Well, I just put in a 24 hour shift to patch the ol' web, email, main and
terminal servers in one form or another and clean up 30 workstations. Was a
little too late in the blocking of all .exe files on the sybari but I think
this one entered thru the front web door on a client PC hitting an infected
web site.
Odd - two of the PC's out of the 30 were REALLY infected so as I could not
repair. I need to format these boxes. Has anyone seen this virus change or
morph into other executables other that the noted ones (riched20.dll,
readme.exe, load.exe, modified system.ini, plus several other windows
programs)?
Regards,
Ron Jameson
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
