Home > General > Worm.sco.a


All rights reserved. IDG Communications Nmap Security Scanner Intro Ref Guide Install Guide Download Changelog Book Docs Security Lists Nmap Announce Nmap Dev Bugtraq Full Disclosure Pen Test Basics More they build a better mouse, we make a better trap. All the bounced emails have been stamped with the xtra email virus scanner but I cant see who they were sent to or whether they really came from me??? That would be a nice start, be we also need to think down the road. More about the author

The McGraw-Hill Companies Inc. ^ "More Doom?". SHOW ME NOW CNET © CBS Interactive Inc.  /  All Rights Reserved. Use the up and down arrows to select "Safe Mode", press enter, and the computer will load into a safe mode. Discussion is locked Flag Permalink You are posting a reply to: worm.Sco.a The posting of advertisements, profanity, or personal attacks is prohibited.

Schmugar chose the name after noticing the text "mydom" within a line of the program's code. The spam dates back to the previous owner of the address who surfed not wisely but too well, straying into all sorts of nasty sites (hence the embargo on said-son using The first messages sent by Mydoom.B are identified at around 1400 UTC and also appear to originate from Russia. And does infact be seem to be targeting SCO with a denial of service attack launched from infected PCs.

Mydoom.B also blocks access to the websites of over 60 computer security companies, as well as pop-up advertisements provided by DoubleClick and other online marketing companies. Discussions cover how to detect, fix, and remove viruses, spyware, adware, malware, and other vulnerabilities on Windows, Mac OS X, and Linux.Real-Time ActivityMy Tracked DiscussionsFAQsPoliciesModerators General discussion worm.Sco.a by errolla7 / Sophos lists it as: W32/MyDoom-A Aliases Mimail.R, Novarg.A, Shimg, W32.Novarg.A_at_mm, W32/Mydoom_at_MM In summary it does the common "harvest e-mail addresses and remail myself" trick that we have seen so many times Information about the Mydoom worm from Symantec.com Retrieved from "https://en.wikipedia.org/w/index.php?title=Mydoom&oldid=769555316" Categories: Email wormsWindows virusesHacking in the 2000sHidden categories: CS1 maint: Unfit urlArticles containing potentially dated statements from 2004All articles containing potentially

BBC. 2004-02-04. ^ http://abcnews.go.com/Technology/ZDM/story?id=97385 ^ "Microsoft Information: MyDoom (Wayback Archive from 4 Feb 2004)". Kaspersky Lab. Rodriguez (Jan 28) RE: Worm.SCO.A Reggie Jackson (Jan 28) RE: Worm.SCO.A Michael Bellears (Jan 28) RE: Worm.SCO.A Hamish Stanaway (Jan 28) RE: Worm.SCO.A Shawn Jackson (Jan 28) RE: Worm.SCO.A From a 5.8-inch OLED display, reports of wireless charging and even a 3D scanner for facial recognition, it's all here.

CS1 maint: Unfit url (link) ^ "W32.HLLW.Doomjuice". It also installs a backdoor for remote control, readies itself to DDoS SCO's website, and according to some (unsubstantiated, that I can tell) reports, it installs a keystroke logger. It is unclear whether Mydoom was responsible for this. I ante another $0.02.

Petersburg Times ^ Brian Grow, Jason Bush (2005-05-30). "Hacker Hunters: An elite force takes on the dark side of computing". Preview post Submit post Cancel post You are reporting the following post: worm.Sco.a This post has been flagged and will be reviewed by our staff. Sophos lists it as: W32/MyDoom-A Aliases Mimail.R, Novarg.A, Shimg, W32.Novarg.A@mm, W32/Mydoom@MM More info is available on the usual sites. The Seattle Times.

Please check your system for viruses, or ask your system administrator to do so. http://midsolutions.org/general/worm-lovgate-j.html Cheers Billy 8-{) 27-01-2004,06:06 PM #7 metla Guest Re: What is "Worm.sco.a up to?? Mydoom was named by Craig Schmugar, an employee of computer security firm McAfee and one of the earliest discoverers of the worm. Trade press conjecture, spurred on by SCO Group's own claims, held that this meant the worm was created by a Linux or open source supporter in retaliation for SCO Group's controversial

I've just got hammered with a few hundred of these in the last hour and a half and I can't quite discern what exactly the virii is. BusinessWeek. Click Start, point to ?Settings?, and then click ?Control Panel?.2. click site Track this discussion and email me when there are updates If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and

We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Flag Permalink This was helpful (0) Back to Spyware, Viruses, & Security forum 3 total posts Popular Forums icon Computer Help 51,912 discussions icon Computer Newbies 10,498 discussions icon Laptops 20,411 Personally my mail spool always has those *useful* NDR's trying to tell the spammers that their mass mail didn't get through.

Now double click on the "Stinger" file and run it repeatedly.

  • The mail contains an attachment that, if executed, resends the worm to e-mail addresses found in local files such as a user's address book.
  • Action: failed Status: 5.7.1 Diagnostic-Code: smtp; 550 5.7.1 Message content rejected, id=15514-01 - VIRUS: Worm.SCO.A Last-Attempt-Date: Thu, 29 Jan 2004 08:57:36 +0100 (CET) ------------=_1075363056-15514-1 Content-Type: text/rfc822-headers Content-Disposition: inline Content-Transfer-Encoding: 7bit Content-Description:
  • They already have a bigger and better mouse and we still don't have a trap for him.
  • By summertime in forum PressF1 Replies: 8 Last Post: 03-07-2004, 02:01 AM Worm By leshibbard in forum PressF1 Replies: 4 Last Post: 06-04-2004, 02:05 PM the worm By starfish in forum
  • Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.
  • Mention this ad and get $720 off any course!
  • Computer Associates International.
  • It's MyDoom.A.
  • This would need to be administrator configurable.

It became the fastest-spreading e-mail worm ever (as of January 2004[update]), exceeding previous records set by the Sobig worm and ILOVEYOU, a record which as of 2017 has yet to be Cheers Billy 8-{) :| 27-01-2004,05:06 PM #2 Jim B Guest Re: What is "Worm.sco.a up to?? http://seclists.org/lists/security-basics/2004/Jan/0404.htmlhttp://www.sophos.com/virusinfo/analyses/w32mydooma.htmlRun an on-line scan like Housecall:http://housecall.trendmicro.com/ Flag Permalink This was helpful (0) Collapse - erolla, If You're Using Windows ME or XP... Early on, several security firms expressed their belief that the worm originated from a programmer in Russia.[3] The actual author of the worm is unknown.

by Grif Thomas Forum moderator / February 11, 2004 5:04 AM PST In reply to: worm.Sco.a ...this should help you get rid of the problem virus. (It would sure help us F-Secure Corporation. "Win32.Mydoom.A". There doesn't seam to be a map from ClamAV virus naming format to any other. navigate to this website However, the backdoor remains open after this date. 1 March: Mydoom.B is programmed to stop spreading; as with Mydoom.A, the backdoor remains open. 26 July: A variant of Mydoom attacks Google,

Once reported, our moderators will be notified and the post will be reviewed. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ---------------------------------------------------------------------------- By Date By Thread Current thread: RE: Worm.SCO.A (W32/Mydoom@MM) Shawn Jackson (Jan 27) RE: Worm.SCO.A (W32/Mydoom@MM) Shawn I killed the download but not before I saw a message from cytanet.com.cy saying that they had rejected a virus apparently sent from his email address. By hamstar in forum PressF1 Replies: 10 Last Post: 04-07-2003, 12:14 AM Bookmarks Bookmarks Facebook Twitter Digg del.icio.us StumbleUpon Google Posting Permissions You may not post new threads You may not

In the US, the FBI and the Secret Service begin investigations into the worm. 28 January: A second version of the worm is discovered two days after the initial attack. Can I assume that the use of my son's email address is a spoof, or should I keep looking for an infection in this particular box which is the only one Register Help Remember Me?