Author: Albert Silver
Date: 07:15:06 03/26/02
Attention, I received a worm disguised as a joke (that was the title of the e-mail) that invaded my system and sent a copy of itself to some people on my address book though I do not know whom. This worm comes in a file as an e-mail attachment and contains a virus called Win32.HLLM.Cervici Do NOT execute it. In order to stop the infection if you are already infected, you must enter the directory \Windows\System32 and delete any files ending in .exe (classified as Application). I found the following irregular files in this directory: - worms.exe - worms.zip - ntkrnl.exe (I use WinME so this stood out) - ntokrnl.dat Warning! Anti-virus programs do NOT detect it. The reason is that the file isn't a virus and running an anti-virus program shows nothing. When you run the file the first time, it produces some funny graphic of colored worms on the screen. Later, it sends e-mails to your contact list, and the *e-mails* have the virus in question. I ran Norton Anti-Virus (up-to-date) and other programs and no luck, and I even tried re-installing Windows. I found the solution by luck, but it worked. I was forced to boot from a bootdisk to be able to delete the files because in Windows they were protected. Sorry for the trouble. Albert
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.