Last night someone sent me three emails with a subject line of “Photo+Text” or something like that. The body of the message informed me that Yale University (from whom the emails were alleged to have come) needed my consent for an article on me for their campus magazine.
Now I won’t ask you to “call me stupid but…”, for I shall call myself stupid.
“joseph, you’re stupid”.
Not only did I actually read the email (when I have never had any dealings with Yale Uni and there is absolutely no reason why they would have anything to do with me), but I also downloaded the .zip attachment.
I then opened the .zip file, and on seeing that the enclosed file was a .exe file, I double clicked it.
I think I deserved what followed for displaying such utter stupidity.
The virus, as soon as it was executed, shut down Norton Antivirus and disabled it in a manner that meant I had to completely remove all components and reinstall, in the meantime not being able to find out what other damage had been done. It then deleted all my System Restore points, so I couldn’t undo whatever changes had been made in the background. Goodness knows what else it did. If you have recieved an email from me telling you to delete your teddy bear or something along those lines it’s probably best to ignore it.
In the end end it took me 4 very frustrating hours to get things back up and running. And cost me money too as I had very stupidly not kept a copy of my anti-virus download.
Anyway, the moral of the story is, don’t be Joseph.
Last night wasn’t the first time I’ve been the victim of a virus though.
Two years ago I was the victim of a virus written by the notirous cyber-criminal Lee Hawks, labelled by authorities as “DR. VIRUS”.
Like last night’s, it came in email format. In fact, I think I might still have a copy of it in quarantine. Ah yes, here we are:
“I have unfortunately been very busy lately and haven’t had the time to write a virus. So please take a couple of minutes to delete all files on your computer, then send this to everyone in your address book.
Thank you for your co-operation.”
Took me weeks to reinstall all the software and get my settings back to how they were beforehand.
UPDATE 30th Jan: I received the following email today:
* * *
Over the weekend the majority of University email addresses received an email from J.Hope@yale.edu, firstname.lastname@example.org or possibly some other similar address. The subject line was ‘Photo approval needed’ or ‘Campus Life Article’ and carries an attachment called ‘Photo and Article.zip’.
This is a virus that will install a backdoor way into your Windows PC if the attachment is opened and the .exe file is run. Do not open this email, but instead delete it.
The mailhubs are now blocking new mails carrying this virus. However the current virus definitions in McAfee v8 (the virus checker installed on most campus PCs) does not detect it, nor does Norton Antivirus.
The simple way to check for this virus is to look in the Windows/System32 folder for the presence of the file: csrwnd.exe – if the file is found, your computer is infected.
The way to remove this virus is to restart your computer in “safe mode” and firstly delete the file and secondly use “regedit” to remove any reference to “csrwnd”
* * *
Cheeky blighters. I found that virus 4 times in my registry. Still, all sorted now.