[WEB4LIB] virus

James Klock j-klock at evanston.lib.il.us
Thu Feb 11 18:18:28 EST 1999


>...You get the original mail, plus a second
>message with the same header with the HAPPY99.EXE attached. When run, it
>displays pretty fireworks while dropping ska.exe and ska.dll in your system
>directory and it makes a copy of wsock32.dll called wsock32.ska....

Remember, kids-- don't run executables that come from an untrusted source
without AT LEAST scanning them with an up-to-date virus checker first!
Better still, don't run executables that come from untrusted sources at
all.  Are the pretty fireworks really worth it?

There will be those who will suggest that they can't stop their users from
doing so, to which I reply: the only time I've had a virus problem that was
tracable to a user running bad executables that she had gotten off the net,
I asked her to sit beside me and help me clean up all traces of the virus
from the file server, and then asked her to write up an email asking anyone
else who thinks they'd gotten the virus to report it directly to her.  She
passed those names on to me, and I fixed them, but she was quite careful
thereafter to avoid virus-friendly behavior...

James


More information about the Web4lib mailing list