[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index][Author Index]

That new virus that everyone's talking about

To: <Loopers-Delight@loopers-delight.com>
From: "Stephen Bradley and Kristen Chamberlin" <chambrad@valinet.com>
Subject: That new virus that everyone's talking about
Date: Tue, 13 Feb 2001 18:44:58 -0500

I got this from my local network, to address this new virus.  Thought I'd
pass it on.

stephen

"VBS/SST@MM is a high-risk virus that has already infected many users-
 please don't be the next victim!

 Here's what to watch out for:

 The message will probably appear to come from someone you know.  It will
have an attachment called
 AnnaKournikova.jpg.vbs. The subject and body of the message may look like
this:

 Subject: Here you have, ;o)
 Body:
                    Hi:
                    Check This!

 Attachment: AnnaKournikova.jpg.vbs

 If you receive a message that fits this profile, delete it immediately!  
Do
not open the attachment!

 If you open the attachment, it runs a script that copies itself into your
Windows directory, and also
 adds two  entries to your Windows registry.  If you are an Outlook user, 
it
then attempts to send itself
 to everyone in your Outlook address book.

 To determine whether the virus has infected your computer:

 1. Click on the Start button and select Find, then Files or Folders.

 2. The Find All Files dialog box will open. Type the following into the
"Named" box:  *.vbs

 3. In the "Look in" box, make sure that "Fixed disk (C:)" is selected.

 4. Click on the Find Now button.  (It may take a few minutes for the
program to search your whole C:
 drive.)

 5. If the AnnaKournikova.jpg.vbs file is not found on your C: drive, you
are fine and can stop here.

 6. If the AnnaKournikova.jpg.vbs file is found on your C: drive, your
machine is infected with the virus
 and you should complete the virus removal procedure below.


 To remove the virus from your computer:

 1. While you are still in the Find All Files dialog box, right-click on 
the
AnnaKournikova.jpg.vbs file and
 select Delete from the pop-up menu.

 2.  In the Confirm File Delete dialog box, click Yes.

 3. Close the Find All Files dialog box.

 4. To remove the bad registry settings, click on the Start button and
select Run.

 7. In the Run dialog box, type: regedit

 8. In the Registry Editor window, click the plus sign beside the 
HKEY_USERS
folder.

 9. Click the plus sign beside the .DEFAULT folder.

 10. Click the plus sign beside the Software folder.

 11. Right-click on the folder named OnTheFly and select Delete from the
pop-up menu.

 12. Close the Registry Editor window, and you are finished. "

Follow-Ups:
- Re: That new virus that everyone's talking about
  - From: Doug Miller <dmiller3@columbus.rr.com>

References:
- Fwd: EDP for sale
  - From: RGBLA@aol.com

Prev by Date: RE: Electrix FilterFactory
Next by Date: RE: opinions on analog - USB converters
Previous by Thread: Fwd: EDP for sale
Next by Thread: Re: That new virus that everyone's talking about
Index(es):
- Date
- Thread
- Author