More viruses being sent directly to list users

John Farrington jfarr at LIVINGSTON.NET
Mon Dec 20 13:52:58 EST 1999


On 12/20/1999 Steve Harrison wrote:

>Interestingly, some months ago, a good friend of mine forwarded me a
>copy of saddam.exe. It was a very entertaining animated cartoon and
>as far as I could tell, only that. Maybe it left something in my
>system that's gonna blow up soon, though.
>
>The same friend sent me g_zilla.exe about a month ago....
>Guess I'd better delete both it and saddam.exe (although the horse(s)
>is(are) probably already out of the barn by now.... ;o(((

Steve and all,

As I understand it, the worm does not do any immediate destructive
action on your PC; what it does when run is modify your Windows
Registry file and Outlook Express (or Netscape Email) so that it
automatically attaches itself to some or all of your outgoing
E-mails without your knowledge. When unsuspecting recipients run
the attached .EXE file, it does the same to their system.

So, if you've run it, just deleting the .EXE file will not do you
any good - you have to go into the Registry and delete the lines it
inserted there, and perhaps some other stuff. I believe the info is
on the Symantec site.

Whether or not it will later damage your system I don't know.

73

John Farrington  KE5ZB

Sponsored by the City of Tempe 

Listserver Submissions:  heath at listserv.tempe.gov
Listserver Subscription: listserv at listserv.tempe.gov - "subscribe heath 'name' 'call'"
Listserver Unsubscribe: listserv at listserv.tempe.gov - -"signoff heath"




More information about the Heath mailing list