| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 43676 | 2004-03-23 11:14:00 | Virus!! help.. | heni72847 (1166) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 224599 | 2004-03-23 11:14:00 | my friend recieved a email with a attachment is "part4" .. and she is not sure about the extension but .. she says it's .gas and the icon is one for exe and files in the computer got replace with funny files names like.. zxcvbnm.zip ..they are all zip files around 35kbs word files and some jpg files also other files got replaced sadly she didn't hav a av on so.. files dissapeared and she's woried also there's constant beep from the motherbord speaker.. anyone can identify this virus |
heni72847 (1166) | ||
| 224600 | 2004-03-23 11:43:00 | it might be W32.mydoomF. can he/she run an online scanner such as housecall? |
tweak'e (174) | ||
| 224601 | 2004-03-23 11:53:00 | yes.. scanning online now.. trying out trend symatic and mcfee's online scan... waiting for results... |
heni72847 (1166) | ||
| 224602 | 2004-03-23 13:52:00 | Sounds to me like NetSky-D Register Article: Netsky-D makes your PC go beep, beep, beep www.theregister.co.uk Quote: Tomorrow morning (March 2) between 06:00am and 08:59am the worm will try to activate PC speakers into making a constant beeping noise. It's unclear if this is simply more mischief or an attempt to push infected users into cleaning up their PCs. Removal Tool: securityresponse.symantec.com |
whiskeytangofoxtrot (438) | ||
| 224603 | 2004-03-24 05:09:00 | after scanning it seems to be W32.mydoomF. now.. is there a way to recover the data lost?? |
heni72847 (1166) | ||
| 224604 | 2004-03-24 07:30:00 | > is there a way to recover the data lost?? From backups? If the files got deleted she could try looking in the Recycle Bin but I wouldn't hold my breath that they would be there . Other than that, unfortunately it doesn't look like they are recoverable . :-( |
Susan B (19) | ||
| 224605 | 2004-03-24 10:24:00 | would normal data recovery program work? or does the worm destroy files so they can't be recovered? |
heni72847 (1166) | ||
| 224606 | 2004-03-24 10:27:00 | mayby. sorry i have no idea on how it deletes the files. if they are not over written you mightget some back. | tweak'e (174) | ||
| 224607 | 2004-03-24 13:07:00 | I hardly think it's using a secure data deletion process. Any normal recovery program should be able to pick them up. Peculiar though... I never heard of MyDoom making the PC Speaker go nuts... weird. |
whiskeytangofoxtrot (438) | ||
| 224608 | 2004-03-24 22:29:00 | > would normal data recovery program work? > or does the worm destroy files so they can't be recovered? From Symantec: If the drive is a hard drive, remote drive, or RAM drive, the worm randomly deletes the files it finds with the following probability: . mdb - 98% . doc - 40% . xls - 60% . sav - 95% . jpg - 8% . avi - 10% . bmp - 15% So it is possible that data recovery could recover the files but not guaranteed . > Peculiar though . . . I never heard of MyDoom making the PC Speaker go nuts . . . weird . Symantec's latest newsletter says that the Netsky . D virus causes the PC speaker to beep on certain days at certain times but I wouldn't have taken that to mean that the speaker "goes nuts" . Apparently it is supposed to make the user think that the computer is on the way out . |
Susan B (19) | ||
| 1 2 | |||||