De-worming your computer
By Richard Heller
De-worming your computer
This past week I received the following e-mail from a reader:
My e-mail has been doing strange things for the last few days. When I try to delete messages, they come back to me from me, and it seems as though they multiply themselves. I have over 300 messages, and many are the same ones over and over. I delete and they come back again as sent messages from me.
The reader had received e-mail with an attachment containing the Win32.Badtrans.13312 worm. A worm is a form of computer virus that once installed on your computer will attach itself to all of the e-mail that you send. When the person that you send the e-mail to opens the attachment, the worm will be installed on their computer, where it does the same thing when they send e-mail. It works on the order of a pyramid scheme.
The problem with this worm is that it also installs a backdoor program. The backdoor program allows your computer to be accessed remotely; that is, the hacker can get access to your computer while you are online and can see your personal information, delete files, and do whatever they want to your computer.
In order to protect yourself, there are a number of steps that you need to take. First of all is to install an anti-virus program and keep it up to date. The second thing to do is to install a firewall program to prevent others from accessing your computer while you are on the Internet.
If you are using Microsoft Outlook Express (OE) as your e-mail program, you should turn off the automatic preview mode. Hackers have discovered a method of placing a virus on your computer by using a security fault in Outlook Express. If you preview a message, they can install a virus without you realizing it. In order to lessen the possibility of this happening to you, follow these instructions:
After you start OE, click on Tools at the top of the screen, then select Options. Under Options select Read, then take the check mark out of the box that says, Automatically download message when viewing in the preview pane. After you have done this, click on Apply, then OK.
After you have done this, you will no longer see the body of your message when you click on it; you will have to hit the spacebar in order to view the message. This will allow you to decide whether you actually want to open the message or to launch the attachment.
The Badtrans worm is included in the e-mail as an attachment and is sent under 16 different file names, fun.pif, Humor.TXT.pif , docs.scr, s3msong.MP3.pif, Sorry_about_yesterday.DOC.pif, Me_nude.AVI.pif, Card.pif, SETUP.pif, searchURL.scr, YOU_are_FAT!.TXT.pif, hamster. ZIP.scr, news_doc.scr, New_Napster_Site.DOC.scr, README.TXT.pif, images.pif, and Pics.ZIP.scr. You should search your computer for these files, and if found, DO NOT double click on them. Instead, run your anti-virus software and let it clean the computer. Your computer is already infected, and that is the only way to de-worm the computer.
Richard Heller is an independent computer specialist who specializes in repairs, installation, upgrades, technical support, Internet sharing, data recovery and diagnostics. If you have any computer or service-related questions, please send them to The Rock River Times or e-mail firstname.lastname@example.org.