virus attack

  El jimbo 19:18 03 Jan 2005

Have a virus.A message box regularly appears "symantec e-mail proxy" with other small boxes saying "scanning message". I think my pc is sending out masses of e-mails.Norton's, as usual, totally useless.

  JaßîsFaß ˜ 19:26 03 Jan 2005

Are you on broadband?
If so try download AVG 7 and see what it can find,
click here

Can you give any other information?

  Fruit Bat /\0/\ 19:26 03 Jan 2005

Anti Virus :-
Avast4 click here
Antivir click here
AVG antivirus click here

Antivirus on line checks:-
Panda click here
Trend Online Check click here

  JaßîsFaß ˜ 19:29 03 Jan 2005

Presume your problems are like click here

  Cook2 19:29 03 Jan 2005

click here & click here for a couple of free programmes which may help.

  El jimbo 20:12 03 Jan 2005

JaßîsFaß yes, exactly that problem. I am on ntl broadband. Looks like no one has found a solution yet.

  JaßîsFaß ˜ 21:21 03 Jan 2005

It seems it may be the mass mailing worm my doom and there are removal tools [email protected]" title="[email protected]" TARGET="_new">click here

  Cook2 21:26 03 Jan 2005

is a mass mailing and P2P worm. It also installs a backdoor trojan horse on an infected computer.
The worm spreads by creating copies in the Kazaa-shared folders and by sending infected e-mails. It forges sender field in an email. It uses one of these items in the Subject field: "Error", "Hello", "Hi", "Mail Delivery System", "Mail Transaction Failed", "Server Report", "Status" or "Test". The attachment is 22528 bytes long and has one of extensions "bat", "cmd", "exe", "pif", "scr". The attachment might be compressed to zip file 22788 bytes long. The worm searches for mail addresses in the files with extensions "adb", "asp", "dbx", "htm", "php", "pl", "sht", "tbb", "txt" and "wab". The worm omits posting to some domains, mainly antiviral and software companies, universities and internet authorities.

When executed, the worm opens up a Notepad program with garbage data in it. The worm instals the library shimgapi.dll to the %system% folder. The library is a trojan horse, making remote control of the computer possible, including installation of any program. It opens TCP ports between 3127 - 3198 for communication. The worm copies itself to the taskmon.exe file in the %system% folder.

The worm adds its own keys to the following registry items:
It adds the keys TaskMon with the value %System%\taskmon.exe - this item launches the worm when the Windows starts.
It puts the value %SysDir%\shimgapi.dll to the Default item - this item launches the trojan horse in the Explorer.exe's memory space.
It also creates a subkey in

The worm will perform the DDoS (distributed denial of service) attack on 1st February 2004 to the site click here. It will stop all of its activity on 12th February 2004. The trojan horse remains active after this date however.

To remove this virus please use our free avast! Virus Cleaner. click here

  JaßîsFaß ˜ 21:29 03 Jan 2005

Try my link again
[email protected]" title="[email protected]" TARGET="_new">click here

  JaßîsFaß ˜ 21:32 03 Jan 2005
  El jimbo 22:14 03 Jan 2005

I have tried mydoom removal tool(JaßîsFaß ) and avast, both found

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Samsung Galaxy A8 review: Hands-on

Illustrator Juan Esteban Rodriguez on creating highly detailed official film posters for Star Wars…

iMac Pro review

Quelle est la meilleure application de podcast pour Android (2018) ?