After the badtrans virus another one is spreading rapidly trought the internet.
And this one is knockin` out your firewall and you antivirus program so be warned.
|
Let there be no doubt that script kiddies--inexperienced malicious programmers--have taken up the once lowly skill of virus writing. Goner's (w32.Goner.A@mm) pop-up displays look like a typical script kiddie Web-site defacement, complete with the typical script kiddie "greetz." Besides spreading rapidly by e-mail, and therefore posing a threat to e-mail servers, Goner spreads via ICQ and also shuts down antivirus and firewall protection, leaving your Windows computer vulnerable to other attacks. Because it deletes files, Goner ranks a 7 on the ZDNet Virus Meter.Goner arrives by ICQ or e-mail bearing a subject line of "Hi" with the body text of "How are you ? When I saw this screen saver, I immediately thought about you I am in a harry, I promise you will love it!" The attached file is gone.scr. The payload of Goner is written in Visual Basic 6, packed with a UPX file compressor, and is 39KB in size. If executed, the worm makes copies of itself in the Windows System directory under the name gone.scr. It also adds itself to the Registry so that it executes each time the computer reboots. |
Source: ZDNet
