Whoah thats one of the worst virii out there. One of my clients got a hold
of it and lost 2 machines because of it. I have first hand experience trying
to clean the thing, it's not easy. Make sure it is gone from your system!!
Unless you are a lawyer, it's USUALLY rather benign. Most strains of magistr
will not drop it's payload and infect, unless it finds a document containing
3 legal phrases (the virus caries a list of many phrases both in enligsh and
the spanish equiv). If it does infect you it will corrupt files and
eventually overwite some of your core windows files I.E. win.com (win9x) or
NTLDR (win NT/2000). The main nasty thing some strains of it can do is
flash the bios of some computer motherboards with a bunch of garbage making
the computer dead for the most part. If it has a name brand motherboard a
replacement bios chip can be found, if it's fairly generic there usually
isn't hope but changing the mainboard. It'll also pop up nice messages on
your screen containing obscene language :P~
Here is a nice link about the first version of the virus (magistr.a)
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=PE_MAGISTR.A&;
VSect=T
One bad thing about this virus is that because of it's polymorphic
nature.... it changes on the fly making it sometimes impossible to detect by
most virus scanners. I would suggest downloading the free trial of Etrust
InoculateIT, which is about the best virii scanner out there..... Just to
make sure it is truly gone. It can be found here
http://www3.ca.com/Solutions/Product.asp?ID=2619 They claim to find 100% of
virii, and over the years I have found many machines that the latest version
of NAV, Mcafee, and AVG didn't find a virus but inoculateIT/Inoculan from
cheyenne did.
-Mike
Going back to lurk mode. Too many PC's/Networks to fix and too little
time... Mebbe thats why I haven't autox'd in 2 years.
> Several people received messages from me that were generated by a virus.
> These were typically incomplete messages, randomly extracted from old
> messages, so they made no sense to the recipients. I updated my
anti-virus
> program and eliminated the virus. The name of the virus is
> W32Magistr.39921. It is a worm which sends out random e-mails.
> Interestingly, it didn't just send them to people in my address book, but
> also extracted addresses contained in group digests. So, most of the
people
> who got the bad messages were not in my address book. I apologize for the
> inconvenience, and I thank those who pointed out the problem and
identified
> the virus.
>
> Marvin
>
> /// autox@autox.team.net mailing list
> ///
> /// To unsubscribe send a plain text message to majordomo@autox.team.net
> /// with nothing in it but
> ///
> /// unsubscribe autox
> ///
> /// or try http://www.team.net/cgi-bin/majorcool
> ///
/// autox@autox.team.net mailing list
///
/// To unsubscribe send a plain text message to majordomo@autox.team.net
/// with nothing in it but
///
/// unsubscribe autox
///
/// or try http://www.team.net/cgi-bin/majorcool
///
|