Haven't run the scanner on the Director's computer, but I went to the System Config Utility. Winkink.exe in start list? Kill it. Reboot. Winkvh.exe? time to go vil.nai.com...
While as an IT professional I must abjure Klez and all its works, I do have to have a grudging respect for the number of ways it morphs and wafts about -- I only see it in its textborne e-mail variants, but... it attaches itself in a way that doesn't ping my mailing list software's attachment detectors (yet works for mail clients). It's been known to pass itself off as 'ordinary' things (yawn), an app to get rid of itself (cute), and, once, a faked bounce to postmaster of a message that never actually been sent, which I thought was clever as all hell.
I can afford to be more philosophical than most about the morphs: I read my mail in a text-based mail reader (http://www.mutt.org/), directly from the server which runs Linux. Hulk SMASH whenever it turns up on a friend's machine, which I invariably follow with a lecture on Why Outbreak Express and Lookout! Suck Mighty Nads and So You Should All Use Eudora.
I've been keeping track of all the data I can find about it. http://www.sophos.com is pretty cool for info on the thing's variations. For the most part we keep it out by means of me reminding people once or twice a week not to open anything with an attachment unless they're expecting it, and I check urban legend sites for virus warnings each day, plus antivirus sites, for more information to make sure nobody's going to make a mistake about Klez or any real virus or hoax. It's got a good sense of polymorphism, I'll give it that, and it was a real bitch to get off this laptop, but it's finally gone.
Little fscker. I hope whoever wrote it comes down with a good solid case of herpes, plus a good solid case of ugly (so that he doesn't have much luck spreading the case of herpes). That should give him an idea of what he's done to the rest of the world.
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
winterfish
no subject
Date: 2002-07-31 11:35 am (UTC)I can afford to be more philosophical than most about the morphs: I read my mail in a text-based mail reader (http://www.mutt.org/), directly from the server which runs Linux. Hulk SMASH whenever it turns up on a friend's machine, which I invariably follow with a lecture on Why Outbreak Express and Lookout! Suck Mighty Nads and So You Should All Use Eudora.
Very small, very grudging respect.
Now back to the abjuring!
-- Lorrie
Oh, it's a tough little bastard, all right.
Date: 2002-07-31 01:53 pm (UTC)Little fscker. I hope whoever wrote it comes down with a good solid case of herpes, plus a good solid case of ugly (so that he doesn't have much luck spreading the case of herpes). That should give him an idea of what he's done to the rest of the world.