[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: ... ANTI_CIH.EXE
Amarendra GODBOLE forced the electrons to say:
> The above file also came to me as an attachment from someone in Indonesia.
> The surprising thing was that this file came down as a separate mail, before that
> person's mail, without any message ...
It _is_ a virus. Do a google search on the name to figure out how it
works. It monitors your windows machine for you to send one mail, and
then sends itself to the recipient in a separate mail. It also does the
usual things, like modifying your registry, replacing kernel32.dll etc.
The symantec's web site (which comes up in the google search) has info
on disinfection techniques. It is a fairly recent virus, and seems quite
a buggy one. :-)
Amar, We put up a filter on the retortsoft mail server the moment we
discovered this, but apparently a few copies got through. Sorry.
#define l/* Binand Raj S. <binand@xxxxxxxxxxxxxxxxxxxxx> */".%\"-\"("
#define s/* Ambition: To write sendmail.cf from scratch */abs(abs(i)-5)