BOOT CAMP ARCHIVE 2000

  

 

BOOT CAMP 128

VIRUS ATTACK!

Conspiracy theorists have been having a field day with the latest outbreak of email viruses. Everyone from anti-virus software manufacturers drumming up business to the FBI and dark forces within the music industry has been blamed for spreading them. But wherever they come from the bottom line is that your PC is under attack, and Mac, Linux and even palmtop PC users needn’t look so smug, there are plenty of little nasties on the loose out to get you too!

Nevertheless, up to now the main target has been Windows 95 and 98 PC owners and in particular those using Outlook and Outlook Express email clients. In adding extra functionality to these programs Microsoft has inadvertently created a number of security loopholes that virus writers have been quick to exploit.

Providing you take sensible precautions the chances of being infected are relatively small; this week we’ll be looking at some simple commonsense measures you can take to protect your PC and the data stored on it. Most viruses have clearly identifiable behaviour patterns or ‘signatures’ that anti-virus software can be programmed to recognise. If you haven’t got a virus ‘scanner’ on your PC you are just asking for trouble get one now, and make sure you regularly back up all non-replaceable data. The effectiveness of anti-virus programs depends entirely on how often you update the software. It’s no good hoping that the freebie anti-virus software that was loaded on your machine when you brought it will protect you; it was out of date long before you got the computer home!

An estimated 300 new viruses are created each week and as recent events have shown they can spread like wildfire. The ‘ILOVEYOU’ virus infected several million PCs and systems around the world in a matter of hours; anti-virus software companies respond quickly but it can still take them several days to come up with counter measures and make them available to users.

The damage caused by viruses varies enormously and the good news is that most are relatively harmless or benign. If you receive a lot of email you may have one or two infecting your machine without you knowing it, even if you follow the very sensible advice about not opening unsolicited email attachments. E-mail viruses, or ‘worms’ can get into your machine just by opening a message and this can be a very serious problem if you are using an older version of Outlook Express 4 and 5 and haven’t downloaded the self-installing security patch which can be found at:

http://www.microsoft.com/technet/security/

bulletin/ms99-032.asp

click the following link to start the download:

ftp://ftp.microsoft.com/peropsys/IE/IE-Public/

Fixes/usa/Eyedog-fix/x86/q240308.exe

This will protect you against the many variations of the ‘BubbleBoy’ Java Script worm, which was released last year and continues to proliferate under a variety of different names. Fortunately it rarely damages files but it is self-proliferating and will attach itself to emails sent by you to others. One of the most virulent strains is known as ‘Kak’. If your PC or email program has been behaving oddly recently, unusual ‘Driver memory’ and Registry error’ messages have been appearing on the screen, you’ve lost the ability print emails from within Outlook Express or the PC switches itself off for no apparent reason, then Kak or one of its cousins is a prime suspect. There are also suggestions there’s a version that affects Netscape Messenger though we have yet to see any hard evidence of this.

If you think you have been infected don’t despair, it’s fairly easy to remove the files from your machine, you’ll find full instructions and more details about the worm on the following web sites:

http://www.datafellows.com/v-descs/kak.htm

http://vil.mcafee.com/dispVirus.asp?virus_k=10509 http://www.symantec.com/avcenter/venc/data/

wscript.kakworm.html

The trouble is a worm like Kak can be sent to you quite innocently inside an email from someone you know and trust. Simply reading the message activates the worm and the first you know about it is an error message or an on-screen prompt asking you if you want to run an ‘ActiveX Script’, but by that time it’s too late. Once the patch is installed you will see ActiveX warning messages if you receive an infected email; don’t worry, it can no longer damage your machine, just make sure you alert then sender.

The infamous ILOVEYOU virus, also known as the ‘Love Bug’ and the ‘Killer from Manilla’ makes use of another Windows feature called Visual Basic Script. Unlike BubbleBoy and Kak this one gets into your PC via an email attachment with the extension *.vbs. It can do nothing unless the attachment is opened, so NEVER open attachments unless you are absolutely sure they are safe! If you are in any doubt delete it and contact the sender.

News of the Love Bug virus spread quickly and most PC users are on the alert for bogus messages of affection, but within days of the original outbreak the code had been modified and there are now dozens of variations, riding on the back of emails attachments with plausible headers, like ‘Check this out’, ‘Very Important Please Read’ and so on. It takes a great deal of self control not to open an attachment with an innocuous or intruiging messages, especially if it has been sent by a friend or colleague.

The latest anti-virus updates should be able to identify and disinfect most strains of the Love Bug but you can reduce your chances of being infected, or if it does, stop you passing it on to others by disabling the Visual Basic Script feature in Windows. It’s unlikely to cause any problems if you’re using a stand-alone machine running standard office type applications. The procedure is very simple, in Windows 98 open Control Panel (Start > Settings) double-click on the Add/Remove Programs icon and select the Windows Setup tab. Double click on Accessories and scroll down the list to Windows Scripting Host, deselect the check box and click OK. In Windows 95 open My Computer, select got to the View menu, select Options and the File Types tab. Scroll down the list to find

‘VBScript Script File’, click Remove and in the confirmation dialogue box that appears select Yes. For more information on current virus infestations have a look at:

http://www.symantec.com/avcenter/index.html

 

Next week – the art of envelope printing

 

JARGON FILTER

ACTIVEX

Powerful programming tools used to add multimedia components and features to Internet web pages

JAVA

A versatile Internet programming language used in a wide range of applications, including creating animation and web page forms

WORM

A type of virus, usually hidden inside another program, designed to penetrate a computers operating system. Once activated it is programmed to replicate and attach itself to other programs or emails

 

TOP TIP

If you’re too mean to buy anti-virus software, or you’ve relied on luck until now , try a free on-line scanner from Trend Micros. It only takes a few minutes, to download after which it will search through all of the drives on your machine. If any infected files are discovered it will offer to clean or delete them. You can re-run the check simply by adding the web page to your list of favourites. We were amazed to discover one moderately well used office PC contained no less than three Visual Basic Script virus files that other virus scanners had overlooked. Give it a try!

http://housecall.antivirus.com/

Search PCTopTips 


Web

PCTopTips

Boot Camp Index

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

 

Top Tips Index

Windows XP

Windows Vista

Internet & Email

Microsoft Word

Folders & Files

Desktop Mouse & Keyboard

Crash Bang Wallop!

Privacy & Security

Imaging Scanning & Printing

Power, Safety & Comfort

Tools & Utilities

Sound Advice

Display & screen

Fun & Games

Windows 95/98/SE/ME

 

 

 

 

 

 Copyright 2006-2009 PCTOPTIPS UK.

All information on this web site is provided as-is without warranty of any kind. Neither PCTOPTIPS nor its employees nor contributors are responsible for any loss, injury, or damage, direct or consequential, resulting from your choosing to use any of the information contained herein.