We've Got a Live One!, err, umm... Three!
Holy Crap! I've seen three, count'em, three live viruses in one day.
The first came to me in my Hotmail "Bulk Mail" inbox and was, as near as I could tell, NetSky.B. The thing that's really suprising about this is that Hotmail's virus protection should never have let that attachment through to me. Perhaps this is an subscription only thing now?
The second slipped through our virus protection software before it self-updated. I need to change the settings on our Exchange server to make it LiveUpdate a bit more aggressively, apparently. Our CEO was smart enough to forward it on to me without clicking on it. This time, it was NetSky.C
Finally, I get around to checking a user complaint of a virus with "zip files and can't open excel."
Vague messages like this are usually more pebcak than virus, but I wanted to be sure.
I was remoted into the machine for about 2 seconds before I was sounding the alarm and cleaning off the system. Somehow, the user had gotten a full-blown case of MyDoom.F, the newest, most virulent strain of that little bugger yet. It trys to take down Microsoft.com and RIAA.com, and deletes .doc and other files at random on all mapped drives. This is wonderful, considering the user was mapped to many of our servers.
I've got the removal tool running, and I'm scanning the servers. What a pain in the butt.
