2 New Ones

Just got this via e-mail from TW/Roadrunner.

Afternoon Y'all,

I was just made aware of two new "bugs" just hitting the Internet trail and wanted to spread the word.

First up is a friendly little virus named W32.HLLO. W32.HLLO.Rozak is a virus that overwrites files on drives C, D, E, and F. W32.HLLO.Rozak is written in a high-level language. It needs the Neh.dll file, which is a exact copy of itself. When it is executed, it searches drives C, D, E, and F for files that have the following extensions:

.exe
mpg
mpg4
zip
.doc
.rar
.avi
.mp3

It then copies itself as Neh.dll and overwrites the files. The overwritten program files are not repairable.

It then displays the following message:

KWA!

Co chcia'oby sie programik ?
Niz z logo. Kaczor mowi. ZAGRAJ W SETTERS IV!!!!!

Had to copy the above hope it is correct.

I'll tell you more on how to remove after we get on to...

Bug part Deux and the nastier of the two(so far)

W32.Yarner.A@mm is a mass-mailing worm. The worm sends itself to email addresses found in the Microsoft Outlook address book and local files.

The worm uses the system configured or hard coded SMTP server to send messages with the subject Trojaner-Info Newsletter followed by the current date. The message body is in German and the attachment name is yawsetup.exe.

In addition, the worm may attempt to delete all files on the computer. (yes, you just read that, ALL Files)

Now as far as removing either one, the best offense is a great defense ( ok, so the saying is backwards, it works in this case). Get and maintain an updated anti-virus program. Find one that scans your email on the way in. The second and best way is to never open up any attachments without:

Save and Scan - As long as your anti-virus program is up to the minute, save these attached files and scan them with your software (Unless your program catches the infected files on the way in. Then just delete them)
You get a email. It's from a good friend. It has an attachment. It's should be fine, right? Wrong!!! This sort of thinking is how these viruses get spread. You get any email from anyone with an attachment, contact the sender back and ask if they meant to send it (generally, if I don't know the sender, it's gone to minute I notice it in my mail box). Unless people are running their anti-virus on a weekly basis (hint, you should be one of these people), they won't know their system is sending out infected email. You asking them about their email attachment could be the wake up call they need to fix their computer. (plus, it makes you look like the neighborhood "Puter Guru ". Nice ego stoke among your online buddies) You get the idea. Hope this helps.

I just checked NAV and they have AV and NIS updates.

 

Never mind.

I look wrong place. Subject was there

 

The updates I mentione earlier were for 2/19

There is another this evening dates 2/20