The "General Games Chat" forum, which includes Retro Game Reviews, has been archived and is now read-only. You cannot post here or create a new thread or review on this forum.
By opening an infected email attachment, you allow the W32.SIRCAM.WORM@MM worm virus to reproduce itself on to your computer. It will then search for .doc, .xls, .zip and .exe. files. Once these files have been found it will the attach them to the original virus you opened and then email everybody in your address book.
If the virus is allowed to remain on your computer it will deliver a payload that will completely wipe out your hard drive on the 16th of October. There is also a chance of the virus filling all remaining space on the hard disk by adding text to the file c:recycledsircam.sys at each start-up. And, if that wasn't enough, it will upload a random file and add it to the worm, this means that personal infomration could be added and passed on to other poeple via the worm.
If you think that you have been infected with this virus then it is possible to get a W32.Sircam.Worm@mm removal tool at http://www.symantec.com/ avcenter/venc/data/ [email protected]. tool.html (No spaces) The best way to avoid this virus is not to open any e-mails from people you don't know that have an attachment.
The W32.SIRCAM.WORM@MM worm virus is also know as W32/SirCam@mm, Backdoor.SirCam. More infomration can be found about the virus at http://www.symantec.com/ avcenter/venc/data /[email protected] (again no spaces)
I hope you read this information before it infects you and if you know anybody who might be infected then pass the information on. Thanks.
Darkreaper
If the virus is allowed to remain on your computer it will deliver a payload that will completely wipe out your hard drive on the 16th of October. There is also a chance of the virus filling all remaining space on the hard disk by adding text to the file c:recycledsircam.sys at each start-up. And, if that wasn't enough, it will upload a random file and add it to the worm, this means that personal infomration could be added and passed on to other poeple via the worm.
If you think that you have been infected with this virus then it is possible to get a W32.Sircam.Worm@mm removal tool at http://www.symantec.com/ avcenter/venc/data/ [email protected]. tool.html (No spaces) The best way to avoid this virus is not to open any e-mails from people you don't know that have an attachment.
The W32.SIRCAM.WORM@MM worm virus is also know as W32/SirCam@mm, Backdoor.SirCam. More infomration can be found about the virus at http://www.symantec.com/ avcenter/venc/data /[email protected] (again no spaces)
I hope you read this information before it infects you and if you know anybody who might be infected then pass the information on. Thanks.
Darkreaper
Description:
W32/Sircam-A is a network-aware worm. The worm spreads via email and by using open network shares. The worm arrives in an email with a random subject and body text.
The attached filename is also randomly chosen, but it has a
double extension (for instance, .doc.com or .mpg.pif).
If the attachment is opened, the worm copies itself into the
Windows System directory with the filename scam32.exe. The worm also copies itself as a file called sirc32.exe to the Recycled files directory with its file attributes set to hidden.
The worm changes the registry key
HKLM\Software\ Microsoft\Windows\ CurrentVersion\Run Devices\Driver32 so that it runs on Windows startup. The registry keyHKLM\SOFTWARE\Classes\ exefile\shell\open\command is also changed
so that the worm runs before any other executable file is opened.
If the worm finds any open network share, it will attempt to
copy itself into the Windows directory on the machine with an
open share, with the filename rundll32.exe. The original
rundll32.exe file is renamed to run32.exe. If this is
successful, the worm changes the file autoexec.bat so that it includes a command to run the worm file previously dropped to the Windows directory.
The worm contains its own SMTP routine which is used to send
email messages to email addresses found in the Windows address
book and the temporary internet folder, where cached internet
files are kept.
W32/Sircam-A is a network-aware worm. The worm spreads via email and by using open network shares. The worm arrives in an email with a random subject and body text.
The attached filename is also randomly chosen, but it has a
double extension (for instance, .doc.com or .mpg.pif).
If the attachment is opened, the worm copies itself into the
Windows System directory with the filename scam32.exe. The worm also copies itself as a file called sirc32.exe to the Recycled files directory with its file attributes set to hidden.
The worm changes the registry key
HKLM\Software\ Microsoft\Windows\ CurrentVersion\Run Devices\Driver32 so that it runs on Windows startup. The registry keyHKLM\SOFTWARE\Classes\ exefile\shell\open\command is also changed
so that the worm runs before any other executable file is opened.
If the worm finds any open network share, it will attempt to
copy itself into the Windows directory on the machine with an
open share, with the filename rundll32.exe. The original
rundll32.exe file is renamed to run32.exe. If this is
successful, the worm changes the file autoexec.bat so that it includes a command to run the worm file previously dropped to the Windows directory.
The worm contains its own SMTP routine which is used to send
email messages to email addresses found in the Windows address
book and the temporary internet folder, where cached internet
files are kept.
By opening an infected email attachment, you allow the W32.SIRCAM.WORM@MM worm virus to reproduce itself on to your computer. It will then search for .doc, .xls, .zip and .exe. files. Once these files have been found it will the attach them to the original virus you opened and then email everybody in your address book.
If the virus is allowed to remain on your computer it will deliver a payload that will completely wipe out your hard drive on the 16th of October. There is also a chance of the virus filling all remaining space on the hard disk by adding text to the file c:recycledsircam.sys at each start-up. And, if that wasn't enough, it will upload a random file and add it to the worm, this means that personal infomration could be added and passed on to other poeple via the worm.
If you think that you have been infected with this virus then it is possible to get a W32.Sircam.Worm@mm removal tool at http://www.symantec.com/ avcenter/venc/data/ [email protected]. tool.html (No spaces) The best way to avoid this virus is not to open any e-mails from people you don't know that have an attachment.
The W32.SIRCAM.WORM@MM worm virus is also know as W32/SirCam@mm, Backdoor.SirCam. More infomration can be found about the virus at http://www.symantec.com/ avcenter/venc/data /[email protected] (again no spaces)
I hope you read this information before it infects you and if you know anybody who might be infected then pass the information on. Thanks.
Darkreaper
If the virus is allowed to remain on your computer it will deliver a payload that will completely wipe out your hard drive on the 16th of October. There is also a chance of the virus filling all remaining space on the hard disk by adding text to the file c:recycledsircam.sys at each start-up. And, if that wasn't enough, it will upload a random file and add it to the worm, this means that personal infomration could be added and passed on to other poeple via the worm.
If you think that you have been infected with this virus then it is possible to get a W32.Sircam.Worm@mm removal tool at http://www.symantec.com/ avcenter/venc/data/ [email protected]. tool.html (No spaces) The best way to avoid this virus is not to open any e-mails from people you don't know that have an attachment.
The W32.SIRCAM.WORM@MM worm virus is also know as W32/SirCam@mm, Backdoor.SirCam. More infomration can be found about the virus at http://www.symantec.com/ avcenter/venc/data /[email protected] (again no spaces)
I hope you read this information before it infects you and if you know anybody who might be infected then pass the information on. Thanks.
Darkreaper