Home > General > Worm.sco.a


Click the "System Restore" tab.4. New virus infects PCs, whacks SCO 27-01-2004,06:06 PM #6 Billy T Guest Re: What is "Worm.sco.a up to?? This is strange because I have not sent any this afternoon and the home pc was off when the emails were returned. The original version, Mydoom.A, is described as carrying two payloads: A backdoor on port 3127/tcp to allow remote control of the subverted PC (by putting its own SHIMGAPI.DLL file in the Source

Mention this ad and get $720 off any course! Preview post Submit post Cancel post You are reporting the following post: worm.Sco.a This post has been flagged and will be reviewed by our staff. All submitted content is subject to our Terms of Use. SHOW ME NOW CNET © CBS Interactive Inc.  /  All Rights Reserved.

Later testing suggests that it functions in only 25% of infected systems. From a 5.8-inch OLED display, reports of wireless charging and even a 3D scanner for facial recognition, it's all here. It does not attack non-infected computers. icon.

PCWorld Home Forum Today's Posts FAQ Calendar Community Groups Albums Member List Forum Actions Mark Forums Read Quick Links View Forum Leaders Who's Online What's New? Generating an NDR in this case is not only useless, but actively detrimental to the performance and stability of the network. SCO Offers Reward for Arrest and Conviction of Mydoom Virus Author - SCO press release, 27 January 2004. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses.

This worm uses the backdoor left by Mydoom to spread. We need to cover the problem now, and as far down the path as we dare to venture. BBC. 2004-02-04. ^ http://abcnews.go.com/Technology/ZDM/story?id=97385 ^ "Microsoft Information: MyDoom (Wayback Archive from 4 Feb 2004)". Wired News. 2009-07-08.

tab, and then click ?File System?.4. This theory was rejected immediately by security researchers. By using this site, you agree to the Terms of Use and Privacy Policy. Speculative early coverage held that the sole purpose of the worm was to perpetrate a distributed denial-of-service attack against SCO Group. 25 percent of Mydoom.A-infected hosts targeted www.sco.com with a flood

  1. Newsweek.
  2. The new version includes the original denial of service attack against SCO Group and an identical attack aimed at Microsoft.com beginning on 3 February 2004; however, both attacks are suspected to
  3. We all agree that security is an evolution, a fluid process of forward progress and innovation.
  4. July 2009: MyDoom resurfaces in the July 2009 cyber attacks affecting South Korea and the United States.[10] See also[edit] Computer security portal Timeline of notable computer viruses and worms References[edit] ^
  5. It also copies itself to the “shared folder” of peer-to-peer file-sharing application KaZaA in an attempt to spread that way.
  6. Once reported, our moderators will be notified and the post will be reviewed.
  7. The System Properties dialog box appears.NOTE: If the System icon is not visible, click "View all Control Panel options" to display it.3.
  8. I've just got hammered with a few hundred of these in the last hour and a half and I can't quite discern what exactly the virii is.

Click Start, point to ?Settings?, and then click ?Control Panel?.2. To start viewing messages, select the forum that you want to visit from the selection below. Right-click on the ?My Computer? Nikulin: "Re: [ROOT] [Alt+Tab] and SetKeyAutoRepeat trouble" Previous message: Rene Brun: "Re: [ROOT] [Alt+Tab] and SetKeyAutoRepeat trouble" Messages sorted by: [ date ] [ thread ] [ subject ] [ author

That would be a nice start, be we also need to think down the road. http://comvurgent.com/general/worm-generic-fx.html Thank you for helping us maintain CNET's great community. However, the backdoor remains open after this date. 1 March: Mydoom.B is programmed to stop spreading; as with Mydoom.A, the backdoor remains open. 26 July: A variant of Mydoom attacks Google, Nikulin: "Re: [ROOT] [Alt+Tab] and SetKeyAutoRepeat trouble" Previous message: Rene Brun: "Re: [ROOT] [Alt+Tab] and SetKeyAutoRepeat trouble" Messages sorted by: [ date ] [ thread ] [ subject ] [ author

My suggestion would be that NDR's not be generated for messages that are identified as being created with Virii that always falsify the source address (such as SOBiG, MyDOOM etc.). For your reference, here are headers from your email: ------------------------- BEGIN HEADERS ----------------------------- From: [email protected] To: [email protected] Subject: TKSUQJZCIMPVH Date: Wed, 28 Jan 2004 22:32:01 +0200 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0003_F4772286.299DE83B" Cheers Billy 8-{) 27-01-2004,06:06 PM #7 metla Guest Re: What is "Worm.sco.a up to?? http://comvurgent.com/general/worm-bagle-bt.html F-Secure Corporation. "Win32.Mydoom.A".

It also installs a backdoor for remote control, readies itself to DDoS SCO's website, and according to some (unsubstantiated, that I can tell) reports, it installs a keystroke logger. If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Click the ?Performance?

For a period of a few hours mid-day, the worm's rapid spread slows overall internet performance by approximately ten percent and average web page load times by approximately fifty percent.

The McGraw-Hill Companies Inc. ^ "More Doom?". they build a better mouse, we make a better trap. Shawn --------------------------------------------------------------------------- Ethical Hacking at InfoSec Institute. Please check your system for viruses, or ask your system administrator to do so.

Click Start.2. Retrieved 2009-07-09. BusinessWeek. Check This Out All the bounced emails have been stamped with the xtra email virus scanner but I cant see who they were sent to or whether they really came from me???

Double-click the ?System? Are they all the same virus? Ah so! what do i do?

My 2c. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc., a non-profit organization. F-Secure Computer Virus Information Pages. I hope the email address was spoofed then, but the AV is up to date on that box as of minutes before this started so we'll see if the scan picks

To: [email protected]??? The smaller number of copies of this version in circulation meant that Microsoft's servers suffered few ill effects.[6][7] Timeline[edit] 26 January 2004: The Mydoom virus is first identified around 8am EST Information about the Mydoom worm from Symantec.com Retrieved from "https://en.wikipedia.org/w/index.php?title=Mydoom&oldid=769555316" Categories: Email wormsWindows virusesHacking in the 2000sHidden categories: CS1 maint: Unfit urlArticles containing potentially dated statements from 2004All articles containing potentially Sorry, there was a problem flagging this post.

Action: failed Status: 5.7.1 Diagnostic-Code: smtp; 550 5.7.1 Message content rejected, id=15514-01 - VIRUS: Worm.SCO.A Last-Attempt-Date: Thu, 29 Jan 2004 08:57:36 +0100 (CET) ------------=_1075363056-15514-1 Content-Type: text/rfc822-headers Content-Disposition: inline Content-Transfer-Encoding: 7bit Content-Description: Its payload, akin to one of Mydoom.B's, is a denial-of-service attack against Microsoft.[9] 12 February: Mydoom.A is programmed to stop spreading. The Seattle Times. tab, and then check ?Disable System Restore?.After that, restart the computer into "Safe Mode" using the instructions below:Restart the computer, pressing the F8 key once per second, till it loads a

It's MyDoom.A. Disruptive posting: Flaming or offending other usersIllegal activities: Promote cracked software, or other illegal contentOffensive: Sexually explicit or offensive languageSpam: Advertisements or commercial links Submit report Cancel report Track this discussion The Seattle Times Company. ^ Virulent MyDoom computer virus created in Russia - The St.