Thursday, February 02, 2006

Virus Update

The virus that is being sent out is the kama sutra virus. If you are receiving emails from my address kehenry1 at hotmail dot com with any attachments on it, it has this virus attached to it. Particularly if it has headings like "my pictures", "photo", "arab sex" (?), "sexy", etc. Most of you should know by now that I would not send out an email with those kind of attachments. I understand one of them is definitely p*rn*graphic photos.

I would like to remind all of my friends not to open these emails.

To date, I have scanned with three of the big virus scanner programs available: Symantec, trend and f-force. I have used each of these programs' tools specific for the kama sutra virus (also known as mywife, nyxem and a few other names). At this time, all of these programs have come up negative for viruses on this computer. The only thing it could come up with was called "joker flipped" at about 6 pm Wednesday evening from some clock software. I deleted the clock and all software just in case.

It appears that the attack began at appx 8:30 pm Tuesday evening while I was using my brother's ethernet. His system was attacked as well. It seems that it was able to spoof my email address and copied the email addresses in my "in box" which included some subfolders that I had emails in. Unfortunately, this included a number of companies I had sent resumes to.

I received back several nasty replies (since it had my email address on it) including demands to stop sending the email and one from a company I had applied with that had the p*rn pictures attached which I could not see on return so I hope like hell that they couldn't see them either. I tried to alert everyone as best as I can that emails from me are infected and not to open, particularly if it says it has attachments.

I'm not sure what else to do.

My brother is particularly upset because his email listings included my nephews' schools and teachers and he received back some nasty email from them. He is now very worried that they will have the police after him for sending p*rn*graphy to a school system. I have tried to tell him to simply call the school and let them know that they should not accept email from that address anymore, explaining about the virus and to report it to his email server. Unfortunately, he is sure that the school is now going to send the FBI after him.

Since it is clearly the virus based on the attachments in the email, I told him he should calm down and not borrow trouble, that even if they came, it would be clear what the problem was, but he's not buying that much.

Anyway, I've done all that I can do, but it seems that it is still sending emails with the virus to everyone in the universe even though every scan shows no viruses found. Seems like they may have simply performed a hit and run to grab info to spoof from without depositing anything on the system (either that or they are really good and have the ability to dodge all the virus scanners available).

So, in an attempt to do an end run on this problem, I will be disabling my old email address. If you are on my "secured" email list, you will receive notification of my new address. If not, you will have to leave your info on the comments and I will get back to you with my new address.

If any of the computer guys knows anything else that I should be doing to stop this (short of burning the computer and throwing it out the window - which I have considered), please drop me a line and let me know what else I can do.

Thank you for your patience and, again, my apologies to anyone that received an email from me with any inappropriate content or viruses attached.

No comments: