Strategos / Tim O'Leary Home | Virus Resource Home
| Download Links | Getting rid of virus | Virus FAQ | MAC Virus FAQ | CIH Fix | Trojans & Malware |
If you find this site useful, send a brief email to tell me and with suggestions to make it easier to use.

Computer Anti Virus Information

Nov 27 2001
W32/Badtrans@MM Internet Worm & Backdoor Trojan.ns is another variant on the usual MS Outlook targetted email virus / worm / malware.<sigh> Removal instructions and information here.

Sept 17 2001
!|! W32/Nimda-A is a Windows 32 virus which spreads via email, network shares and websites. Affected emails have an attached file called README.EXE. Some good Australian advice on Nimda and how to secure Internet Explorer and Outlook [more info on Nimda from SOPHOS]

July 2001
SirCam AKA - W32.Sircam.Worm@mm, W32/SirCam@mm, Backdoor.SirCam
Sircam description here.
Removal instructions here.

!|! Nov 2000 - Navidad.exe is a nasty bug ridden virus / email worm that can bring your computer to a halt. A simple, quick and effective fix is available here at the Symantec site. http://www.symantec.com/
Various manual removal methds are described on virus company pages for the more hairy chested.
A good description of Navidad is here.

!|! VBS/Kakworm is a worm that exploits security vulnerabilities in Microsoft Internet Explorer and Microsoft Outlook in a way similar to VBS/BubbleBoy-A. On the 1st of any month after 5 p.m. the worm displays the message "Kagou-Anti-Kro$oft says not today" and runs Windows shutdown. [ more ] ..............

!|! Warning 4 May 2000 1:00 am.LoveLetter VBS/LoveLetter is a VBScript worm. It spreads thru email as a chain letter. The worm uses the Outlook e-mail application to spread. LoveLetter is also a overwriting VBS virus, and it spreads itself using mIRC client as well. Information to date.

moonlite from #coders has written a Procmail script for sendmail/procmail boxs to filter out ILOVEYOU virus, just download it and move it to /etc/procmailrc. This will filter out Variants A, B and C as specified by f-secure.com. Items that match are copied to /tmp/iloveyou.found for later scrutiny. He has generously made it available here.

!|! Information on w95 / babylonia from the SOPHOS site.

!|! Virus Advisory: I-Worm. BubbleBoy
10 Nov 1999
This is an advisory, not an alert - at this moment in time I-Worm.BubbleBoy is not considered to be in-the-wild. I am leaning toward the type of information that SOPHOS gives as a good example of useful data:
http://www.sophos.com/bubbleboy.html
I-Worm.BubbleBoy
This advice is taken from AVP news. Detailed description: http://www.avp.ch/avpve/worms/bubblebo.stm

!|! Latest release of F-Prot now available from download page.

| Advice on how to handle a virus infection. Follow this advice here and also this advice from Chris Stubbs

• DO NOT PANIC!
• Check out virus hoaxes and myths
• Do not Format your hard disk
• You do not have to lose any information if you stay calm and handle it right
• Do not Format your hard disk
• Download a good anti-virus program NOW . Links via my download page. (free full versions for 30 day trial)
• Do not Format your hard disk
• Follow this advice here and also this advice from Chris Stubbs
  I recommend reading, and printing out now and storing, these two pieces of advice. Both of these are usefull and one may suit your purposes better than the other.
• Do not Format your hard disk
• Relax and have a laugh read my virus hoax fiction writing.
• When you have finished read this excellent site by Chris Quirke. Includes advice on backing up and data management, safe computing and risk management Highly Recommended for a thoughtful, logical approach.

| Melissa macro virus. Official CERT Information. Also detailed info on Melissa from the respected Woody's Office Watch

| Fixes for trojans and irc/ICQ and other internet "viruses" or malware

| Happy99 - worm/virus/trojan - information and fix

!|! Virus alert. 11/6/99 The name is: I-Worm.ZippedFiles. A very nasty new virus. Information is available on this page, then go to the download page to get an update of your existing AV program or new program trial. Your Anti Virus Program should have an update post 10 June 1999 in order to detect the I-Worm/ZippedFiles virus. The virus does not appear to be widespread in Australia. This FREE program may undelete some files.

!|! Trojan alert. 11/6/99 PSW.CHV (a.k.a. Win32.PrettyPark). PrettyPark information here on the Trojan Information page.

!|! Special Mention
A good, local, computer shop is hard to find. Luckily we have one around our area. High Perfomance Computers, HPC, run by Frank Azzato, is in Balwyn, near the Union Rd / Belmore Road roundabout, and he is helpful, reliable and honest. As well as computers and networks, HPC knows their stuff when it comes to Monitors, Televisions, Videos and Audio Systems.

!|! CIH disk & data recovery tool FREE
Steve Gibson has developed a FREE program for data recovery after a CIH virus attack.Go to my Iomega ZIP page for links to Steve's site.

The CIH virus erases the first 2,048 sectors (1 megabyte) of each of the system's non-removable and writable disk drives. While this is certainly troublesome, the damage is very often 100% reversible and recoverable!

!|! Melissa advice
Most good Anti Virus programs available for download can prevent and fix it. F-Prot has caught and fixed Melissa, as an unidentified macro virus, without an upgrade needed!!. F-Prot is free.

!|! Free Linux Anti Virus Program
BitDefender Linux Edition V.7.0 site in english, español, français, deutsch

| CIH Virus fix.

| Computer Virus Myths Page. Solid information about media scares. Recommended for information, education, reassurance and a good laugh.

| My hoax fiction virus description. Written during an invasion of 14 year old boys in school holidays.

| alt.comp.virus Frequently Asked Questions FAQ Parts 1 to 4

| My opinions don't convince you? Need more? Well here is the University of Hamburg, Computer Science Dept. Virus Test Centre and;
a NZ site that ranks programs, or;
VIRUS BULLETIN

| My dreadful experiences with Iomega ZIP Drive

| A history of computer viruses by Robert M. Slade

| One great Independent Anti-Virus Site - a One-Stop-Shop maybe the only page you need

| Virus Bulletin Static Mirror and links

!|! Macintosh Computer Virus FAQ. Yes MACS do get viruses, about 40 available. Also vulnerable to good old Word macro viruses. Comprehensive information here.