an attached filename of README.EXE. Sophos researchers are continuing to examine the virus and will be posting a more detailed description of the virus on the Sophos website once the analysis is complete. Download the IDE file from http://www.sophos.com/downloads/ide/nimda-a.ide Read the analysis at http://www.sophos.com/virusinfo/analyses/w32nimdaa.html Download a ZIP file containing all the IDE files available for the current version of Sophos Anti-Virus from http://www.sophos.com/downloads/ide/ides.zip Read about how to use IDE files at http://www.sophos.com/downloads/ide/using.html To unsubscribe from this service please visit http://www.sophos.com/virusinfo/notifications On Tue, 18 Sep 2001, Mark Radabaugh - Amplex wrote:
Follow up...
The web page on infected servers includes a script to send and open the file 'readme.exe' on windows machines. I do not know the details of when the executable does yet.
Mark
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (OSF1) Comment: Made with pgp4pine 1.76 iEYEARECAAYFAjundQUACgkQTPuHnIooYby+TwCfQcCXMSbLg1K/kmVXC9tS8DRR e/AAn3wEKbB8Us2u2B39YBT5couH5EcE =VXKa -----END PGP SIGNATURE-----