W32.Goner.A@mm

[Sweeper]

http://securityresponse.symantec.com...oner.a@mm.html

Symantec Security Response

Sweeper

[jadison]

I read about that one earlier...this one will probably surpass Melissa and a few others...be sure to stay AV updated...thanks Sweeper!

Check HERE for more info.

-=jd=-

[Sweeper]

It doesn't look to good. Just received an update today for my AV. Hope the exchange server at work does its job and picks it up. Guess we'll see......

[korgul]

We got hit at work but luckily we use Lotus Notes for E-mail. We had one user open the attachment but did not get infected. We found out later that the company that sent it to us had all of their servers shutdown. With a total of 5400 infected machines. Not sure they mean that all of the machines were infected or if that was the number of machines that received the E-mail.

The bad part was is that they use a global address book so I am thinking that this was just in one building.

korgul

[Sweeper]

Well, hopefully we don't have anyone open anything. Our Information Technology Group will hopefully keep a good eye on the rest of the servers... (13 total).

Yeh - just as thing were winding down for the day we got a notice form the province wide SRT members - a minute later our network macafee was auto updating so I think we were getting braced for a hit.

Last time a personal web server on a couple of machines was the breach in the firewall - not a good day for network guys

wizofid

[Emc2]

We're looking to get a couple of cases for that virus. Starting this past July, we changed every one's Norton A/V to unmanaged, and set their definitions to update every day. Unfortunately, we only did this on the computers we worked on, which was only about 75% of the campus. We know that there's at least one idiot professor out of that remaining 25% that's going to open it and infect a lot of others.

People who make viruses should really be put away like terrorists, since it really hinders productivity. On the other hand, as a paradox, it provides jobs to people at symantec, and give student technicians like me stuff to do at work

[vass0922]

We have software (Antigen)
(www.sybari.com)

That scans all incoming email in realtime with several different scanners plus you can put a filter on specific file types/names

For us we simply put gone.scr in the filter and we'll never hear a peep from it

(granted that somebody doesn't get it from yahoo mail or something ) This will work till we get a sig file by the time the variants start popping out with different file names.

It works with Exchange and Lotus Notes

[vass0922]

WOW
Just checked our logs in curiousity
ONE server (maybe a couple hundred users) LOTS of those things were yanked from the emails!

And thats just one out of close to 40 servers

[alondra]

just finished loading everything into my new 20G HD opened an Email thought was from my son .. couldnt get it to work. didnt realize it was a virus till I saw a pic of it on TV news.
now suspect everyone on my Addy book got it. how do we get rid of it. no punishment is to much for authers of such stuff