Here we go again!!
http://story.news.yahoo.com/news?tmpl=story&cid=1804&ncid=738&e=6&u=/washpost/20030919/tc_washpost/a35735_2003sep19

Looks like it came directly from Redmond doesn't it? It exploits some live objects i think, I still haven't got a lot on it. Basically harmless per se but bad for traffic, educational for security

I have gotten 6 EMAILS that says its from microsoft in my yahoo mail box, that has the attachment, that says "Patch needed to be installed, or UPDATE now. .> How can they make it seem that its from microsoft?

Originally posted by shawners
How can they make it seem that its from microsoft?

Easily, ever heard of a remailer ?

More worms? Why am I not suprised. :mellow

I am glad I run linux.

True, linux has it's own share of security holes like every other OS available; but at least they are not being widely exploited like M$ Windows are.

I saw this on BBC earlier, but there are so many reports on new microsoft worms, I didn't know if it was new or the same old stuff.

As for spoofing your e-mail, I remember when you could do that using Telnet or something like that. I only did it once to myself. I wanted to pull a prank on some friends, but never thought of anything funny enough. Also you could look at properties to see who it was really from.

does anyone know where i can remove it. i am really depressed over it. does riaa bastards probally created it

Originally posted by interpol
does anyone know where i can remove it. i am really depressed over it. does riaa bastards probally created it

Go here (http://securityresponse.symantec.com/avcenter/venc/data/[email protected]#removalinstructions)

Originally posted by Wolfie
Go here (http://securityresponse.symantec.com/avcenter/venc/data/[email protected]#removalinstructions)
you have to be on crack to understand that. are there any programs that can remove it or do i have to suffer and read those instructions

i will wait until a patch is made. there was the same problem with ms blaster but they had patches for it after a week. maybe they will show a patch at download.com when they have one. until now. i am staying with the worm

Perhaps you only had a quick flick through those instructions. I am not technically minded (as many will verify), but I feel that those instructions are very clear step by step instructions. It assumes you know nothing. It may look like there is a lot their, but not all of it is relevent. It clearly labels what sections are needed for your Windows version.

As for a patch, there won't be one which does all this work for you. Firstly you need to switch off system restore. Windows is very protective over system restore, so no program can switch it off.

Go through the page again carefully and you should be fine

Good Luck!

Originally posted by Malicious Intent
Perhaps you only had a quick flick through those instructions. I am not technically minded (as many will verify), but I feel that those instructions are very clear step by step instructions. It assumes you know nothing. It may look like there is a lot their, but not all of it is relevent. It clearly labels what sections are needed for your Windows version.

As for a patch, there won't be one which does all this work for you. Firstly you need to switch off system restore. Windows is very protective over system restore, so no program can switch it off.

Go through the page again carefully and you should be fine

Good Luck!
it will take me a while but i will put it off for another time. this is my first time having a worm on my pc. i am really stressed over this issue. that sucks that you cant download a program that could do this for me.

Originally posted by interpol
it will take me a while but i will put it off for another time. this is my first time having a worm on my pc. i am really stressed over this issue. that sucks that you cant download a program that could do this for me. The news article only states that the worm exists. What makes you think that you have it?

Originally posted by interpol
it will take me a while but i will put it off for another time. this is my first time having a worm on my pc. i am really stressed over this issue. that sucks that you cant download a program that could do this for me.
I know how you feel, we have all been there. Its just really fustrating that someone somewhere thought that it would be a good idea.
So when I say get on and sort it out before the worm does damage or passes itself on, I say it because I'm supporting you. So get on with it!

Most worms try to propagate themselves using your computer as a host. If you know your computer well, you already know which programs are usually communicating or listening on your ports. Now, assuming you don't already have any programs installed that monitor for things like worms and trojans, this is what I would do...

First, turn off and file-sharing applications. Turn of any mail applications as well. Check your ports to see what traffic is being transmitted. If you have a worm or a trojan you are going to see network activity coming from an executable that usually woudn't show up. Find the executable on your task manager....end the process. Run a search for the executable on your disk. Delete it. Go into your registry....


\HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Run

\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\Run

Most of the time you will find a registry key here that points to the executable....it just tells it to run everytime you reboot.

Delete it. Don't have to tell you to be careful while working in your registry, always keep a backup before you do anything.

This will usually work with worms that were written by people that didn't put much effort into it. Most worms out there come from cut and paste junkies that don't know much about what they are doing.

Good luck.

Originally posted by DemonusAE
Most worms try to propagate themselves using your computer as a host. If you know your computer well, you already know which programs are usually communicating or listening on your ports. Now, assuming you don't already have any programs installed that monitor for things like worms and trojans, this is what I would do...

First, turn off and file-sharing applications. Turn of any mail applications as well. Check your ports to see what traffic is being transmitted. If you have a worm or a trojan you are going to see network activity coming from an executable that usually woudn't show up. Find the executable on your task manager....end the process. Run a search for the executable on your disk. Delete it. Go into your registry....


\HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Run

\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Cur rentVersion\Run

Most of the time you will find a registry key here that points to the executable....it just tells it to run everytime you reboot.

Delete it. Don't have to tell you to be careful while working in your registry, always keep a backup before you do anything.

This will usually work with worms that were written by people that didn't put much effort into it. Most worms out there come from cut and paste junkies that don't know much about what they are doing.

Good luck.
holy fuck. i feel that the computer is losing life. sometimes i cant copy but sometimes i can. it is like if it has aids or somethiing. should i close all emails that are logged on to the computer or should i close the ones that have a cookie and tell the computer to always be logged in?