Skype has learned that a computer virus called "W32/Ramex.A" is affecting users of Skype for Windows. Users whose computers are infected with this virus will send a chat message to other Skype users asking them to click on a web link that can infect the computer of the person who receives the message.
Please note that Skype users ONLY become infected after they have downloaded the link and run the malicious software. The chat message, of which there are several versions, is cleverly written and may appear to be a legitimate chat message, which may fool some users into clicking on the link. Skype has been in contact with the leading antivirus software companies about this worm and currently FSecure, Kaspersky lab , Symantec and Spyware Terminator have already updated their antivirus products to detect and remove the worm. Here's a more detailed look at the situation for those who understand techier talk: list of 1 items . When a Skype user receives the chat message - either from their Skype contacts or users not on their contact list - it includes an internet link. Instead of a .jpg image that it seems to point to, the link actually leads to a virus file. By clicking on the link, the Windows Run/Save dialog box will pop up, asking for permission to save or run a .scr file. This is the virus file and should not be downloaded or run. list end If the user accepts the file, however, their Windows PC will be infected with the "w32/Ramex.A" virus. The worm uses Skype's public Application Program Interface (API) to access the PC. There are two ways to get rid of the worm: the normal way and the techhead way. Most users should NOT attempt to edit their computer's registry manually. For most people, downloading and/or updating their anti-virus software, and scanning their computer to detect and remove the worm, is the way to go. Expert users & only expert users who know what they're doing can also remove the worm manually. OR Download new version of Symantac or Kaspersky lab or Spyware terminator or FSecure list of 8 items 1. Restart the PC in safe mode 2. Run regedit 3. Go to HKLM/software/ microsoft/ windows/currentv ersion/runonce find entry with mshtmldat32. exe. Delete this entry. 4. Go to Windows\System32 directory and delete following files: wndrivs32.exe, mshtmldat32. exe, winlgcvers.exe, sdrivew32.exe 5. Go to windows/system32/ drivers/etc 6. Find file hosts 7. Open it with notepad, ctrl+a and delete all entries (this will resume your antivirus updates), save, close. 8. Restart the PC. list end To unsubscribe send a message to [EMAIL PROTECTED] with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in