For virus removal information, I'd actually say that Symantec or McAfee's anti-virus websites are the places to get knowledge... They do that stuff for a living! ;)

(edited by: mivox at 8:01 pm (utc) on Mar. 27, 2002)

My digging seems to suggest it's W32.Badtrans.B@mm or a variant thereof (not much to go on).

Mivox is right, try McAfee or Symantec for removal instructions.

The use of .pif and .scr extensions is characteristic of badtrans and its variants. The specific repeated use of "text5" isn't, but still it's likely a related MAPI worm.

Most likely any current anti-virus program would handle it.

Thanks, should have thought of that...
I'll wait till the morning. Thanx again:)

Hmmm, badtrans looks likely, but I have attachments of typically around 38/40k, the txt file with 0

Everything I found relating to text5.txt AND .scr/.pif files mentioned Badrans or a variant. The Symantec site doesn't mention a text5.txt file in relation to Badtrans either...it is, unfortunately, the nature of the beast. You kind of have to go with a gut feeling sometimes with regards to virus removal.

Please keep me informed of your progress (if even via sticky mail).

Just thought I'd give a follow up on results....
you guys were dead right. Thanks a bunch for your help. I did try Mcafee first but looked around a little lost in their site and decided to ask the big boys (and girls)for help. Then I went back with a head start. I knew I was in the right place a couple 'a months ago when I fell into this forum. Thanks people.
By the way I got an email today 'apparently' from Microsoft urgently advising me to fire up the attached exe file.
Must be the full moon, I guess¿
Thanks again
tbear

antivirus.com has a virus scan you may want to try, it is free and is done from the webpage. I dont normally recommend this company because I've seen some real idio.. well anyways its there ;)

thanks elite, they actually have anti-virus but it wasn't registered, so not getting updated. It is now and they know a bit of how it works. I put a firewall prog on there for them when I took the contract. Now, it seems, we gotta change all the passwords and stuff. What a pain in the a***
I seem to spend a lot of time dealing with clients security related problems. A couple of weeks ago I convinced them to not open mail in OEx automatically.

Switching to a alternative e-mail client which is just as functional like Eudora is always a positive thing to do, then you will not run into all the security errors that you do with OE. There is a free version of Eudora also ;)