Results 1 to 6 of 6

Thread: W32/Mydoom.f-at-MM (medium risk)

  1. #1

    Arrow W32/Mydoom.f-at-MM (medium risk)

    Another variant, Mydoom.f is being reported.
    This one "can also delete image, movie, Excel and Word files on an infected machine".

    http://us.mcafee.com/virusInfo/defau...01038&cid=9674


    A variant of the original Mydoom virus, W32/Mydoom.f-at-MM is a Medium Risk mass-mailing worm that can open up hacker backdoors on infected systems and launch denial-of-service attacks that target www.microsoft.com and www.riaa.com domains.

    Note: Unlike previous versions of Mydoom, Mydoom.f can also delete image, movie, Excel and Word files on an infected machine.

    Like other mass-mailing viruses, W32/Mydoom.f-at-MM steals email addresses from an infected machine, then mails itself to other computers, often spoofing the "from field." The worm arrives with random subject lines, such as "Please read," "Something for you" or "Please reply". The body of the e-mail contains an executable file often disguised as a text file.
    Stinger has been updated to assist in detecting and repairing this threat.

    http://vil.nai.com/vil/stinger

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,785
    the real danger of this is all the exploits out made to upload trojans backdoors or whatever to infected machines. at least netsky helped save some from this.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  3. #3
    Senior Member
    Join Date
    May 2003
    Posts
    159
    One more variant...... And still Cybercops clueless about origin of the virus.. Way to go Virus Writers..... I feel this is the golden Era for this virus writers... Look at Mydoom, Coolwebsearch.. no matter what amount of destruction they cause........Soon we will see mydoom.z variant.... Frankly dont have a clue how this virus can be contained.....

    :-( :-( :-(
    ****** Any man who knows all the answers most likely misunderstood the questions *****

  4. #4
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Frankly dont have a clue how this virus can be contained.....
    Coolwebsearch is not a virus.. though it should be... then the advertising bastards and their corporate sponsers behind it can be jailed..

    you forget that we have several virii out ther that are into ther second alpabet trip.. ie *.AB .. what was the YAHA worm.. Yaha.t at last look..

    How can it or many virus be contained.. train the idiot user...

    Train them to not open every single email with cute sounding attachments..
    Train them not to click on every single advertisement that says that their computer needs a boost
    Train them that the Anti virus program needs to update.. and dont trust the autoupdate..
    Train them that their operating system has a Update facility (this is most GUI OS's), and thay should check regularly for updates/patches..
    Train those who love the pron that the site owners don't know what the word ethical means, so don't trust the cheep download program they want you to install.
    Train those who use P2P fileshare, that P2P fileswapping is not as safe as the proponents would have them believe
    Train those who think Warez sites who claim safe software are normaly of the same ethical level as the guys who run the pron sites..
    Train all the users to manage their firewalls
    Train them to care for there system..

    And then sit back and accept that >80% of the ones you have just spent all your time training live by the rule: Lazy is as lazy does..

    The AV companies don't have a AV definition that covers Stupid and (unfortunatly) none of M$, RH, SUSE, etc have not yet developed a patch for DUMB.. or even STUPID..

    And while the challenge exists, malware writers will still be out there.. one more..one more.. and while users give permission PArasite and malware will continue to be installed..

    Cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  5. #5
    Senior Member
    Join Date
    May 2003
    Posts
    159
    Und3ertak3r true that Most virus can be stopped by following few steps.....

    But with a virus / trojan like Cool web search.. God save the end users..... CWS installs itself on a victims PC while he/she is browsing the web.....

    Now no maater how an user is careful about opening mails he cannot be careful of clicking links when he searches for them over the web..... I guess spreading of virus through browsers is a big future challenge that we need to address......

    Cheers
    ****** Any man who knows all the answers most likely misunderstood the questions *****

  6. #6
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    I still don't know what makes you think CWS is a virus:

    Browser hijacker.. yes.. Parasite ..Yes.. Virus ??? as I said should be.. but it is commercial sponsered software.. or Unsolicited Commercial software.. Read here: http://www.doxdesk.com/parasite/CoolWebSearch.html
    CoolWebSearch is a name given to a wide range of different browser hijackers. Though the code is very different between variants, they are all used to redirect users to coolwebsearch.com and other sites affiliated with its operators.

    The script at this site can only detect one of the variants listed here, namely CoolWebSearch/DNSRelay.
    And If you use registryProt from http://www.diamondcs.com.au/index.php?page=regprot
    the ball is back in the users court..

    Distribution
    Suspected to be installed by pop-ups exploiting security holes in IE.
    CWS is not something that I can infect your machine and therefore a friends.and so on..... you have the program installed when you visit certain websites and you ALLOW the program to install by clicking on the links.. funny that statement.. roll over is enough with some of these banners..
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •