[PBARC] Virus Alert Please make sure you read this message

[WOLF, EARNEST G]

Just received this from my Corps of Engineers son.
Looks pretty important to me.
Notice in "virus # 2' the comment about the preview pane.
Stewart

Subject: FW: Virus Alert Please make sure you read this message
Importance: High

 
Subject:        Virus Alert Please make sure you read this message 
Importance:     High 

PLEASE READ THE ENTIRE EMAIL IT INCLUDES THREE VIRUS ALERTS 
This is the third Virus alert in five days. Please remember when checking
your email that those that have attachments could be a virus even if you
know the sender. If you are not expecting an email from someone you know and
it has an attachment call them to make sure. 
Virus #1 
A new, fast spreading, mass mailing worm has been detected in the wild. No
Army systems have been compromised. This worm is known by the following
names:
Symantec:  W32.Novarg.A@mm <mailto:W32.Novarg.A@mm> 
McAfee:  W32/Mydoom@mm <mailto:W32/Mydoom@mm> 
Trend:  WORM_MIMAIL.R 
Due to a very high number of infections in the commercial world, the
anti-virus vendors have determined this to be a significant threat and have
rated it a level 4 out of a possible 5.
New anti-virus definitions have been released by the vendors and are
available from the ACERT at this time. 
The worm arrives via SMTP email with a random subject line and message body
of: 
"The message cannot be represented in 7-bit ASCII encoding and has been sent
as a binary attachment". 
The attachment will have a file extension of .exe, .pif, .scr,or .zip 

Virus #2 
A new mass-mailing virus called MyDoom flooding users e-mail boxes is the
subject of serious concern among solution providers. 
All that the virus needs to propagate is a user that has an open Microsoft
Windows preview pane in Outlook. The worm appears to be taking advantage of
one of the more recent trends in the malicious code world, randomized e-mail
virus that include a ZIP attachment to bypass traditional gateway filters,
said Ken Dunham, director of malicious code at Velocitus, Boise, Idaho. 
"This [virus] is taking off like a rocket, with well over 20,000
interceptions in just two hours of it being discovered" he said. 
If this Outlook pane is open, the virus automatically scours the user's
contacts and files. Based on the information gathered, it rapidly sends
infected e-mails out to other users, said one solution provider. 
"We have gotten several calls from customers so far about the [virus]," said
Vartan Ouzounian, chief operating officer of Secure Content Solutions, Santa
Ana, Calif. "It's pretty nasty and spreads fast." 
The subject line of the infected e-mail is not consistent and may say
'message undeliverable', 'hi', or 'test', among other subject lines. The
same holds for the attachment name which varies from readme.zip,
message.zip, and DELETDO.TXT, also among others. An adjoining message above
the attachment typically says 'the message contains Unicode characters and
has been sent as a binary attachment, or 'mail attachment failed. Partial
message is available.'" 
 
Virus #3 
This should not be confused with Dumaru, a medium risk mass mailed virus
identified today by Network Associates. 
W32.Dumaru.Z@mm is a multi-threaded, mass-mailing worm that downloads and
runs a file, runs a keylogger, and attempts to steal personal information.
This worm is similar to the W32.Dumaru.Y@mm
<http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru.y@mm.htm
l> worm.

The email has the following characteristics:

From: "Elene" <F**KENSUICIDE@HOTMAIL.COM> (censored)
Subject: Important information for you. Read it immediately !
Attachment: Myphoto.zip

The attachment is a zip file that contains the worm executable as
myphoto.jpg  <spaces> .exe". (There are numerous spaces between ".jpg" and
".exe".)

If in doubt don't open it. If it is important they will resend it. Most of
the virus infections require a rebuild of your system.
Thank You,