Untitled thread
Bagle Worm and Netsky Virus For a few months now, I have been receiving e-mail like the following: mail from you (. . . . . . . . . . . . . . . . . . . . . . . . . . . ) was stopped and Quarantined because it contains one or more viruses.
Bagle Worm and Netsky Virus
For a few months now, I have been receiving e-mail like the following:
mail from you ( ...........................)
was stopped and Quarantined because it contains one or more viruses.
Summary of email contents:
Queue ID: C564946240
Attachment: Toy.hta
forbidden attachment
Found virus I-Worm.Bagle.zb]bold text
Plus the Netsky virus has also been mentioned.
My Norton Virus deletes everything, but when I send an e-mail to my niece's company, their firewall quarantines it. I have stopped sending mail to this address, but I am still receiving
the above e-mails with different viruses mentioned, so it's obvious my address is being used by a robot.
Yesterday I came across information that I could download an inf file, but I am unsure about deleting any other files.
Would it be safe for me to download this inf file and use it?
I'd appreciate any help for those who know what they're doing, thank you!
Elle
P.S. I'm a Senior!
elle
bold text
For a few months now, I have been receiving e-mail like the following:
mail from you ( ...........................)
was stopped and Quarantined because it contains one or more viruses.
Summary of email contents:
Queue ID: C564946240
Attachment: Toy.hta
forbidden attachment
Found virus I-Worm.Bagle.zb]bold text
Plus the Netsky virus has also been mentioned.
My Norton Virus deletes everything, but when I send an e-mail to my niece's company, their firewall quarantines it. I have stopped sending mail to this address, but I am still receiving
the above e-mails with different viruses mentioned, so it's obvious my address is being used by a robot.
Yesterday I came across information that I could download an inf file, but I am unsure about deleting any other files.
Would it be safe for me to download this inf file and use it?
I'd appreciate any help for those who know what they're doing, thank you!
Elle
P.S. I'm a Senior!
elle
bold text
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
There are so many variants of this worm. So, to set your mind at ease, here is one way of going in yourself to locate any of its components:
Kill these processes:
bagle_modified.exe
doc.exe
eyaii.exe
game.exe
hcmhphpg.exe
i-worm.bagle.gen_(91).exe
i-worm.bagle.n.exe
i-worm.bagle.p.exe
i-worm.bagle.s.exe
ketpjxsb.exe
mwcsw32.exe
mwremind.exe
onde.exe
programfilesdir+\norton antivirus\quarantine\5f0b3145.exe
programfilesdir+\norton antivirus\quarantine\5f4f22f9.exe
purev.exe
rdou.exe
systemroot+\bbeagle.exe
tiridfhe_unpacked.exe
you_are_dismissed.exe
Remove these files:
0082d41c.com
a64fdfc1.cpl
anna.scr
bagle.t_exploit.txt
bagle_imports.txt
bagle_modified.exe
baglet_dumped.exe_
baglet_dumped.idb
baglet_dumped_ascstrings.txt
baglet_dumped_info.txt
d2b4b531.cpl
details.vbs
doc.exe
dump_bagle.t_imports.idc
eyaii.exe
game.exe
hcmhphpg.exe
info.scr
ips.txt
i-worm.bagle.gen_(91).exe
i-worm.bagle.n.exe
i-worm.bagle.p.exe
i-worm.bagle.s.exe
i-worm.bagle.z.com
ketpjxsb.exe
moreinfo.if
mwcsw32.exe
mwremind.exe
onde.exe
p2p.txt
programfilesdir+\norton antivirus\quarantine\5f0b3145.exe
programfilesdir+\norton antivirus\quarantine\5f4f22f9.exe
purev.exe
rdou.exe
systemroot+\bbeagle.exe
tiridfhe_unpacked.exe
unpacked_.bin
worm.yoursid
you_are_dismissed.exe
you_are_dismissed1.vbs
Then, remove these directories:
programfilesdir+\2wire\gateway\cl_mgr
programfilesdir+\lexmarkx63\sprint
Kill these processes:
bagle_modified.exe
doc.exe
eyaii.exe
game.exe
hcmhphpg.exe
i-worm.bagle.gen_(91).exe
i-worm.bagle.n.exe
i-worm.bagle.p.exe
i-worm.bagle.s.exe
ketpjxsb.exe
mwcsw32.exe
mwremind.exe
onde.exe
programfilesdir+\norton antivirus\quarantine\5f0b3145.exe
programfilesdir+\norton antivirus\quarantine\5f4f22f9.exe
purev.exe
rdou.exe
systemroot+\bbeagle.exe
tiridfhe_unpacked.exe
you_are_dismissed.exe
Remove these files:
0082d41c.com
a64fdfc1.cpl
anna.scr
bagle.t_exploit.txt
bagle_imports.txt
bagle_modified.exe
baglet_dumped.exe_
baglet_dumped.idb
baglet_dumped_ascstrings.txt
baglet_dumped_info.txt
d2b4b531.cpl
details.vbs
doc.exe
dump_bagle.t_imports.idc
eyaii.exe
game.exe
hcmhphpg.exe
info.scr
ips.txt
i-worm.bagle.gen_(91).exe
i-worm.bagle.n.exe
i-worm.bagle.p.exe
i-worm.bagle.s.exe
i-worm.bagle.z.com
ketpjxsb.exe
moreinfo.if
mwcsw32.exe
mwremind.exe
onde.exe
p2p.txt
programfilesdir+\norton antivirus\quarantine\5f0b3145.exe
programfilesdir+\norton antivirus\quarantine\5f4f22f9.exe
purev.exe
rdou.exe
systemroot+\bbeagle.exe
tiridfhe_unpacked.exe
unpacked_.bin
worm.yoursid
you_are_dismissed.exe
you_are_dismissed1.vbs
Then, remove these directories:
programfilesdir+\2wire\gateway\cl_mgr
programfilesdir+\lexmarkx63\sprint
