tutorials & features
Return to posts index
on May 14, 2002 at 2:50:54 pm
OK people. This thing is really, really, horribly bad. It is walled the "Winkeqe" virus and is apparently not on a lot of radar screens yet. (The folks at McAfee hadn't seen it until I brought it to their attention.)
If you access the web via a PC, you're at risk. Here is how it works.
First, it starts off like a general html file. You check your e-mail via Eudora or Outlook and VIOLA! You needn't even open the file and it's already seemingly executed a "EXE" file. You can check for it by using your "task manager" and looking for a task called "Winkeqe.exe". If it is there, make no mistake, you're infected.
Here's the kicker. If you're on a PC-to-Mac network, the Macs can get sick too, but the results are a lot more serious, or at least in our case. This is the explaination I got from McAfee tech support. Anytime you transfer ANY file via DAVE or Timbuktu or natively from a PC, you open a momentary gateway to and from your Mac and PC. It is during this miniscule time period that the "bug" slips through, regardless of permissions. On the PC, it causes an immediate reacction by sucking up nearly 15 MB of RAM and waiting for you to connect to the web. If you have a cable or DSL "live" connection, it goes to work immediately. It goes through your hard drive and turns all of your executable files into HTML files. But, reinstalling the software isn't a cure as it will only do it again and again and again. The HD must be either swiped clean and re-loaded from the OS up or you will need to look for the patch at McAfee in a day or two.
If you're on a Mac, it goes into your "main" folder and starts screwing with memory settings. After it has reallocated memory from your programs and to itself, (which can't be changed through the memory manager) it commences in "eating" its way to your system folder and starts the ever so popular extension dissolution of a few years ago. All your extentions will appear to be in place, but you will get boot time errors and conflictsleft and right. And if you're using Conflict Catcher 8 or newer, it starts and infinite "boot-loop" unless you decide to start up without any extensions.
Now, I'm not passing this on just to blow hot air as it has happened to more than a few people I know, but instead to let you know what it is and how you get it. I am at a laptop in a local "cafe" and will be back on-line in a day or two, but be very careful with your mail.
Current Message Thread:
by Michael Munkittrick on May 14, 2002 at 2:50:54 pm
All Rights Reserved