For everybody's sake, lets all do this

[Guest guest]

Please read the following and help your fellow members by doing a

virus scan today.

http://housecall.trendmicro.com/housecall/start_corp.asp

For a free, no nonsense Anti Virus system:

http://www.grisoft.com/us/us_index.php

There is a new Virus out there that could be as big as Klez and

SirCam very soon.

What is it and how do you protect yourself against it?

W32.Novarg.A@mm also known as Doom, is the name of the virus, and

much in the same way that other recent viruses " spoofed " email

addresses - this virus does the same thing.

The Novarg Virus " spoofs " the From address in the infected email.

Which means that the email from your friend containing a virus does

not actually come from the person it appears to come from ....

This means that a Norvag infected email more than likely does not

come from from the person it appears to come from. Only a check of

the source headers can verify the true sender.

Many antivirus products designed to send automatic alerts are

confused by this simple trick and thus perfectly innocent persons are

identified as the " senders " and are sent erroneous bounce messages

while the true sender remains oblivious to the fact that the Klez

virus is sending itself from their infected machines.

When a computer becomes infected by Norvag, the virus immediately

searches the infected computer for for email addresses that it can

use to begin sending itself out.

It starts by checking files which are most likely to have email

addresses in them on your pc.

Address books, spreadsheets, databases, text files etc.

Then it takes one of those addresses and uses it as the " from "

address in an email and it takes the next address and uses that as

the " to " address in an email - it then uses its own on board SMTP

engine to send itself to those addresses.

So

Amar - could have Akbar and 's email address on his computer.

His system gets infected, and the virus immediately finds Akbar and

's email addresses.

The virus then sends Akbar an infected email which looks as though it

is coming from .

Akbar complains to - does not know anything about it,

scans

his computer and is not infected

(as long as he has up to date anti-virus software running)

The virus keeps on spreading and as long as Amar's system is

infected - everytime it connects to the internet new emails will be

sent out.

How can you avoid it?

The emails that have been seen so far have the following

characteristics.

Subject:

(one of the following)

test

hi

hello

Mail Delivery System

Mail Transaction Failed

Server Report

Status

Error

Message:

(one of the following)

Mail transaction failed. Partial message is available.

The message contains Unicode characters and has been sent as a binary

attachment.

The message cannot be represented in 7-bit ASCII encoding and has

been sent as a binary attachment.

Attachment:

(one of the following)

document

readme

doc

text

file

data

test

message

body

The easiest way to protect yourself is to make sure that you have got

a GOOD anti-virus installed and up to date at all times. This will

not stop the emails coming to your mailbox, but it will prevent you

from unknowingly sending the virus to anyone else in your address

book.

To prevent the emails themselves - you will need to use your email

programs filtering tools.

http://www.techtv.com/callforhelp/answerstips/story/0,24330,2450945,00

..html

is probably the most effective way I have seen to handle most email

applications.

Block the messages based on the Message characteristics of the

infected emails (see above)

Also Disable the following option in Outlook/outlook express ...

Click the Tools menu, and then click Options.

On the Send tab, de-select the option Automatically put people I

reply to in my Address Book

this will prevent your address book storing names and will cut down

on the number of infected people you send the email to if you do ever

get infected.

Also make sure you visit your address book and remove any names from

there

that you do not need.

I hope this helps Explain the virus a little better and also explain

how to prevent infection and stop the emails coming into your

mailbox.

Kishore Shah