Three Virus to look out for WM97/Metys-L is a member of the WM97/Metys family. On 18Desciption:
December the virus displays a message box saying "Happy Birthday Jess"!
To celebrate, we're going to see how lucky you are ", followed by the user's username and
"Click the OK button below to roll a number. If your number matches that of the dealer, you win!".
There is then a random chance that the virus will password protect the user's document with a random numeric password.
W32/Apost-A is an email-aware worm which makes use of the Microsoft Outlook mail client. Description:
The worm arrives in an email with the following characteristics:
Subject line: 'As per your request!'
Message body: 'Please find attached file for your review. I look forward to hear from you again very soon. Thank you.'
Attached file: readme.exeWhen the attached file is executed it will try to copy itself to the floppy drive. It will also copy itself to
C:\windows\readme.exe and add the Registry key HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ macrosoft = C:\windows\readme.exe.
The worm then sends itself to people listed in the Outlook address book.
Finally the worm displays a dialog box with the title 'Urgent!' and a single large button labelled 'open'.
When clicked the worm will attempt to copy itself to the floppy drive again and will display another dialog box, this time with the title 'WinZip SelfExtractor: Warning' and the text 'CRC error: 234#21'.Description:
W32/Magistr-B is a variant of W32/Magistr-A, a polymorphic Description
Windows 32 executable file virus which spreads by infecting files and via email.The virus searches the user's address book, mailboxes and other files present on the computer for email addresses.
The virus specifically targets addresses from Outlook Express, Netscape Navigator and Internet Mail and News. It then sends itself to these email addresses using its own SMTP client.
The email message it sends has a randomly generated subject, body text and attached filename. The
possible attached filename extensions are .COM, .BAT, .PIF and .EXE.