For the past two or three days, I've been getting tons (1-2 per day) of emails with attached files, with some idiotic message like, "Hi, I've attached this file to get you advice!" or something. Has anyone else received anything similar? I assume it's the latest virus thing. Of course, I delete them on sight, but I'm curious as to what horrible things would happen if I ran the attached .bat file.

Yeah, sure sounds like you're being targeted by a virus. Next time you get one, drop the .bat file in a text editor and see what commands it intends to run.

OH YES. I'm getting these too.

so is Lumthemad... in fact he's traced it back to Funcom.

I think anyone who has a website address is getting them Bruce. I'm getting them mainly through my two (old) Sharky addresses and also from Gamepen.

Blue had something up about it earlier. It seems to check clean on a virus sweep... but I'm not opening it. Interestingly I'm starting to get them in Spanish now.

-Andrew

www.tomshardware.com has a news item on this virus. It comes in English and Spanish. It is supposed to be harmful. Definiately a do not open situation. See link:

Tom's news item

-DavidCPA

It's the latest worm. Pretty neat stuff, if TOTALLY annoying. I've gotten like 50 of these things.

It copies an executable to your system folder AND your recycle bin (since many virus scanners don't, by default, scan there...DUH). And it registers itself as the default to lauch executables with. So you run a program, and this worm will also launch.

It picks a .jpg, .zip, or .doc at random from your My Documents folder and mails it to people from your Address Book using it's own SMTP protocol.

Virus scanners can detect it (even the free web ones), but nobody's running it.

Over the weekend, it quickly jumped to the #1 most prolific virus in virutally every continent except Africa, where South Africans with the Love Bug virus totally dominate. Seriously.

Virus scanners can - but some like Norton's don't or at least didn't. When you get an email with an attachment from someone you are used to getting such emails from - its pretty easy to screw yourself. I did. I was running norton's and it did nothing. I cleaned my system by hand and now run AVP which always seems to update their profiles quicker.

I am surprised more admins aren't blocking this. At evilemail we scan for this now and just delete any email with the phrases in it. It is pretty trivial to do from a system admin standpoint. We already notified all our users so if someone was sending them an altert with the phrases in it - we have them covered.

Chet

"Virus scanners can - but some like Norton's don't or at least didn't."

So, wait, I've gotten scores of these and I've never opened one. I delete them by hand. I've also come clean after several Norton virus checks. Am I clean? I even spot checked the System file like Jason mentions above.

-Andrew

http://www.centralcommand.com/ts/00D709001aet/antisircam.exe

Run it and it will tell you.

Thanks for the link, Chet.

Symantec's description of the bugger was pretty vague in that it didn't indicate if the thing triggered on viewing the email or only if you clicked an attachment. As a rule, only image or zipped attachments get clicked by me, hehe.

Now, if someone could figure out how to embed a virus in a .jpg... scary.

www.grisoft.com

AVG is free and picks it up. One of my wife's friends is infected and has been spamming her with these messages as well.

The other thing to watch on this one. I have 3 windows machines at home. Once one got infected, it went out and infected the others. It does not seem to be able to infect NT machines.

Chet

Somebody needs to write a virus that, once infected, causes the computer to randomly pop up a dialog box with the question mark icon on it that asks "Why does it hurt when I pee?"

Were you dropped on your head as a child?

For the Amiga there was a virus that did nothing but flip your display upside down every so often. They named it the Australian virus. I thought that was slightly funny when I got it.

Chet