h2g2 The Hitchhiker's Guide to the Galaxy: Earth Edition

I've just spent the whole day trying to rid our system from the SirCam virus. It's darned clever, I have to admit. Even the latest update for Norton Antivirus was completely useless against it (it could detect it but not get rid of it), so I had to get rid of it with DOS and the registry editor.

If you want to know the gory details: it alters the registry so it's run every time you run an application (also meaning that if you delete the virus executable, Windows complains that it cannot run anything, including regedit); puts itself in the recycle bin, which isn't normally scanned for viruses; replaces rundll32.exe and a few other critical files with a copy of itself; repeatedly inserts itself in autoexec.bat; contains its own smtp emailing program, meaning it bypasses your regular email program, so you don't have a clue about all the emails it's sending until you start getting panicky replies from people; grabs email addresses not only from your address book, but from your internet cache too, meaning it gets sent to a hell of a lot of people if you're not careful; and attaches random documents from your hard disk - meaning some fairly sensitive business documents were sent from here; alters the wording of the email and document name each time, so it's hard to recognise; disguises itself as a common-looking document; and uses less known executable names such as .PIF and .LNK, meaning most people won't realise that it's a program not a document even if they are aware that it has double file extensions.

Bleh.

ooooh Sounds like you had a day of it.

There, there,

*sympathy*

Nasty Viruses

*more sympathy*

Thanks. *pours tea over head and eats the cup*

That's much better.

At least I got rid of it in the end. And it didn't delete anything. It did send our mailing list and our annual budget report to various strangers, but I'm not in a hurry to tell my boss that

Man, that's tough.

I've got a few mails recently with attachments with double file endings - and steered clear.

Good. We got hit by SirCam (short for Sir Camelot, I presume), which is the latest doing the rounds; and it's far more intelligent than I Love You, and look at the damage that did.

I think this may be the same virus my dad accidentally sent to his boss the other day... ! Luckily, the guy's good natured... and if he opens the email, it's his problem-- the whole company got an email about it, so it's inexcusable.

My family had a lovely at my dad's expense when he told us...

Well it was my boss that opened the attachment with the virus in the first place... of course, he wouldn't take the blame though

And we've spread it to loads of other people too

But I find it terribly amusing that my computer was the only one in our company that was sufficiently safeguarded and didn't get the virus

Well... you're just special, that's all...

...

*nods*

Agrees

*wonders if it's possible to have a proper conversation composed entirely of smileys*

<-- nodding very fast