http://vil.mcafee.com/dispVirus.asp?virus_k=99209 This is a nasty sucker. I've removed it a few times and had to download quite a few patches to stop it. What makes it hard to remove is you must apply patchs and close any network shares (which it creates) prior to cleaning or reinfection will take place. A discussion should be started about this first traders go to the start button than go to search run a search for admin.ddl, load.exe, readme.eml, mmc.exe Do your part to stop them. The majority of computers are now affected. We need to rid ourselves of this virus. I'm not sure if I am closing all of my network shares properly. Can someone with a lot of computer experience please share. It isn't clear on MCaffee site and running virus scan with current downloads doesn't seem to get rid of virus off my computer.
Robert, this worm will only affect you if you are running a server. If you don't know go to the Windows Task Manager (since I run Win2k I press Ctrl+Alt+Del) and then click the Processes tab. Under there you will find all the individual programs running on your system. Look for anything that ends with .dll If you don't have it, you're all set. It does attack all computers but it can only launch from a server. Another great reason to install a firewall. I use and recomment the FREE ZoneAlarm available at www.zonelabs.com Lets not get carried away here, this has nothing to do with terrorism. When they peeled back the program they found an embedded name of a Chinese province. It seems to be a more vicious cousin of Code Red I and II. I've been getting port 80 probes up the wazoo (more than 100/hr) since this morning. Even if you are infected, do NOT panic. Your computer or your data are under no threat. The worm's effect is simply to propagate itself and in the end it ends up damaging network efficiency as it causes an exponentially increasing amount of traffic.