GIGGER worm - formats C:\

Discussion in 'TRIBE Main Forum' started by Vidman, Jan 15, 2002.

  1. Vidman

    Vidman TRIBE Member

    [h]Beware the Gigger[/g]
    A new virus is lurking. Don't let your computer be the next victim.

    By Chris Pirillo - January 14, 2002


    What's more annoying than receiving a virus through email? I would say it's receiving a virus through email that'll wipe out your C:/ drive the next time you reboot your computer. This is scary, but true, for folks who have been hit with Gigger.


    Gigger is the latest JavaScript exploit that's hit the Internet, and you would be wise to avoid it at all costs. Watch out for any email with the subject: "Outlook Express Update." I have not seen one in my Inbox yet, but SARC is informing people that it has an "Mmsn_offline.htm" attachment.


    When opened, Gigger will infect HTML files on your hard drive and add a very destructive line to your Autoexec.bat file that will invoke a format of your primary hard drive. It will also mail itself to everyone in your Outlook address book, worm its way into mIRC scripts (if mIRC, a popular IRC client, is installed), and add code to your system registry that will "help" delete files from your hard drive.

    Watch out!


    Removal instructions/b]

    To remove Gigger, delete all files that are detected as JS.Gigger.A@mm, remove the line that the worm added to the Autoexec.bat file, and remove the keys and value that the worm added to the registry. For full details, visit SARC.

    -------------------------------------------
    http://www.techtv.com/callforhelp/answerstips/story/0,24330,3368084,00.html
     
  2. Vidman

    Vidman TRIBE Member

    Jesus, I was totally off on that UBB bolding code.

    Here's the line to SARC
     
  3. Vidman

    Vidman TRIBE Member

    "off on" -- fuck, I'm just gonna stop typing and go to bed..
     
  4. Plato

    Plato TRIBE Member

    it adds itself to irc script?

    so it wouldbe sent over irc??

    shoudl we stay off it to stay safe then?!

    virii confuse me

    p[l]a+0
     
  5. Vidman

    Vidman TRIBE Member

    Just either keep auto-download turned to off, or set the permission to only accept certain file types. (ie mp3, txt)

    Setup the zones/restrictions in outlook express and IE. Go to http://pcpitstop.com/pcpitstop/default.asp, run the test. It will tell you how safe you are, and give you tips on how to be more secure. You don't even have to reconfigure anything, it has windows scripts that will do it for you.
     

Share This Page