I recieved an e-mail from
My virus checker say it is a virus and it attaches to your outgoing e-mails as " ".
TS
Orgasminator
Join the most popular community of UK swingers now
Login
The Bill
It seems like you have recieved an infected .pif file. It's probably infected by a worm called " E@mm".
It is like hte other w32 viruses, but it also has the ability to overwrite .scr and .pif files and to infect HTML files.
According to symantec:
hope that helps. Also check out the symantec site for more details and do not open any of those files. If you do, then you will have to go through certain setting to get it removed, which also can be found in symantecsite in step by step guid.
It is like hte other w32 viruses, but it also has the ability to overwrite .scr and .pif files and to infect HTML files.
According to symantec:
This worm is very similar to D@mm except that it also has the ability to overwrite .scr and .pif files and to infect HTML files. Norton AntiVirus detects the infected HTML files as E.
If E@mm is executed, it does the following:
It infects the file and HTML (.htm and .html) files.
It overwrites .scr and .pif files that it finds in the Windows or WindowsSystem folders with a copy of itself.
It creates the files:
C:
C:
Next, the worm creates the folder WindowsSys486 and places a copy of itself in that folder as
NOTE: This worm also creates many other files, but Norton AntiVirus detects all of them.
Then the worm adds the value:
*swap486 C:
to the registry key:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServices
The worm then uses Microsoft Outlook to send itself. The email is formatted in the following manner:
Subject: RE: i urgently need files for my computer
Message: really? here are some useful files... enjoy...
Attachments: , , , ,
hope that helps. Also check out the symantec site for more details and do not open any of those files. If you do, then you will have to go through certain setting to get it removed, which also can be found in symantecsite in step by step guid.
Sex God
While we're on the subject of viruses, my work netowrk has become infected by the MyDoom virus. They're dealing with it, apparently 
, but I've never heard of it, just wondering what strange wonders I'm likely to expect in the next few days!
, but I've never heard of it, just wondering what strange wonders I'm likely to expect in the next few days! 
Sex God
Sounds like a right peach bluexxx. Both corporate and home users have suffered from this, High-Outbreak
What to expect from the W32/Mydoom@MM virus.
Remote Access Component
The worm (this functionality is in the dropped DLL) opens a connection on TCP port 3127 (if that fails it opens next available port up to port 3198). The worm can accept a specially crafted TCP transmissions. On receipt of one kind of such a transmission it will save the embedded binary into a temporary file and execute it. Then the temporary file is deleted.
Denial of Service Payload
On the first system startup on February 1st or later, the worm changes its behavior from mass mailing to initiating a denial of service attack against the domain. This denial of service attack will stop on the first system startup of February 12th or later, and thereafter the worm's only behavior is to continue listening on TCP port 3127.
It looks like somebody else will be controlling your computer if they don't sort it out. Mmmm, could be fun. What company you worked for again bluexx? Only joking, that would be illegal and I can't possibly do anything bad or against the law.
What to expect from the W32/Mydoom@MM virus.
Remote Access Component
The worm (this functionality is in the dropped DLL) opens a connection on TCP port 3127 (if that fails it opens next available port up to port 3198). The worm can accept a specially crafted TCP transmissions. On receipt of one kind of such a transmission it will save the embedded binary into a temporary file and execute it. Then the temporary file is deleted.
Denial of Service Payload
On the first system startup on February 1st or later, the worm changes its behavior from mass mailing to initiating a denial of service attack against the domain. This denial of service attack will stop on the first system startup of February 12th or later, and thereafter the worm's only behavior is to continue listening on TCP port 3127.
It looks like somebody else will be controlling your computer if they don't sort it out. Mmmm, could be fun. What company you worked for again bluexx? Only joking, that would be illegal and I can't possibly do anything bad or against the law.
Orgasminator
So how do we get rid of this W32 virus?
TS
TS
