Finance
Music
Travel
Mail
My Yahoo!
MessengerBeware of email VIruses..
A complete information about viruses....
The threat of computer virus has been a concerned issue to computer users for a long time. Recently, this issue has become even more serious and affecting nearly all people using computers. As more people in the world are exchanging emails and files using their computers through Internet, computer viruses are proliferating much more quickly and extensively. We are getting to a stage where if we use any Internet services at all, there is the possibility of contracting a computer virus. Sometimes, you may be the culprit for sending your friends a computer virus without being aware of it. This article looks at a few of the recent virus attacks, the mode of transmission, the damages they can do to computers, and ways in which you can prevent a virus infection.
What is a computer virus?
Computer viruses are programs that are designed to spread themselves from one file to another or from one computer to another where the mode of transmission always involves humans beings. We send e-mail document attachments, chat with others in the Internet chat rooms, trade programs on diskettes, or copy files to file servers. When an unsuspecting user receives the infected file or disk, they spread the virus to their computer, and so on.
Some viruses are called worms which are more insidious because they rely less (or not at all) upon human behavior in order to spread themselves from one computer to another. The computer worm is a program that is designed to copy itself from one computer to another over a network (e.g. by using e-mail). The worm spreads itself to many computers over a network, and doesn't wait for a human being to help. This means that computer worms spread much more rapidly than computer viruses.
There are other viruses called Trojan Horses. A Trojan Horse is a program in which malicious or harmful code is contained inside an apparently harmless program or data. The disguised program is introduced into a computer system where it can then get control and do its damage, such as ruining the file allocation table on your hard disk. Trojan Horses do not replicate.
What damages do computer viruses do?
A computer virus may have many variants (mutants), always getting to be more virulent and deadly. At the time this article is written, some of the more recent viruses transmitted by email are:
ILOVEYOU - This worm calls the Microsoft Outlook application and creates messages by iterating through all the addresses in the Microsoft Outlook Address Book. The latest version of this worm does not give itself away by an ''ILOVEYOU'' subject line. Instead, the subject line changes to a random word or phrase every time a computer is infected. The subject line of an infected e-mail starts with ''FW: '' and includes the name of a randomly chosen attachment from a previous e-mail on an infected computer. The e-mail will have an attachment with the same name, but ending in ''.vbs.'' Clicking on the attachment will activate the virus. Like the earlier version, it will send itself to everybody in the user's address book. It will then destroy most of the files on the hard drive, rendering the computer useless until the operating system is re-installed.
CIH - This virus, often referred as the Chernobyl virus, was first discovered in June of 1998 in Taiwan. CIH is a very destructive virus. The first payload overwrites the hard disk with random data starting at the beginning of the disk (sector 0) using an infinite loop. The overwriting of the sectors will not stop until the system has crashed. As a result, your computer will not boot from the hard disk or floppy disk. Also the data that has been overwritten on your hard disk will be very difficult or impossible to recover. You will need to restore the data from backups. The second payload attacks the Flash BIOS (the basic input/output system). As a result, your computer may not display anything on the screen when you startup the system.
PRETTYPARK - Once the worm program is executed, it tries to email itself automatically every 30 minutes to email addresses registered in your Internet address book. It also tries to connect to an IRC (Internet Relay Chat) server and join a specific IRC channel. Via IRC, the author or distributor of the worm can obtain system information, including the computer name, product name, product identifier, product key, registered owner, registered organization, system root path, version, version number, ICQ identification numbers, ICQ nicknames, victim's email address, and Dial Up Networking username and passwords. In addition, being connected to IRC opens a security hole in which the client can potentially be used to receive and execute files.
MELISSA - The Melissa is both a virus and a worm. When a user opens an infected document, the virus will attempt to e-mail a copy of this document to up to 50 other people, using Microsoft Outlook. It infects a MS Word 97 and MS Word 2000 document by adding a new macro module named Melissa. Although there is nothing unique in the infection routine of this macro virus, it has a payload that utilizes MS Outlook to send an attachment of the infected document being opened.
HAPPY99.EXE is a worm program. This program has reportedly been received through email spamming and USENET newsgroup posting. The file is usually named HAPPY99.EXE and appears as an attachment to an email or article. When executed, the program opens a window entitled "Happy New Year 1999 !!" and shows a fireworks display to disguise its other actions. The program modifies the WSOCK32.DLL file in the Windows directory and the worm action will be triggered when an Internet connect or send activity is detected. This creates a new email or a new article with HAPPY99.EXE inserted into the email or article. It then sends this email or posts this article.
What can I do if I suspect a computer virus?
You can find information on the latest viruses at http://www.symantec.com/avcenter/index.html On that page, the latest discovered viruses are listed under the column called 'Top Threats'. Read the information on how the virus is transmitted, what it does, and what damages to your system it is supposed to do. Usually, double clicking or opening the virus file will activate the virus. So, be cautious in opening a suspicious attachment file. If you suspect a virus, delete it immediately. A virus that has not been activated can be deleted and it should not affect anything in your system.
What can I do if my computer system is infected?
If your operating system is not affected, and you can start up the system, you may just install and run an anti-virus software which can detect and remove the virus or even rescue the damaged files and then you will be back in business.
If your operating system is affected but not the BIOS (basic input/output system), and your system will still respond upon starting up, then you can use a clean DOS boot disk to boot up the system. Use a DOS format anti-virus program to scan the hard disk and the anti-virus program will delete the virus or repair the damage. In some cases, the hard disk may have to be re-formatted, and the windows operating system and other applications re-installed. If both operating system and the BIOS are affected, and the screen is all dark and there is no response when you turn on the system, then you are most unfortunate. You would have to contact your vendor and see what system components need to be replaced.
What can I do to prevent computer virus infection?
1. You can install an anti-virus software which will be able to detect the virus if it exists in your system. The software will also destroy the virus for you. Scan everything, including new software diskettes. Keep your anti-virus program updated to stay ahead of any new viruses. Currently the Computer Centre has a policy on Norton Anti-Virus Software for staff and faculty (as it is a department license). If you are an individual, you would have to go to your local computer store to purchase the software.
2. Be leery of unsolicited e-mail attachments. E-mail itself cannot infect your computer, however if you open an infected executable attachment from e-mail, it can infect your computer. Therefore, you should turn off any features that automatically open e-mail attachments or launch programs you download. You can also confirm with the sender before opening an attachment. Use Webmail or Server-sided mail. You can reduce the chance of getting infected with email transmitted viruses if you use webmail or server-sided mail e.g. "pine" because the system does not download new email to your email client.
3. Backup your files regularly on external media. Create an emergency boot disk for your PC. If your system is infected with a deadly virus such as the CIH, you would have to reformat your hard disk and then re-install all system files and program/data files from backups. So backup your harddisk and other system files regularly because they are your last resort.
4. NEVER use pirated software (one of the most common methods for spreading computer viruses). Monday, May 23, 2005 at 11:24 AM
The threat of computer virus has been a concerned issue to computer users for a long time. Recently, this issue has become even more serious and affecting nearly all people using computers. As more people in the world are exchanging emails and files using their computers through Internet, computer viruses are proliferating much more quickly and extensively. We are getting to a stage where if we use any Internet services at all, there is the possibility of contracting a computer virus. Sometimes, you may be the culprit for sending your friends a computer virus without being aware of it. This article looks at a few of the recent virus attacks, the mode of transmission, the damages they can do to computers, and ways in which you can prevent a virus infection.
What is a computer virus?
Computer viruses are programs that are designed to spread themselves from one file to another or from one computer to another where the mode of transmission always involves humans beings. We send e-mail document attachments, chat with others in the Internet chat rooms, trade programs on diskettes, or copy files to file servers. When an unsuspecting user receives the infected file or disk, they spread the virus to their computer, and so on.
Some viruses are called worms which are more insidious because they rely less (or not at all) upon human behavior in order to spread themselves from one computer to another. The computer worm is a program that is designed to copy itself from one computer to another over a network (e.g. by using e-mail). The worm spreads itself to many computers over a network, and doesn't wait for a human being to help. This means that computer worms spread much more rapidly than computer viruses.
There are other viruses called Trojan Horses. A Trojan Horse is a program in which malicious or harmful code is contained inside an apparently harmless program or data. The disguised program is introduced into a computer system where it can then get control and do its damage, such as ruining the file allocation table on your hard disk. Trojan Horses do not replicate.
What damages do computer viruses do?
A computer virus may have many variants (mutants), always getting to be more virulent and deadly. At the time this article is written, some of the more recent viruses transmitted by email are:
ILOVEYOU - This worm calls the Microsoft Outlook application and creates messages by iterating through all the addresses in the Microsoft Outlook Address Book. The latest version of this worm does not give itself away by an ''ILOVEYOU'' subject line. Instead, the subject line changes to a random word or phrase every time a computer is infected. The subject line of an infected e-mail starts with ''FW: '' and includes the name of a randomly chosen attachment from a previous e-mail on an infected computer. The e-mail will have an attachment with the same name, but ending in ''.vbs.'' Clicking on the attachment will activate the virus. Like the earlier version, it will send itself to everybody in the user's address book. It will then destroy most of the files on the hard drive, rendering the computer useless until the operating system is re-installed.
CIH - This virus, often referred as the Chernobyl virus, was first discovered in June of 1998 in Taiwan. CIH is a very destructive virus. The first payload overwrites the hard disk with random data starting at the beginning of the disk (sector 0) using an infinite loop. The overwriting of the sectors will not stop until the system has crashed. As a result, your computer will not boot from the hard disk or floppy disk. Also the data that has been overwritten on your hard disk will be very difficult or impossible to recover. You will need to restore the data from backups. The second payload attacks the Flash BIOS (the basic input/output system). As a result, your computer may not display anything on the screen when you startup the system.
PRETTYPARK - Once the worm program is executed, it tries to email itself automatically every 30 minutes to email addresses registered in your Internet address book. It also tries to connect to an IRC (Internet Relay Chat) server and join a specific IRC channel. Via IRC, the author or distributor of the worm can obtain system information, including the computer name, product name, product identifier, product key, registered owner, registered organization, system root path, version, version number, ICQ identification numbers, ICQ nicknames, victim's email address, and Dial Up Networking username and passwords. In addition, being connected to IRC opens a security hole in which the client can potentially be used to receive and execute files.
MELISSA - The Melissa is both a virus and a worm. When a user opens an infected document, the virus will attempt to e-mail a copy of this document to up to 50 other people, using Microsoft Outlook. It infects a MS Word 97 and MS Word 2000 document by adding a new macro module named Melissa. Although there is nothing unique in the infection routine of this macro virus, it has a payload that utilizes MS Outlook to send an attachment of the infected document being opened.
HAPPY99.EXE is a worm program. This program has reportedly been received through email spamming and USENET newsgroup posting. The file is usually named HAPPY99.EXE and appears as an attachment to an email or article. When executed, the program opens a window entitled "Happy New Year 1999 !!" and shows a fireworks display to disguise its other actions. The program modifies the WSOCK32.DLL file in the Windows directory and the worm action will be triggered when an Internet connect or send activity is detected. This creates a new email or a new article with HAPPY99.EXE inserted into the email or article. It then sends this email or posts this article.
What can I do if I suspect a computer virus?
You can find information on the latest viruses at http://www.symantec.com/avcenter/index.html On that page, the latest discovered viruses are listed under the column called 'Top Threats'. Read the information on how the virus is transmitted, what it does, and what damages to your system it is supposed to do. Usually, double clicking or opening the virus file will activate the virus. So, be cautious in opening a suspicious attachment file. If you suspect a virus, delete it immediately. A virus that has not been activated can be deleted and it should not affect anything in your system.
What can I do if my computer system is infected?
If your operating system is not affected, and you can start up the system, you may just install and run an anti-virus software which can detect and remove the virus or even rescue the damaged files and then you will be back in business.
If your operating system is affected but not the BIOS (basic input/output system), and your system will still respond upon starting up, then you can use a clean DOS boot disk to boot up the system. Use a DOS format anti-virus program to scan the hard disk and the anti-virus program will delete the virus or repair the damage. In some cases, the hard disk may have to be re-formatted, and the windows operating system and other applications re-installed. If both operating system and the BIOS are affected, and the screen is all dark and there is no response when you turn on the system, then you are most unfortunate. You would have to contact your vendor and see what system components need to be replaced.
What can I do to prevent computer virus infection?
1. You can install an anti-virus software which will be able to detect the virus if it exists in your system. The software will also destroy the virus for you. Scan everything, including new software diskettes. Keep your anti-virus program updated to stay ahead of any new viruses. Currently the Computer Centre has a policy on Norton Anti-Virus Software for staff and faculty (as it is a department license). If you are an individual, you would have to go to your local computer store to purchase the software.
2. Be leery of unsolicited e-mail attachments. E-mail itself cannot infect your computer, however if you open an infected executable attachment from e-mail, it can infect your computer. Therefore, you should turn off any features that automatically open e-mail attachments or launch programs you download. You can also confirm with the sender before opening an attachment. Use Webmail or Server-sided mail. You can reduce the chance of getting infected with email transmitted viruses if you use webmail or server-sided mail e.g. "pine" because the system does not download new email to your email client.
3. Backup your files regularly on external media. Create an emergency boot disk for your PC. If your system is infected with a deadly virus such as the CIH, you would have to reformat your hard disk and then re-install all system files and program/data files from backups. So backup your harddisk and other system files regularly because they are your last resort.
4. NEVER use pirated software (one of the most common methods for spreading computer viruses). Monday, May 23, 2005 at 11:24 AM
My Profile
| My name: hisham My Home: kasaragod, kerala, India View my complete profile |
Hisham Resume
My resume
