viral headaches

[JohnMc]

I just finished recovering from a virus. No, not the flu but a PC virus that attaches itself to email (WORM-KLEZ.H). Very nasty and, like the flu, sometimes does not want to go away.

I thought my AVG anti-virus software would have stopped it but it failed to catch and even remove this virus.

I switched to PC-cillin and it seems to have done the job.

I have been in the business for almost 20 years. I think I've had about 3 virus attacks in all that time. Since I am a consultant, I have always practiced what I preach...at least about avoiding viruses.

Observation: Could it be that more viruses clones are being duplicated and dispersed more widely?

In this case of my 3rd virus, it has been suggested that an ex employee may have initiated the worm. Hard to tell who started it and I have advised my client not to point any fingers. For now at least.

I spent 2 days (my own time/money) cleanup up my W2000pro and an older W98 pc. My client has it even worse.

I wish there were other ways these jokers could get their kicks. Tracking them takes too long and too much $$$. Does anyone know of a way to track these people who release viruses via email?

Its a shame that the talent it takes to develop a worm is not directed to more useful means. Why not track terrorists instead? Could be exciting (could be deadly).

JohnMc

[Strawbs]

Welcome to SysOpt.

Tracking e-mail borne Virii isn't an easy task, as the more a virus propogates, the further from the original source it gets, it only takes one person to suffer an attack and everyone in thier address book can become a target.

I use Norton Anti-Virus, and don't suffer from e-mail virii, as it scans e-mails\files before it downloads them, all I have to do is update the reference file weekly. I have downloaded program files and had NAV flag a virus on more than one occassion recently, but it put the buggy files straight into quarantine, before I could open any in error. I love NAV.

[eFrisky]

Hey John - if you're a "consultant" why don't you run an email server of your own? It would avoid having to trust your main workstation PC as the first and last line of defence, concerning all the AV scanning/detection...
If you keep a good AV engine with up-to-date AV signatures on your email server (plus, obviously, keeping the server secure!) then you'll be much better off in the long run. Plus, you'll be able to warn friends/colleagues about an infection on their systems.

And another thing... it's a bit harsh of you to think that a colleague may have maliciously installed/spread a copy of this particular virus - I assume that you've read all the details about this one - it's simply quite virulent. But easily avoided if you actually know what you're doing, and have your systems setup properly. Talk to your company admins who look after the email server(s) - as they can be blamed (for gross negligence) almost as much as the kiddie that put this nice little virus together. I highly doubt that you were infected or targeted deliberately.

And yet another thing... why 2 days to reconstruct your system? Don't you keep backups or images??? 20 years experience should have taught you more.

Your "Observation" and other comments are pretty amusing, but not entirely unexpected, as you're a "consultant".

Sorry if this seems too much like a personal attack, but there are still far too many fake/wannabe "consultants" out there, earning far too much money, fiddling with systems, breaking stuff and deliverying inefficient solutions.