The following article was prepared by Mike Taylor, C.P.M. for distribution to NAPM affiliate newsletters. 


As the WORM Turns
November 2000

O.K., so you've heard about computer virus' (virii?) and worms. 

Now what do you do about it? 

At the office; call Computer Support, at home; deal with it!

First and MOST importantly.  Don't panic. Verify that the message or information you receive about a potential virus is from a reliable source and/or real. (If you are in a crowded theater and someone yells "fire" don't start yelling it yourself unless you are sure there really is one!) All of the people who forward virus hoaxes to thousands of their friends are just as big a problem.

Check the antivirus and hoax web sites to see if the virus has been reported or if the message is really a hoax.  Links to some popular antivirus centers are located on the purchasing reference page at www.mltweb.com/tools/purchase.htm#Virus

 Second:  Download the latest update to your antivirus software. Like getting a flu shot in the fall. You gotta do it sooner or later. Don't wait until your already sick. NOTE: in some cases, like Melissa, it may take a day-or two for a good "vaccine" (anti virus program) to become available.  

Third:  While you wait for an effective antivirus program, download information about the virus so you know what to look for and what it does. Again, you can get that information from many of the anti-virus web sites.

 

Here is a true life example:

We got the following message from a reliable source. NOTE:  I've changed thm name of the virus by substituting an "*" for the first letter of the name. It should be an "N". This is because some anti-virus programs might recognize the name in this message and refuse to open it.

"Virus Wishes You a Merry Christmas"

TechWeb (11/10/00); 

An Internet worm called *avidad@m that spreads through Microsoft Outlook and Outlook Express is infecting computer systems around the globe disguised as a Christmas greeting, exports said on Friday. The Windows system directory stores the virus when users click on the *avidad.exe file, causing a blue eye icon to appear in the lower right  corner of the screen. Whenever an infected system receives an email, the worm automatically forwards itself to the sender. Although the virus does not overwrite or destroy files, it can freeze Windows or crash a company's email server, experts say. The virus, which appears to have come from South America, has struck many systems in Latin America and the United Kingdom. There have been few reports of the virus in the United States so far.

In response to this message, here is what I did...

I surfed to the Computer Associates Virus Encyclopedia http://www.cai.com/virusinfo/encyclopedia/

There I found a long article about the *avidad worm and was able to see how to spot it and understand what it does to my system.  Based on that information, I know I don't have it yet and I know how to avoid it.

Here is the first paragraph from the encyclopedia:

*avidad (Also known as Win32.*avidad)
Win32.*avidad is an e-mail worm which, despite having a major bug, is still able to spread successfully.

It will arrive in an e-mail message, the subject of which is variable. The worm replies to messages so the subject will usually match one that the recipient has previously sent. The body of the message is empty except for an attachment called…………………………….

NOTE: I suggest you go to the Virus Encyclopedia and read about this worm. Notice that this virus automatically sends email messages. Worms like this are one of the reasons why I strongly recommend you read and prepare all of your email messages while offline and not have you email set to automatically open or send messages.  Thus, if you get this type of infection, it can't send the messages, they will all stack up in your "outbox" and you can delete them before they get out.

Here is a previous article talking about how these virii spread and more tips about protecting yourself. www.mltweb.com/ec/wildfire.htm .


 

MLTWEB is assembled and maintained by Michael L. Taylor, C.P.M. 
Materials and articles prepared by Mike may be shared for purchasing education provided that this source is cited and no fee is charged. The rights for any other use are withheld.
Copyright;  Michael L. Taylor, C.P.M.
Last Updated: 11/26/2016