Loading ...
Sorry, an error occurred while loading the content.

Mail Problems

Expand Messages
  • Lis
    Dear everyone, I recently (sometime in the last 2 days) became infected with the new mymail variant called mydoom. It is possible my machine has emailed
    Message 1 of 4 , Jan 27, 2004
    • 0 Attachment
      Dear everyone,

      I recently (sometime in the last 2 days) became infected with the new mymail
      variant called mydoom. It is possible my machine has emailed yours---several
      people I don't even know have sent me emails asking why I've been sending
      them blank or gibberish emails, and I've gotten several bounces from
      messages I never sent. My machine has been cleaned, but it is definately
      worth your while to scan your own machine with the latest version of your
      virus detection software.

      Mydoom is a program that has a limited executable window (Feb 1-12, 2004),
      BUT it allows remote users to access your computer after that window is
      closed. Mydoom spoofs sender email addresses and randomly generates titles
      and body messages to spread itself. So please check your machines even if
      you did not recieve an email from me. It appears that it may have used
      chancellorminor@... to send some of that mail. Who knows what
      other addresses it has spoofed.

      For information on mydoom, see:
      http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.R

      We now return you to your regularly scheduled email

      Lis/Aoife, she of the Links lists


      Through her great glasses bent on me
      She'd glance into reality;
      And shake her round old silvery head,
      With-'You!-I thought you was in bed!'-
      Only to tilt her book again,
      And rooted in Romance remain. ---Walter De la Mare, Old Susan
    • Aleksandr called the Traveller
      ... aka W32.Novarg.a@mm , W32/Mydoom@MM and WORM_MIMAIL Actually that.s Feb 1 *and* Feb. 12, triggers for a massive denial of
      Message 2 of 4 , Jan 27, 2004
      • 0 Attachment
        At 03:48 PM 1/27/2004, Lis wrote:
        >Dear everyone,
        >
        >I recently (sometime in the last 2 days) became infected with the new mymail
        >variant called mydoom. It is possible my machine has emailed yours---several
        >people I don't even know have sent me emails asking why I've been sending
        >them blank or gibberish emails, and I've gotten several bounces from
        >messages I never sent. My machine has been cleaned, but it is definately
        >worth your while to scan your own machine with the latest version of your
        >virus detection software.
        >
        >Mydoom is a program that has a limited executable window (Feb 1-12, 2004),

        aka W32.Novarg.a@mm <Symantec>, W32/Mydoom@MM <McAfee> and WORM_MIMAIL <Trend>

        Actually that.s Feb 1 *and* Feb. 12, triggers for a massive denial of
        service attack on the SCO Group, probably linked to SCO's
        legal/Congressional attacks on LINUX and open-source software, in
        general.<see www.symantec.com for advice on spotting and removing the worm
        and the 1/26 E-Week for info on SCO's latest war on open-source if interested>
        Search for the file shimgapi.dll on your machine. If you find it, you are
        probably infected.

        >BUT it allows remote users to access your computer after that window is
        >closed. Mydoom spoofs sender email addresses and randomly generates titles
        >and body messages to spread itself. So please check your machines even if
        >you did not recieve an email from me. It appears that it may have used
        >chancellorminor@... to send some of that mail. Who knows what
        >other addresses it has spoofed.

        It has been hijacking mailing lists - and mounted an assault this morning
        (hitting Mom) from B'nai B'rith, as well as spoofing sources.
        Only Windows systems <all of 'em> can fall victim to attack, but this
        includes server software!
        The virus was discovered yesterday (1/26) and is already running wild (more
        than 1K infections reported to Symantec in 24 hrs.) with moderate
        geographical distribution, so far....
        david/Aleksandr

        >For information on mydoom, see:
        >http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MIMAIL.R
        >
        >We now return you to your regularly scheduled email
        >
        >Lis/Aoife, she of the Links lists
        >
        >
        >Through her great glasses bent on me
        >She'd glance into reality;
        >And shake her round old silvery head,
        >With-'You!-I thought you was in bed!'-
        >Only to tilt her book again,
        >And rooted in Romance remain. ---Walter De la Mare, Old Susan
        >
        >
        >
        >
        >
        >Yahoo! Groups Links
        >
        >To visit your group on the web, go to:
        > http://groups.yahoo.com/group/EKSouth/
        >
        >To unsubscribe from this group, send an email to:
        > EKSouth-unsubscribe@yahoogroups.com
        >
        >Your use of Yahoo! Groups is subject to:
        > http://docs.yahoo.com/info/terms/
      • Jeffrey Blaisdell
        Two things: The Mydoom page at trendmicro.com cited by Lis DOES say Feb 1 or after, stops by Feb 12, so that is FROM Feb 1 THRU 12, not 1 and 12 only. Second,
        Message 3 of 4 , Jan 27, 2004
        • 0 Attachment
          Two things:

          The Mydoom page at trendmicro.com cited by Lis DOES say Feb 1 or after,
          stops by Feb 12, so that is FROM Feb 1 THRU 12, not 1 and 12 only.

          Second, I got chastised last week for posting a virus warning on THIS list
          and others, and rightly so since it is for SCA-related topics only. I
          understand the intent, I just want fair dealing all around.

          Feel free to respond privately so we can keep this off list.

          Geoffrey of Bleasdale
        • Aleksandr called the Traveller
          My Absolute last word on the Real Virus Threat. www.symantec.com offers a FREE removal tool to anyone who thinks a machine infected. d/A
          Message 4 of 4 , Jan 30, 2004
          • 0 Attachment
            My Absolute last word on the Real Virus Threat. www.symantec.com offers a
            FREE removal tool to anyone who thinks a machine infected.
            d/A
          Your message has been successfully submitted and would be delivered to recipients shortly.