Pave Low Posted January 27, 2004 Share Posted January 27, 2004 As many of you know there is a new Virus out that is currently infecting machines all over the place and is on course to be the "largest virus outbreak in months". It is known as one of the following aliases:MydoomMimail.R,Novarg.A,Shimg, W32.Novarg.A@mm,W32/Mydoom@MMMy mother received an infected e-mail just a few hours ago but fortunately Norton Anti-Virus stopped it dead. So to those of you with decent AV software, I recommend you update your signature files asap before downloading any e-mail. Full Virus Details can be found here > Symantec or here > Sophos A less technical article can be found at the BBC News page or at CNN news page Quote Link to comment Share on other sites More sharing options...
Avey Posted January 27, 2004 Share Posted January 27, 2004 The new virus, which has the aliases of MyDoom or Novarg, arrives as an attachment with an .exe, .scr, .zip or .pif extension and can have a subject line of "test" or "status." Another recent virus purports to be from Microsoft and instructs people to click on the attachment to install a security upgrade. Microsoft do not send out such e:mails and the 'upgrade' contains a virus. Quote Link to comment Share on other sites More sharing options...
Rocky Posted January 27, 2004 Share Posted January 27, 2004 I have had sooo many of those emails, this is big. Quote Link to comment Share on other sites More sharing options...
Crimson Posted January 27, 2004 Share Posted January 27, 2004 (edited) Anyone know how it affects the computer? Edited January 27, 2004 by Crimson Quote Link to comment Share on other sites More sharing options...
Dannik Posted January 27, 2004 Share Posted January 27, 2004 In brief, this worm scans your local files for email addresses, harvests them, attempts to send itself to those email addresses, and also leaves a "back door" on your system. It's most obvious "function" is providing a DDoS attack on SCO's webserver. Quote Link to comment Share on other sites More sharing options...
Rocky Posted January 27, 2004 Share Posted January 27, 2004 I couldn't figure out a quick check to see if your machine is infected. I am getting so many through the mail, and so many bounced to be that I am wondering. AVG came up clean, is there a certain file we can search for in a certain folder to know if we have it? Quote Link to comment Share on other sites More sharing options...
Rocky Posted January 27, 2004 Share Posted January 27, 2004 %System%\Shimgapi.dll: I think that means if you have that file in your windows/system folder, you are screwed. Quote Link to comment Share on other sites More sharing options...
ZJJ Posted January 27, 2004 Share Posted January 27, 2004 There is... below is the message I got at work... Mydoom is a highly pervasive new computer worm (a program that makes copies of itself by using e-mail or any number of other methods) that is attacking computers worldwide. This worm arrives at your pc in one of two ways: 1) P2P file sharing. The worm can spread to your PC if you access Internet file sharing networks, like Kazaa, or many web chat programs that use ICQ. 2) Via email attachment. The subject line/name/extension all vary. It "spoofs" the from name, so it may arrive in an email from someone you know. (This also means that someone else may also get the virus with your name in the "from" line, but that doesn't mean the virus was sent by you. It simply means your address was in someone's address book who had the virus and it used those addresses when it replicated). What you can do for your home PC: The best thing you can do is to update your anti-virus program and do not open email attachments, even if the sender name is familiar to you. One way to look for the worm is to go to Start, Search, and look for the file shimgapi.dll on your local C drive. If you find the file, you have the worm. Quote Link to comment Share on other sites More sharing options...
firefly2442 Posted January 28, 2004 Share Posted January 28, 2004 Symantec has a free tool and removal steps if you have it.... Quote Link to comment Share on other sites More sharing options...
Stalker Posted January 28, 2004 Share Posted January 28, 2004 that worm sucks like sobig f in summer 2003... every day up to 150 infected mails YOU DAMN VIRUS PROGRAMMER Quote Link to comment Share on other sites More sharing options...
firefly2442 Posted January 28, 2004 Share Posted January 28, 2004 It's SCOs fault.... j/k Quote Link to comment Share on other sites More sharing options...
NYR_32 Posted January 29, 2004 Share Posted January 29, 2004 I've had 2 E-Mails that were infected sent my way....Norton stopped it dead with the newest virus reference files. Quote Link to comment Share on other sites More sharing options...
Dannik Posted January 29, 2004 Share Posted January 29, 2004 There's a new variant, apparently from the same author, except this one targets Microsoft.com. Quote Link to comment Share on other sites More sharing options...
Parabellum Posted January 29, 2004 Share Posted January 29, 2004 My web host installed new AV software this week which scans e-mails, so I'm safe. Quote Link to comment Share on other sites More sharing options...
deadly_sniper22 Posted January 29, 2004 Share Posted January 29, 2004 I've had 2 E-Mails that were infected sent my way....Norton stopped it dead with the newest virus reference files. Thankfully i have Norton!! Quote Link to comment Share on other sites More sharing options...
Sart Posted January 29, 2004 Share Posted January 29, 2004 Bah, just got one of them flippin emails. Why must people invent this crap. Quote Link to comment Share on other sites More sharing options...
Rocky Posted January 29, 2004 Share Posted January 29, 2004 Bah, just got one of them flippin emails. Why must people invent this crap. One? Geez, I get 50 a day. And it's not so much the people that invent them that really bug me, it's the fools who open them that are the problem. Quote Link to comment Share on other sites More sharing options...
Sart Posted January 29, 2004 Share Posted January 29, 2004 Yeah yeah, "Mr. Popularity" rub it in. Just for that, I'm going to forward it to you. Quote Link to comment Share on other sites More sharing options...
Dark Ranger Posted January 29, 2004 Share Posted January 29, 2004 Sart, can you forward it to me? I haven't received one of 'em at my personal account. I wanna test my high-tech Anti-Virus thingymabob. Feel the wub. @ Rocky I completely agree with you. You don't know how frusturating it is to tell someone not to open emails/attachments from senders they don't recognize, only to receive a call from them 10 minutes later wondering why their Anti-Virus software popped up, informing them they had a virus attached to the email they just opened! Quote Link to comment Share on other sites More sharing options...
Sart Posted January 29, 2004 Share Posted January 29, 2004 Sart, can you forward it to me? I can't, I was joking about the whole forward thing, I deleted the frick'n thing soon as I got it. I love the fact that the email was from me, nice touch, I haven't sent any email in over a week. Quote Link to comment Share on other sites More sharing options...
Stalker Posted January 30, 2004 Share Posted January 30, 2004 in summer i got an infected mail from bajabravo Quote Link to comment Share on other sites More sharing options...
SnowFella Posted February 2, 2004 Share Posted February 2, 2004 probably not the real Bajabravo mate. When Sobig-F was at its worst I got mails from what seemed to be from a number of different GR.net members, including one from Baja and Rocky himself. They were all from hotmail accounts though. I know this virus faked an addy but what I can't understand was how it could fake an addy so it showed up like it was from someone I knew from the forum. Quote Link to comment Share on other sites More sharing options...
Rocky Posted February 2, 2004 Share Posted February 2, 2004 Indeed, you cannot go by the sender field. I got one from news@3dretreat this morning for example. Quote Link to comment Share on other sites More sharing options...
Specter Posted February 2, 2004 Share Posted February 2, 2004 Most of these virus writing A-Holes don't want to get caught, so they piggyback an email address that they stole from a previous virus they sent out when they were stealing address books earlier in the year last year. We all remember that. IP addys and email addys aren't proof of anything anymore without sophisticated software, a hell of a computer, and the knowledge to put them both to good use. Quote Link to comment Share on other sites More sharing options...
Guest SI-Prozac Posted February 2, 2004 Share Posted February 2, 2004 hackers suck like that one 15 old kid got caught ... what happened to him? he better of gotten life behind bars. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.