egh. Another one. I just got over a virus too :(--------------------------------------Matrix.morpheuz.D Discovered on: April 30, 2003 Matrix.morpheuz.D uses a random TCP port to connect to the IRC server of the hacker's choice. Major targets are backbone servers, with the objective of spreading through all ISPs below the backbone. Infection comes through any connection to an infected server. This virus has various forms, some of which allow the hacker to take control of system services and others capable of destroying or corrupting data. The virus utilizes a new technology called Variable Automated Coding, or VAC for short. The newly infected client machine randomly changes the virus' coding with each succesive infection. The unique virus is then sent to another machine, and so on and so forth. With this random style of creation, the virus may be completely harmless, but if the same machine tries to connect to an infected computer again, it might get a more potent, potentially unrecoverable strand. Type: Polymorphic virus Infection Length: 31,232 bytes Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me, Systems Not Affected: Macintosh, OS/2, UNIX, Linux virus Definitions (Intelligent Updater) * No definition at this time. virus Definitions (LiveUpdate

Yep....These are released every day, one warning after the next.... They are often the topic of my weekly IT meetings, especially those like this that target servers. Just a suggestion though--next time, post a link. Pasting text verbatim from Symantec's website is a violation of their copyright...-John

Thanks. I'm just so mad though, because I just got over a virus last week (ie No sleep :-mad)This one bothers me because it's not supposed to activate until May 15, so how does one know if he has it?

"This one bothers me because it's not supposed to activate until May 15, so how does one know if he has it?"I always check for new services, processes, and run entries in the registry. So many of these viruses install themselves so in one way or another, their process launches at bootup. The real nasty ones are the ones that modify Windows core dll's and exe's. You don't see as many of those, as it takes a bit more programming skills than 90 pct. of the ones coded by "script kiddies"...I actually consider the worst period of virus outbreaks that of the mid-90's, as we had far more in the way of boot sector viruses then. They did not spread as rapidly, since they used floppies as a primary means of spreading, But they were very destructive.-John