Virus Information Library

Internet Services and Servers

Internet Services Offered
Scheduled Outages
Create Webpages
DOE Anti-Spamming Service
Webpages that are ADA Compliant
Content Filtering
Get Anti-Virus software
Software Downloads
Using Atmail
Using ListManager

WAN Support Contact
WAN/Network FAQ

Installation Schedule
Surplus Materials
Network Installation Status
Network Cabling
Installation Request Form

Requesting Help for NOSS
Services Available

Alpha Support Contact

Voice Network (telephone)

Video Trouble Reporting

Last update 4/26/05

	Virus Information Library W32/Mydoom.o@MM This variant of Mydoom is known to send non-viral attachments, typically .bat, .com, .exe, .pif or .scr files within a zip archive, within another zip archive. These files are approximately 1-2kb in size and are not infectious. Click here to see more about W32/Mydoom.o@MM and Removal Instructions. [posted 06/26/2004] W32/Stdbot.worm An increase in traffic on port 5000 has been reported to AVERT recently. This is due to a new worm variant detected as W32/Stdbot.worm.b using the above specified DATs and engine. Click here to see more about W32/Stdbot.worm and Removal Instructions. [posted 05/19/2004] Download and install the McAfee DAT file for protection for this worm. Download and install Windows Patches (MS04-011) file for protection for this worm. [posted 05/19/2004] W32/Sasser.worm The fast-spreading "Sasser" computer worm has infected hundreds of thousands of PCs globally and the number could rise sharply. Click here to see more about W32/Sasser.worm.a and Removal Instructions. [posted 05/03/2004] Download and install the Stinger and McAfee DAT file for protection for this worm. Download and install Windows Patches (MS04-011) file for protection for this worm. [posted 05/19/2004] W32/Nachi.worm.b This is a variant of W32/Lovsan.worm.b. It is functionally identical to the original variant. The worm is proactively detected as Exploit-DcomRpc.gen with the 4.2.60 scan engine, or higher, and the 4290 DAT files, or higher, when scanning compressed executables, default option. Click here to see more about W32/Nachi.worm.b and Removal Instructions. Download patches and virus removal program for W32/Nachi.worm [posted 04/08/2004] Microsoft warns of critical flaw Microsoft Corp. says a critical flaw in most versions of its flagship Windows operating system could allow attackers to run malicious programs on personal computers. Please be sure to update your Windows Operating Systems (OS) with the latest patch from http://nssb.k12.hi.us/system_status/MS04-007.html. Fast spreading worms such as Code Red or Nimda which infected Windows computers by taking advantage of security flaws is sure to be released soon for this particular flaw. Click here to see more about this topic. [posted 02/11/2004] W32/MyDoom.worm Jan. 26, 2004 2:55 pm. There is a new virus outbreak W32/Mydoom@MM. Please do not open attachment document.scr or any attachment with .exe, .pif, .cmd extensions (size 22,528 bytes). The From: address is spoofed. The subject varies and the message body varies. For example, The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment. The message contains Unicode characters and has been sent as a binary attachment. Mail transaction failed. Partial message is available. Download and install the McAfee DAT file for protection for this virus from http://nssb.k12.hi.us/system_status/MyDoom.html . Click here to see more about this topic. [posted 01/26/2004] W32/Bagle.worm Bagle is a new mass-mailing worm, and it came on strong on Sunday, prompting antivirus software companies to raise threat alerts. The worm also opens an unassigned port, where it tries to listen for commands from the writer. Click here to see more about W32/bagle.worm and Removal Instructions. We have received reports from DOE users, who have received email with this worm in the attachment. If you receive an email with an attached file called "bbeagle.exe" delete this message immediately. [posted 01/22/2004] BUGBROS WORM A BOGUS MICROSOFT ALERT A mass-mailing worm pretending to be a fix from Microsoft hassurfaced. Bugbros-A is attached to an e-mail from support@microsoft.com and is not particularly destructive. Click here to see more about this topic. [posted 01/07/2004] PATCHES FOR CRITICAL IE, WINDOWS FLAWS ISSUED Microsoft sounded the alarm on Tuesday, warning users of critical vulnerabilities in Windows and Internet Explorer. Click here to see more about this topic. [posted 11/12/2003] W32/Gaobot.worm. There is a new worm recently discovered in our network called the "Gaobot" worm. It already has caused disruptions to the network. The McAfee Stinger software will NOT detect or clean this particular worm out. You will need to get the latest McAfee virus signature/DAT file then run the McAfee Anti-virus scan to detect and clean it. Click here to get the latest patches and virus signature/DAT files and further instructions to clean out this worm. [posted 09/11/2003] W32/Lovsan.worm. This worm exploits the DCOM RPC vulnerability using TCP port 135. The worm attempts to download and run Msblast.exe file. Click here to see more about W32/Lovsan.worm and Removal Instructions. Download patches and virus removal program for W32/Lovsan.worm [posted 08/12/2003] See the Updated Viruses. Check here for explanation of the basic differences between viruses, worms, and trojan horses