Due to a decreased rate of submissions, as of May 5, 2003, Symantec Security Response has downgraded the level of this threat from Category 3 to Category 2.
- Is a virus that has email worm capabilities and is network-aware.
- Infects Windows Portable Executable (PE) files, with the exception of the .dll system files.
W32.Magistr.24876@mm sends email messages to addresses it gathers from the Outlook/Outlook Express mail folders (.dbx, .mbx), the sent items file from Netscape, and Windows address books (.wab), which mail clients, such as Microsoft Outlook and Microsoft Outlook Express, use. The email message may have up to two attachments, and it has a randomly generated subject line and message body.
In many cases, this virus will "touch" files and send them as email attachments. Such files do not contain viral code and are considered clean. In such cases, it is safe to delete the file, and it would be prudent to inform the sender that the virus infected his or her system.
What are Portable Executable (PE) files?
Portable Executable (PE) files are files that are portable across all the Microsoft 32-bit operating systems. The same PE format executable can be executed on any version of Windows 95, 98, Me, NT, and 2000. Therefore, all the PE files are executable, but not all the executable files are portable.
A good example of a PE file is a screen saver (.scr) file.
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.