virus attack

  El jimbo 19:18 03 Jan 05
Locked

Have a virus.A message box regularly appears "symantec e-mail proxy" with other small boxes saying "scanning message". I think my pc is sending out masses of e-mails.Norton's, as usual, totally useless.

  JaßîsFaß ˜ 19:26 03 Jan 05

Are you on broadband?
If so try download AVG 7 and see what it can find,
click here

Can you give any other information?

  Fruit Bat /\0/\ 19:26 03 Jan 05

Anti Virus :-
Avast4 click here
Antivir click here
AVG antivirus click here

Antivirus on line checks:-
Panda click here
Trend Online Check click here

  JaßîsFaß ˜ 19:29 03 Jan 05

Presume your problems are like click here

  Cook2 19:29 03 Jan 05

click here & click here for a couple of free programmes which may help.

  El jimbo 20:12 03 Jan 05

JaßîsFaß yes, exactly that problem. I am on ntl broadband. Looks like no one has found a solution yet.

  JaßîsFaß ˜ 21:21 03 Jan 05
  Cook2 21:26 03 Jan 05

Win32:Mydoom
is a mass mailing and P2P worm. It also installs a backdoor trojan horse on an infected computer.
The worm spreads by creating copies in the Kazaa-shared folders and by sending infected e-mails. It forges sender field in an email. It uses one of these items in the Subject field: "Error", "Hello", "Hi", "Mail Delivery System", "Mail Transaction Failed", "Server Report", "Status" or "Test". The attachment is 22528 bytes long and has one of extensions "bat", "cmd", "exe", "pif", "scr". The attachment might be compressed to zip file 22788 bytes long. The worm searches for mail addresses in the files with extensions "adb", "asp", "dbx", "htm", "php", "pl", "sht", "tbb", "txt" and "wab". The worm omits posting to some domains, mainly antiviral and software companies, universities and internet authorities.

When executed, the worm opens up a Notepad program with garbage data in it. The worm instals the library shimgapi.dll to the %system% folder. The library is a trojan horse, making remote control of the computer possible, including installation of any program. It opens TCP ports between 3127 - 3198 for communication. The worm copies itself to the taskmon.exe file in the %system% folder.

The worm adds its own keys to the following registry items:
\HKLM\Software\Microsft\Windows\CurrentVersion\Run
\HKCU\Software\Microsft\Windows\CurrentVersion\Run
It adds the keys TaskMon with the value %System%\taskmon.exe - this item launches the worm when the Windows starts.
HKEY_CLASSES_ROOT\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\InProcServer32
It puts the value %SysDir%\shimgapi.dll to the Default item - this item launches the trojan horse in the Explorer.exe's memory space.
It also creates a subkey in
\HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\Version
\HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\Version

The worm will perform the DDoS (distributed denial of service) attack on 1st February 2004 to the site click here. It will stop all of its activity on 12th February 2004. The trojan horse remains active after this date however.

Removal:
To remove this virus please use our free avast! Virus Cleaner. click here

  JaßîsFaß ˜ 21:29 03 Jan 05
  JaßîsFaß ˜ 21:32 03 Jan 05
  El jimbo 22:14 03 Jan 05

I have tried mydoom removal tool(JaßîsFaß ) and avast, both found nothing.help.

This thread is now locked and can not be replied to.

How to get Windows 10 for free | How to install Windows 10: There is still a way to avoid paying…

1995-2015: How technology has changed the world in 20 years

Alex Chinneck’s giant ice cube Christmas tree at Kings Cross

Apple rumours & predictions 2017: The iPhone 8, new iPads, and everything else you should expect fr7…