picked up a damn virus

[Dave]

got an e-mail from a co-worker telling me i forwarded a virus to her machine. i hadn't sent her anything. i checked my mail at work tonight. when i got home, i found 3 e-mails from unknown sources. i opened it only so i could delete them. (i use OE).
e-mail virus
the people that write these damn things

 

[Q]

Didja get rid of it yet?

 

[Professur]

When you've gotten rid of it, head on over to the MS junkpile and download the newest security patch too.

 

[Dave]

i ran a couple of virus scans last night and didn't find anything.
all my virus definition and patches are up to date.

 

[Q]

Oooh, I hate when that happens. Did you try that sysbot thing?

 

[Dave]

that was negative too

 

[Squiggy]

I'm glad I'm on a Mac when I read these things...

 

[Professur]

Run OS/2. I dare anyone to infect me. Muhahahaha.

I really should reload Warp on a machine sometime. If only to fung up the statistics.

 

[greenfreak]

Can you ask the co worker what the name of the virus was and go to Symantec's site to get info? She must have had to get rid of it herself, right?

 

[Dave]

i asked her, but haven't heard back yet.

got an e-mail from another co-worker that said she got a virus e-mail from a different co-worker. i wonder if its spreading one address/one mailbox at a time...

 

[greenfreak]

Maybe these emails telling you they have viruses *are* the virus emails.

 

[PT]

Yes, that is a possibility, they certainly are getting scarier and scarier all the time. I've also noticed that most viruses aren't doing the damage they used to though either, more just inconveniences or machine lockups more than data deletion.

 

[Dave]

Maybe these emails telling you they have viruses *are* the virus emails.

now that would be an annoying little virus. constantly sending virus warnings to random addresses.


the 3 strange e-mails i got all had attachments (of which i did not open) one had an .exe, the other had an extension that i had never heard of before (.scv or something like that) and the 3rd had the .scv plus a .htm.

i sent out a warning e-mail to all my co-workers. the warning i got back was a forwarding of my message with her warning. (did that make sense?)

 

[greenfreak]

Probably .scr? That's a screensaver, I know that one too well. Good luck with it man!

 

[HomeLAN]

.scr, .vbs, .exe, it all spells VIRUS.

 

[tommyj27]

* wants OS/2 "just because"

 

[Luis G]

.scr, .vbs, .exe, it all spells VIRUS.

Exactly, however to avoid exploits on the shitty IE and OE, just remove the execution attribute to the file wscript.exe, that should avoid script infections.

 

[Dave]

Can you ask the co worker what the name of the virus was and go to Symantec's site to get info? She must have had to get rid of it herself, right?

she said her virus scan picked it up before it infected her machine so it was quarentined. she just let me know it was the W32/Klez.h@MM worm.

i followed all the directions at mcafee's web site to remove it and the scans keep coming up clean.

http://vil.nai.com/vil/content/v_99455.htm#RemovalInstructions

i ran spybot and didn't see any of the registery changes noted on the web page. i hope its gone.

 

[Mirlyn]

she just let me know it was the W32/Klez.h@MM worm.

That's a big one. I remove that one from systems at BBY more than any other virus. We're still fighting it in our networks on campus too.

Good to hear you've got it gone!

 

[tommyj27]

Klez sucks ass, i cleaned that off my grandma's PC last fall after she almost infected the rest of the family