BEWARE - COMPUTER VIRUS
#1
Scooby Regular
Thread Starter
I believe I have found out why my PC has been crashing out of Scoobynet the last few days......
I was sent an Email from Italy at the weekend from somebody I was expecting a reply from. I got two messages. The first one was legit, the second one had an attachment called "Jimi Hendrix". I thought he had sent it to me in error or something so did what we would all do (or me anyway), against all the advice, and clicked on the attachment.
Nothing happened, or so I thought.....then I started getting problems.
This is a known W95.MTX variant worm virus (or now I know this – hindsight eh??). It also manifests itself under a whole list of names including “hanson.scr” (which I accidentally sent to Webmaster after it had infected me - OOPS sorry Simon SIR).
It also has the capability to block access to certain web sites – sounds familiar?
What it does is that the worm component makes a copy of Wsock32.dll and names it Wsock32.mtx. It then allows the virus to mail a copy of the worm infected with this virus in parallel to the person any legitimate mail is sent to. You click on the Jimi Hendrix (or hanson.scr) attachment, and you can guess the rest.
According to Symantec’s website it can be a bit of a pig to remove.
Further information can be obtained from
I was sent an Email from Italy at the weekend from somebody I was expecting a reply from. I got two messages. The first one was legit, the second one had an attachment called "Jimi Hendrix". I thought he had sent it to me in error or something so did what we would all do (or me anyway), against all the advice, and clicked on the attachment.
Nothing happened, or so I thought.....then I started getting problems.
This is a known W95.MTX variant worm virus (or now I know this – hindsight eh??). It also manifests itself under a whole list of names including “hanson.scr” (which I accidentally sent to Webmaster after it had infected me - OOPS sorry Simon SIR).
It also has the capability to block access to certain web sites – sounds familiar?
What it does is that the worm component makes a copy of Wsock32.dll and names it Wsock32.mtx. It then allows the virus to mail a copy of the worm infected with this virus in parallel to the person any legitimate mail is sent to. You click on the Jimi Hendrix (or hanson.scr) attachment, and you can guess the rest.
According to Symantec’s website it can be a bit of a pig to remove.
Further information can be obtained from
#2
Scooby Regular
Join Date: Mar 1999
Location: Essex
Posts: 1,681
Likes: 0
Received 0 Likes
on
0 Posts
This virus is certainly doing the rounds - I've had loads of reports from my server where people have tried to send email with it attached.
Thank god for server based email virus scanning eh !
Thank god for server based email virus scanning eh !
#4
Moderator
iTrader: (2)
Lee
Yup! + auto update enabled
Scored 5 virus's in the last few days on our network.
I even got my brother-in-law to send me an email 'cos he was told he had a virus but not what! (So I could tell him what it was )
Caught & killed
Every time we get a virus, my pager goes off - bit tedious...
Yup! + auto update enabled
Scored 5 virus's in the last few days on our network.
I even got my brother-in-law to send me an email 'cos he was told he had a virus but not what! (So I could tell him what it was )
Caught & killed
Every time we get a virus, my pager goes off - bit tedious...
#6
I fell foul to the 'kak' worm virus a while ago, from an email- and this one you dont even have to click on. It manifests itself in a signature in the email, in some sort of active x scripting, so as soon as you opened the email, your infected.
#7
Scooby Regular
Join Date: Mar 2000
Location: Weston Super Mare, Somerset.
Posts: 14,102
Likes: 0
Received 0 Likes
on
0 Posts
Peter,
Being a computer muppet (well nearly) and working from home (not surrounded by IT gurus) I am very nervous about viruses. Do I take your post to mean that by just reading an e-mail I can catch something?? I know of course about opening dodgy attachments but I really didn't think reading e-mails carried a risk. Can somebody put me right? Thanks in advance. BTW I do use Norton and so far, touch whatever no problems. I haven't a clue what active x scripting is. David
Being a computer muppet (well nearly) and working from home (not surrounded by IT gurus) I am very nervous about viruses. Do I take your post to mean that by just reading an e-mail I can catch something?? I know of course about opening dodgy attachments but I really didn't think reading e-mails carried a risk. Can somebody put me right? Thanks in advance. BTW I do use Norton and so far, touch whatever no problems. I haven't a clue what active x scripting is. David
Trending Topics
#8
David,
You are indeed at risk if you use Outlook Express with the Preview Pane.
For instance, one of the variants of KAK (http://vil.nai.com/vil/virusChar.asp?virus_k=10509) can be activated by viewing an infected message 'with' the Preview Pane.
Things to do...
1) Ensure your anti-virus software is updated (at a minimum get an update every month) and enabled.
2) Use
You are indeed at risk if you use Outlook Express with the Preview Pane.
For instance, one of the variants of KAK (http://vil.nai.com/vil/virusChar.asp?virus_k=10509) can be activated by viewing an infected message 'with' the Preview Pane.
Things to do...
1) Ensure your anti-virus software is updated (at a minimum get an update every month) and enabled.
2) Use
#9
Scooby Regular
Thread Starter
I've run the Symantec W95.MTX fix and reloaded Win 98 - looks like I am back in business guys - getting update version of Norton System Works tomorrow and gonna install a firewall - then go gunning for the ba5stard that infected me
1000 posts here I come.....
1000 posts here I come.....
#10
Scooby Regular
Thread Starter
By strange coincidence I was looking at those three firewalls this morning after my little visitor earlier in the week....
Mrs T-S is at home today so she very kindly loaded me one this morning.....been to PC World (UGH - but convenient) in my lunch hour to get an update of my viruschecker with auto online update - that should tighten things up - live and learn eh guys??
Mrs T-S is at home today so she very kindly loaded me one this morning.....been to PC World (UGH - but convenient) in my lunch hour to get an update of my viruschecker with auto online update - that should tighten things up - live and learn eh guys??
#13
As well as updating my virus checker I also got a software update patch thingy from micro$oft, which stops the loop hole in outlook that allows worms like kak into the system.
Good to know you got everything sorted out dave. The few I've had in the past have meant whole hd formats!
Good to know you got everything sorted out dave. The few I've had in the past have meant whole hd formats!
#14
Scooby Regular
Join Date: Mar 1999
Location: The Great White North
Posts: 25,080
Likes: 0
Received 0 Likes
on
0 Posts
win85.mtx
Nastiest virus I've ever come across. We had a problem with a a few weeks back. one of the PC chaps got sent an email and this crashed our mailserver, on closer inspection it was something to do with some file called 'metalica.mp3.pif' that he was trying to send. Which he was not.
I grabbed the file on my mac and opened it up and had a scan through the info, and found out what it was.
You should have seen their faces when I looked it up on the symantec site.
Trully horrible little bast. Glad I've got a mac, which can't get infected by it.
Nastiest virus I've ever come across. We had a problem with a a few weeks back. one of the PC chaps got sent an email and this crashed our mailserver, on closer inspection it was something to do with some file called 'metalica.mp3.pif' that he was trying to send. Which he was not.
I grabbed the file on my mac and opened it up and had a scan through the info, and found out what it was.
You should have seen their faces when I looked it up on the symantec site.
Trully horrible little bast. Glad I've got a mac, which can't get infected by it.
Thread
Thread Starter
Forum
Replies
Last Post