Here is the info on this virus, if you clicked on the executable you are
infected and must use a virus checker to remove it.
It uses various names. My virus checker didn't detect it.
Aliases: W32/Magistr@MM, I-Worm.Magistr, PE_MAGISTR.A, W32.Magistr.24876,
W32/Disemboweler, W32.Magistr/MM, Begemont
Type: W32 executable file virus
Detection: Detected by Sophos Anti-Virus May 2001 (3.45) or later. A virus
identity (IDE) file is available for earlier versions from the Latest virus
Sophos has received many reports of this virus from the wild.
Comments: Please read the instructions for disinfecting W32/Magistr-A.
W32/Magistr-A is a polymorphic Windows 32 executable file virus which
spreads by infecting files and via email. Magistr includes highly
destructive code which - if triggered - can delete all files from local and
network drives, wipe the CMOS settings, and flash the BIOS chip of your
The virus searches the user's address book, mailboxes and other files
present on the computer for email addresses. The virus specifically targets
addresses from Outlook Express, Netscape Navigator and Internet Mail and
News. It then sends itself to these email addresses using its own SMTP
The email message it sends has a randomly generated subject, body text and
Filenames that the virus can use include:
Please note that these files are often found on uninfected systems, so their
mere presence on your computer is not necessarily an indication of infection
by this virus.
In an attempt to remain active when Windows is restarted the virus adds the
name of an infected file to the "run=" lines of the WIN.INI file and to the
The virus contains the following text:
ARF! ARF! I GOT YOU! v1rus: Judges Disemboweler. by The Judges Disemboweler
written in Malmo (Sweden)
The virus also includes a series of words and phrases, including the
sentences him to
sentence you to
ordered to prison
find him guilty
judgment of conviction
sufficiency of proof
sufficiency of the evidence
against the accused
It also contains similar phrases in French and Spanish.
----- Original Message -----
From: "Steven Shepard" <sbtdesigns@...>
Sent: Monday, July 30, 2001 9:01 AM
Subject: Re: [hreg] a red dot, within 5
> There is a virus attached to this message I received from hreg.
> Members beware!
> SBT Designs
> 25840 IH-10 West #1
> Boerne, Texas 78006
> FAX: 210-698-7147
> Please note we are moving our email address to sbtdesigns@....
> Please update our information in your records.
> ----- Original Message -----
> From: "mike" <mlandrus@...>
> Sent: Sunday, July 29, 2001 9:47 AM
> Subject: [hreg] a red dot, within 5
> > The test shows a positive result for HIV infection. These unapproved
> kits use a simple finger prick process for home blood collection or a
> special sponge device for saliva collection. The blood or saliva sample is
> then added to a plastic testing device containing a special type of paper.
> developing solution is added to determine if the sample is positive for
> > Your use of Yahoo! Groups is subject to
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/