The worm, Opaserv.L, installs itself into the Windows directory under the name mqbkup.exe. If the date is December 24 or later Opaserv.L creates several more files and then restarts the machine, displaying the following message in an MS-DOS window:
"NOTICE:
Illegal Microsoft Windows license detected!
You are in violation of the Digital Millennium Copyright Act
Your unauthorized license has been revoked
For more information, please call us at:
NOPIRACY
If you are outside the USA, please look up the correct contact information on our website, at:
www.bsa.org
Business Software Alliance
Promoting a safe & legal online world"
Finally, Opaserv.L deletes the content of the computer's CMOS and hard disk. Panda has not had any reports of the virus in the wild, so users who update their antivirus programs should be protected.
MessageLabs have also detected a new variant of the Yaha worm that is active in the Middle East and Australia. Yaha.M contains its own e-mail program, and may launch a denial of service attack against infopak.gov.pk.
Yaha.M forges its envelope-from and header-from addresses, and uses a variety of subjects, attachment names and content to attempt to fool the user to run the program.
don't understand how to recognize a virus.
Don't understan how to find one. am PC beginner....HELP!!!!