The new virus, commonly referred to as “Here You Have,” is known by several technical names:

As an aside, the phrase “Here You Have” is a retread from the “Anna Kournikova” virus that made the rounds in 2001.

 

According to US-CERT, the subject lines typically read “Here you have” or “JustForYou” and includes a link to a PDF file or Windows Media (WMF) file. Users that click the link are directed to a malicious Web site that will prompt them to download and install a screensaver (.scr) file. In turn, installing this file infects the computer with an e-mail worm that distributes itself to every contact in the user’s e-mail address book. The virus also attempts to stop and delete the user security software.

 

Computer security firm McAfee confirmed the e-mail messages in question take the following form:

 

 

In other cases, the e-mail message takes this form:

 

 

In addition to propagating through e-mail, McAfee reports that the virus also spreads through accessible remote machines, mapped drives, and removable media via Autorun replication.

 

Major antivirus firms have already provided removal tools or instructions:

 

If your computer is affected, only rely on removal tools and instructions from well-known companies. Enterprising malware authors often capitalize on outbreaks by creating and distributing free or paid “removal” tools that can do more harm than good.

 

In general, ensure that your antivirus software is up-to-date, and never click on links in unsolicited or suspicious e-mail ­- even from people that you know - no matter how enticing it may appear. No matter how legitimate a hyperlink in an e-mail appears, it’s easy for malware authors to set up instant redirects to other sites that can immediately infect your computer.

 

If you don’t already have antivirus software installed, consider the free Microsoft Security Essentials application.