Virus Warning for H.org members

TruWrecks

Banned
For those getting emails from Captian, VABusa, Pipefighter, etc.  I am currently working with Jester to help him solve this.   We have uncovered the following information:

EVERYBODY that has recieved an email from any of the above senders or anybody else, that contains un-solicited attachments, please scan your computers with updated virus scanners!

The email contains a virus payload that spreads by deleting security files that protect your computers.  MAC based computers are not affected, and cannot be infected, but can speard the virus by forwading the message to someone else!

W32.Blackmal.E@mm is a mass-mailing worm that attempts to spread through network shares and lower security settings.    

Also Known As:  CME-24, Win32.Blackmal.F [Computer Associates], Email-Worm.Win32.Nyxem.e [F-Secure], Email-Worm.Win32.Nyxem.e [Kaspersky], W32/MyWife.d@MM [McAfee], W32/MyWife.d@MM!M24 [McAfee], W32/Small.KI@mm [Norman], Tearec.A [Panda Software], W32/Nyxem-D [Sophos], WORM_GREW.{A, B} [Trend Micro]
 
Type:  Worm

Systems Affected:  Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP


The "Removal Tool" can be found at Symantec!

If you're email has been seen as an offender, you're computer may be infected!!!

This is not a joke!



<!--EDIT|TruWrecks
Reason for Edit: None given...|1139126031 -->
 
Mods!  Please make this a "Stiky" until we get through the mess!

Thanks,

Doug



<!--EDIT|TruWrecks
Reason for Edit: None given...|1138682161 -->
 
No virus found! Whew!
wink.gif
I did receive email from pipefighter,but I deleted it,it did have an attachment.
 
There is an attachment, and a Java Script that launches the virus. Scan you computer if you have even just read one of these messages!
 
Thanks RSD.

This nasty little package probably started by infecting one of our members Windows computers, then sending itself out (using it's own mail engine, so it can't be tracked) to everyone in that computer mail listings.  It will use Contact Lists, Inbox entries, web cache, etc., and any other source it can find to gather the email addresses.  It the SPAMS EVERY address it gathered.  When someone gets the email, the worm repeats it activities on the new computer.

I higly recommend that ALL org members scan your computers for this virus!  Make sure your anti-virus files are dated January 15, 2006 or newer!

Doug
 
Good work Doug.
I think I finally got my computer taken care of after opening the email from Captain.
Worked on it for 4 hours last night.
Would not let any of my virus scanners operate.
Downloaded the freedom security suite from Adelphia and it found 22 files affected by the virus.

Everyone please check you computer.
Only way I contact members of the board is through PM. If I send an email to you; you will know through PM first.
 
...there is....one of us jump in there and let people know...
Unfortunately, some members will read the whole necropost before they get to the warning. It still gets me sometimes. ...either that or you spend 20 minutes writing up a thorough response and find the person you're talking to asked 10 years ago.
 
Back
Top