I've got Win32/Shimg.Worm virus

Any ideas?

Shimg is an alias for the MyDoom worm.

Here you go

http://www.sophos.com/support/disinfection/mydooma.html

Another one? Blimey Andy...

If you need help, holler.

Hmm, say's I'm not infected

Oh yeah, we've had those coming in droves today. Damn those ignorant customers of ours!!

Originally posted by Andy Murray
Hmm, say's I'm not infected

You follow the instructions properly? Sometimes with those you need to boot into Safe Mode :D

What/who told you the virus was on your system? Some AV's can trigger false positives on certain files.

Got loads of emails from various peoples AV software quoting the virus.

Still haven't found safe mode either.

Don't know why Safe Mode's not working for you. Is there an option in the shut down menu to boot into Safe Mode?

Shim/MyDoom is very new (and potentially high risk), its only been in the wild for 24 hours at the most as I understand. It spreads via email and kazaa. Its got a Keylogger too, so you may want to change vital passwords. It also has its own SMTP server, which in English, means it can make the email look like it came from anywhere, so you may not have it at all, it may just be stealing your address.

The main problem is, because its so new, AV's are having trouble picking it up. Update your AV software, even if you have, try again.

Try checking this page out too, it has some removal instructions. http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100983#removal_instructions

I use Sophos and they released their ide for it at lunchtime today!

Apparently some of them are still on it! I don't see why really, its just a typical mass mailing variant of almost every other virus thats been released. I would think the main vendors would have it covered by now.