Help!

I got the following e-mail,

serv@yahoo.com Mail server report.

Mail server report.

Our firewall determined the e-mails containing worm copies are being
sent from your computer.

Nowadays it happens from many computers, because this is a new virus
type (Network Worms).

Using the new bug in the Windows, these viruses infect the computer
unnoticeably.
After the penetrating into the computer the virus harvests all the
e-mail addresses and sends the copies of itself to these e-mail
addresses

Please install updates for worm elimination and your computer
restoring.

Best regards,
Customers support service

Attachments Attachment scanning provided by:

Files:

Update_KB8875_x86.exe (151k)

Of course, this wasn’t in my yahoo bulk mail folder, so like a complete moron I downloaded it. Now my avast e-mail provider is going crazy, it pops up a new screen every few seconds.

The box from Avast reads:

Suspicious message.
There are too many identical e-mails in appointed time

Sender: "xxx
Recipient: xxx
Subject: let’s goThere are too many identical e-mails in appointed time

At the bottom it gives two options: Continue or don’t send.

How do I get rid of this thing. Thanks in advance

Well avast is able to see the multiple emails being sent but not the trojan spambot that is generating them. Your firewall should also have stopped unauthorised internet access, what is your firewall ?

If you haven’t already got this software (freeware), download, install, update and run it, preferably in safe mode, Ewido anti-spyware If using winXP. or a-Squared free if using win98/ME.

Ok, thanks. I’m going to download this and give it a try. I will check back later, hopefully with good news.

Ok,

The Ewido found Wom.Warezov.y. Labeled as a high risk. I see that the thread right below this one has some info on this, so I’m going to follow all of those steps as well.

Thank you very much, you saved my bacon!

No problem, welcome to the forums.

DavidR,

I have the identical problem. I noticed you mention that the firewall should have stopped unauthorized access. I use Windows Firewall, as well as a router, should I be using something else?

Thanks.

Info on Warezov:

http://www.f-secure.com/weblog/archives/archive-092006.html#00000966

Windows XP’s firewall is better than no firewall but, it lulls you into a false sense of protection, it doesn’t provide outbound protection.

Whilst the windows XP firewall is usually good at keeping your ports stealthed (hidden) it provides no outbound protection and you should consider a third party firewall.

Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.

Zone Alarm free http://www.zonelabs.com works fine with avast and has a reasonably friendly user interface. There are others, Comodo, Sunbelt Kerio, Jetico, etc.
See some firewall tests for comparison, some are freeware but many are paid for versions http://www.firewallleaktester.com/tests.php. Also see http://www.thefreecountry.com/security/firewalls.shtml

Thanks a lot for this advice, your comments regarding this email worm have also been very helpful.

Glad I could help, welcome to the forums.