Possible Virus

I had a strain of the cfgwiz32 virus in my inbox, just before nimda hit last
month. Somehow it got past norton corporate, which is on our file server,
exchange server, and my workstation. I knew it was a virus off the bat, as
the subject contained a bunch of garbage characters.

Though AV software is an absolute must, and probably filters out 98% of all
viruses floating around, it is very important for all of us to have company
wide anti virus procedures, and all the latest security updates (though
those updates sometimes have their side effects, but making sure you're not
more than 2 patches behind is prudent)

If everyone had such procedures in place, viruses would not spread at all as
rampantly as they do.

Thaddeus

-----Original Message-----
From: Paul Lipham [mailto:paull@...]
Sent: Tuesday, October 16, 2001 2:56 PM
To: vantage@yahoogroups.com
Subject: RE: [Vantage] Possible Virus


Sounds like the config wiz virus. You can find info about it on Symantec's
web site. Norton AV kills it.

-----Original Message-----
From: Gary Wassing [mailto:gwassing@...]
Sent: Tuesday, October 16, 2001 2:36 PM
To: 'vantage@yahoogroups.com'
Subject: [Vantage] Possible Virus


Anyone heard of an email virus with the attachment "cfgwiz32.exe"? Had a
couple of users get an e-mail with this. I've nagged them enough not to
open these types of e-mail so they called me first. Don't know if it
creates a mess yet or not.

--
Gary Wassing
Systems Administrator
SteelCraft Industries
519-271-4750 x227



[Non-text portions of this message have been removed]



Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/





Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Anyone heard of an email virus with the attachment "cfgwiz32.exe"? Had a
couple of users get an e-mail with this. I've nagged them enough not to
open these types of e-mail so they called me first. Don't know if it
creates a mess yet or not.

--
Gary Wassing
Systems Administrator
SteelCraft Industries
519-271-4750 x227



[Non-text portions of this message have been removed]
Yes, this is a virus, I don't think the attachment, but the e-mail itself.
Can't remember if it's still Sircam or some other worm, but it is a virus
infected mail. I can look back if you like to tell you exactly what virus
this is. Scan your systems !

Richard

-----Message d'origine-----
De : Gary Wassing [mailto:gwassing@...]
Envoye : Tuesday, October 16, 2001 3:36 PM
A : 'vantage@yahoogroups.com'
Objet : [Vantage] Possible Virus


Anyone heard of an email virus with the attachment "cfgwiz32.exe"? Had a
couple of users get an e-mail with this. I've nagged them enough not to
open these types of e-mail so they called me first. Don't know if it
creates a mess yet or not.
A quick check of the internet shows some connections between this file and
the virus W32.Magistr.24876@mm. Briefly, this virus spreads by mailing an
infected Windows system file to other users (of which cfgwiz32.exe).

Make sure your anti-virus program can detect this virus and scan (but do not
execute) the mail attachments.

Brian

> Anyone heard of an email virus with the attachment
> "cfgwiz32.exe"? Had a
> couple of users get an e-mail with this. I've nagged them
> enough not to
> open these types of e-mail so they called me first. Don't know if it
> creates a mess yet or not..
Sounds like the config wiz virus. You can find info about it on Symantec's
web site. Norton AV kills it.

-----Original Message-----
From: Gary Wassing [mailto:gwassing@...]
Sent: Tuesday, October 16, 2001 2:36 PM
To: 'vantage@yahoogroups.com'
Subject: [Vantage] Possible Virus


Anyone heard of an email virus with the attachment "cfgwiz32.exe"? Had a
couple of users get an e-mail with this. I've nagged them enough not to
open these types of e-mail so they called me first. Don't know if it
creates a mess yet or not.

--
Gary Wassing
Systems Administrator
SteelCraft Industries
519-271-4750 x227



[Non-text portions of this message have been removed]



Useful links for the Yahoo!Groups Vantage Board are: ( Note: You must have
already linked your email address to a yahoo id to enable access. )
(1) To access the Files Section of our Yahoo!Group for Report Builder and
Crystal Reports and other 'goodies', please goto:
http://groups.yahoo.com/group/vantage/files/.
(2) To search through old msg's goto:
http://groups.yahoo.com/group/vantage/messages
(3) To view links to Vendors that provide Vantage services goto:
http://groups.yahoo.com/group/vantage/links

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/