Note: To protect the privacy of our members, e-mail addresses have been removed from the archived messages. As a result, some links may be broken.
Sorry about this.
>>Passing this on:
>>>Date: Fri, 14 Mar 97 18:15:09 +0000
>>>Subject: McAfee Virus Report
>>> The previously posted messages related to a macro virus
>>>infecting some e-mail messages refer to a verified virus known
>>>as the ShareFun.A Virus. Details are posted on the McAfee
>>>website at http://www.mcafee.com/
>>> For those not familiar with the McAfee company, they are
>>>one of the biggest producers of virus protection software. When
>>>they report something, it's legit.....
>>> Details follow:
>>> This macro virus spreads by infecting Word documents in
>>>Microsoft Word versions 6.x and 7.x on Windows and Macintosh
>>>platforms. The virus consists of these macro names: AutoExec,
>>>autoOpen, FileClose, FileExit, FileOpen, FileSave, FileTemplates,
>>>ShareTheFun, ToolsMacro, in infected documents. The virus
>>>becomes active by using the Auto and System macros shown above.
>>> Indications of Infection - There is a one in four chance,
>>>after the virus has infected, of doing the following activity:
>>>First, the macro virus will save a copy of itself. Then it will
>>>check to see if you are running Microsoft Mail. If so, the
>>>virus will find 3 random people in y our mail list and send a
>>>copy of the infected document with the following subject:
>>>"You have GOT to read this!" If MSWord is launched to read
>>>this attached file, the receiver will become infected and above
>>>process will begin again. WARNING: If you receive a message
>>>with the following subject or banner: "You have GOT to read
>>>this!" do not execute its attachment. Delete the entire message.
>>>Do not attempt to look at the macros. Both the Tools/Macro
>>>and File/Templates will activate the virus. The macro File/Save
>>>is copied to the Global Template file NORMAL.DOT. Once this has
>>>occurred, any new document opened will be infected.
>>> Method of Infection - Macro viruses spread by having one or
>>>more macros in a document. Opening or closing the document or
>>>any activity which invokes the viral macros, activates the virus.
>>>When the macro is activated, it copies itself and any other macros
>>>it needs, sometimes to the global macro file NORMAL.DOT. If they
>>>are stored in NORMAL.DOT they are available in all open documents.
>>>At this point, the macro viruses try to spread themselves to other
>>>documents. Macro viruses spread easily through e-mail packages.
>>>The ability of these packages to send and quickly launch documents
>>>can infect hundreds of users at a time. Documents are much more
>>>mobile than executable files, passing from machine to machine as
>>>different people write, edit, or access them. Macro viruses can
>>>therefore spread very quickly through business offices and
>>> THAT'S ABOUT IT, GUYS..... So, if you are using any of those
>>>software programs mentioned at the start of this message, practice
>>>safe computing..... Those who send from their office computers or
>>>college systems where these target programs may be in use, should
>>>be extremely careful.
>>> For new folks on cyberspace - read the above and practice what
>>>they recommend.... I have always made it a practice to delete any
>>>e-mail with "attachments" requiring me to execute a program to read
>>> This is a very clever virus in that when it sends the infected
>>>message "You have GOT to read this!" the From: caption will be from
>>>you and the To: caption will be to a name selected from your own
>>>address book, meaning the message appears to be to a regular mail
>>>correspondent of your and therefore will probably be trusted!....
We are all teachers...teach only love. :)