|
|
 |
| Internet Security - Virus - W32.Novarg.A@mm |
W32.Novarg.A@mm
The W32.Novarg.A@mm
is a mass-mailing worm that creates a backdoor for attackers
to access your computer and uses your computer to attack
a website in February 2004.
| Aliases: |
W32/Mydoom@MM and WORM_MIMAIL.R |
|
|
| What it does: |
Opens Ports 3127 - 3198 on your computer
allowing an attacker to access the computer's network
resources, download and execute certain files. Creates
several files on your computer, modifies registry
entries and copies itself to the Kazaa download
folder.
Sends itself to email addresses found on your computer
using a spoofed From: field and a variety of subjects,
contents and attachments.
From 1st to 12th February 2004, the worm will launch
a Denial
of Service (DoS) attack against www.sco.com.
|
|
|
| Systems Affected: |
Windows 95, Windows 98, Windows ME,
Windows NT, Windows 2000, Windows Server 2003 and
Windows XP |
|
|
| Symptoms: |
Notepad opens showing gibberish, existence
of certain files created by the worm and registry
changes. |
|
|
|
For more technical details such as the subjects,
contents and attachments used in the email, files
created and registry changes, please refer to
W32.Novarg.A@mm.
|
|
|
| Removal Tools: |
W32.Novarg.A
Worm Removal Tool (Symantec) or zip
version. |
| Important:
Please read the instructions
before using the removal tool |
| |
|
|
|
|
|
|
|
|
|
|
|
