Pave Low 14 Posted January 27, 2004 As many of you know there is a new Virus out that is currently infecting machines all over the place and is on course to be the "largest virus outbreak in months". It is known as one of the following aliases:MydoomMimail.R,Novarg.A,Shimg, W32.Novarg.A@mm,W32/Mydoom@MMMy mother received an infected e-mail just a few hours ago but fortunately Norton Anti-Virus stopped it dead. So to those of you with decent AV software, I recommend you update your signature files asap before downloading any e-mail. Full Virus Details can be found here > Symantec or here > Sophos A less technical article can be found at the BBC News page or at CNN news page Share this post Link to post Share on other sites
Avey 0 Posted January 27, 2004 The new virus, which has the aliases of MyDoom or Novarg, arrives as an attachment with an .exe, .scr, .zip or .pif extension and can have a subject line of "test" or "status." Another recent virus purports to be from Microsoft and instructs people to click on the attachment to install a security upgrade. Microsoft do not send out such e:mails and the 'upgrade' contains a virus. Share this post Link to post Share on other sites
Rocky 1,079 Posted January 27, 2004 I have had sooo many of those emails, this is big. Share this post Link to post Share on other sites
Crimson 0 Posted January 27, 2004 (edited) Anyone know how it affects the computer? Edited January 27, 2004 by Crimson Share this post Link to post Share on other sites
Dannik 30 Posted January 27, 2004 In brief, this worm scans your local files for email addresses, harvests them, attempts to send itself to those email addresses, and also leaves a "back door" on your system. It's most obvious "function" is providing a DDoS attack on SCO's webserver. Share this post Link to post Share on other sites
Rocky 1,079 Posted January 27, 2004 I couldn't figure out a quick check to see if your machine is infected. I am getting so many through the mail, and so many bounced to be that I am wondering. AVG came up clean, is there a certain file we can search for in a certain folder to know if we have it? Share this post Link to post Share on other sites
Rocky 1,079 Posted January 27, 2004 %System%\Shimgapi.dll: I think that means if you have that file in your windows/system folder, you are screwed. Share this post Link to post Share on other sites
ZJJ 13 Posted January 27, 2004 There is... below is the message I got at work... Mydoom is a highly pervasive new computer worm (a program that makes copies of itself by using e-mail or any number of other methods) that is attacking computers worldwide. This worm arrives at your pc in one of two ways: 1) P2P file sharing. The worm can spread to your PC if you access Internet file sharing networks, like Kazaa, or many web chat programs that use ICQ. 2) Via email attachment. The subject line/name/extension all vary. It "spoofs" the from name, so it may arrive in an email from someone you know. (This also means that someone else may also get the virus with your name in the "from" line, but that doesn't mean the virus was sent by you. It simply means your address was in someone's address book who had the virus and it used those addresses when it replicated). What you can do for your home PC: The best thing you can do is to update your anti-virus program and do not open email attachments, even if the sender name is familiar to you. One way to look for the worm is to go to Start, Search, and look for the file shimgapi.dll on your local C drive. If you find the file, you have the worm. Share this post Link to post Share on other sites
firefly2442 0 Posted January 28, 2004 Symantec has a free tool and removal steps if you have it.... Share this post Link to post Share on other sites
Stalker 0 Posted January 28, 2004 that worm sucks like sobig f in summer 2003... every day up to 150 infected mails YOU DAMN VIRUS PROGRAMMER Share this post Link to post Share on other sites
firefly2442 0 Posted January 28, 2004 It's SCOs fault.... j/k Share this post Link to post Share on other sites
NYR_32 6 Posted January 29, 2004 I've had 2 E-Mails that were infected sent my way....Norton stopped it dead with the newest virus reference files. Share this post Link to post Share on other sites
Dannik 30 Posted January 29, 2004 There's a new variant, apparently from the same author, except this one targets Microsoft.com. Share this post Link to post Share on other sites
Parabellum 11 Posted January 29, 2004 My web host installed new AV software this week which scans e-mails, so I'm safe. Share this post Link to post Share on other sites
deadly_sniper22 0 Posted January 29, 2004 I've had 2 E-Mails that were infected sent my way....Norton stopped it dead with the newest virus reference files. Thankfully i have Norton!! Share this post Link to post Share on other sites
Sart 34 Posted January 29, 2004 Bah, just got one of them flippin emails. Why must people invent this crap. Share this post Link to post Share on other sites
Rocky 1,079 Posted January 29, 2004 Bah, just got one of them flippin emails. Why must people invent this crap. One? Geez, I get 50 a day. And it's not so much the people that invent them that really bug me, it's the fools who open them that are the problem. Share this post Link to post Share on other sites
Sart 34 Posted January 29, 2004 Yeah yeah, "Mr. Popularity" rub it in. Just for that, I'm going to forward it to you. Share this post Link to post Share on other sites
Dark Ranger 0 Posted January 29, 2004 Sart, can you forward it to me? I haven't received one of 'em at my personal account. I wanna test my high-tech Anti-Virus thingymabob. Feel the wub. @ Rocky I completely agree with you. You don't know how frusturating it is to tell someone not to open emails/attachments from senders they don't recognize, only to receive a call from them 10 minutes later wondering why their Anti-Virus software popped up, informing them they had a virus attached to the email they just opened! Share this post Link to post Share on other sites
Sart 34 Posted January 29, 2004 Sart, can you forward it to me? I can't, I was joking about the whole forward thing, I deleted the frick'n thing soon as I got it. I love the fact that the email was from me, nice touch, I haven't sent any email in over a week. Share this post Link to post Share on other sites
Stalker 0 Posted January 30, 2004 in summer i got an infected mail from bajabravo Share this post Link to post Share on other sites
SnowFella 8 Posted February 2, 2004 probably not the real Bajabravo mate. When Sobig-F was at its worst I got mails from what seemed to be from a number of different GR.net members, including one from Baja and Rocky himself. They were all from hotmail accounts though. I know this virus faked an addy but what I can't understand was how it could fake an addy so it showed up like it was from someone I knew from the forum. Share this post Link to post Share on other sites
Rocky 1,079 Posted February 2, 2004 Indeed, you cannot go by the sender field. I got one from news@3dretreat this morning for example. Share this post Link to post Share on other sites
Specter 0 Posted February 2, 2004 Most of these virus writing A-Holes don't want to get caught, so they piggyback an email address that they stole from a previous virus they sent out when they were stealing address books earlier in the year last year. We all remember that. IP addys and email addys aren't proof of anything anymore without sophisticated software, a hell of a computer, and the knowledge to put them both to good use. Share this post Link to post Share on other sites
Guest SI-Prozac Posted February 2, 2004 hackers suck like that one 15 old kid got caught ... what happened to him? he better of gotten life behind bars. Share this post Link to post Share on other sites
