Return to my Computer pages
Go to my home page
© Copyright 2003, Jim Loy
Can you create a virus? Probably not, although the standard method is to just modify an existing one. But, if you spend a couple minutes reading, you can certainly create a DOS batch file which wipes out an entire hard disk (or does some other damage). All you have to do then, is to con your unsuspecting victim into double-clicking on the icon, maybe by calling it "sex.bat" or "funquiz.bat." Destructive ".exe" or ".com" files are only slightly more difficult to write. Such a file is not exactly a virus; it is called a "Trojan horse."
People send such things by email, as attachments. If you receive files with these extensions: .exe, .com, .pif, .scr, or .bat, from someone you don't trust, don't double-click on the icon. That is suicide, no matter how much the email message raves about it. And don't let your email program automatically execute attachments. Your anti-virus software probably protects you against the well-known, dangerous attachments. But as I said above, it is easy for a beginner to write a devastating Trojan horse. Personally, I would delete the email (with attachment), and empty the trash bin, as I don't want unknown programs like this on my computer.
I also delete emails with unknown ".zip" files (and other compressed files), as these can contain executable files. And WinZip can even run them while they are still compressed.
That brings me to HTML documents. If you have any kind of decent email program, your email messages can load HTML documents, with code hidden in the message, not in an attachment. These can access other HTML documents; they can put Cookies on your hard disk; and they can try to run JavaScript code or Java programs. We all know that Java programs can crash your computer. Supposedly, Java cannot do much damage to your hard disk, but I wouldn't trust it. No email or WWW page will execute Java without my knowledge and permission, as I disable Java unless there is a Java applet that I want to view. I also refuse cookies.
I also delete all messages which seem much too large. I display the file size. And some messages only have a small amount of text, but are of huge size. Now it is probably just sitting there loading a large graphic image or HTML document, but it could be something more sinister.
Use this patch immediately!
I got this email from security@microsoft.com (I have apparently received the same thing from other email addresses), with an attachment called patch.exe:
Use this patch immediately!
Dear friend , use this Internet Explorer patch now! There are dangerous virus in the Internet now! More than 500.000 already infected!
It looks suspicious, doesn't it. But I cannot find it mentioned at Microsoft's site, or at Symantec's site (see update, below), or in a Google search. Of course I have not run the "patch." The email (with the executable file) has a size of 13K, which is much smaller than the Internet Explorer patches that Microsoft has on its download pages. So, I don't know what this email is all about, but I routinely delete it, every time I receive it. If someone (even someone who I know) sends me a patch or upgrade to a Microsoft product, I would certainly go to Microsoft and get the real patch or upgrade.
Update: It took me a while, but I finally found it on Symantec's site, the above-mentioned attachment contains the W32.Dumaru@mm worm (patch.exe is a Trojan horse). It modifies files on your computer, and emails itself from your computer. Your antivirus program may not detect it in your email (Norton AntiVirus does not), as it is harmless (I don't agree with that) until you try to execute the attachment.
Security update:
The above is the top of email, supposedly from Microsoft, which is an improved version of the above Trojan horse. The above, authentic looking, Microsoft email stationery is mostly authentic stuff from Microsoft (with valid Microsoft logos and links), copied by the computer criminal. It even describes an authentic patch, which you can download from Microsoft. The only flaw in this ointment is the attachment, the name of which varies, which will do great damage to your computer. Delete this email, and empty your trash bin. Never ever execute this attachment.
I received this email:
Thanks for the info on the bogus patch, my computer detected it as a virus the first time around thankfully, but I keep on receiving it over and over again. Do you think it will ever go away? It's just a bit annoying!
W32.Sobig.F@mm
Here is another message with executable attachment, which your antivirus program may not detect:
Re: Thank you!
Please see the attached file for details.
The attached executable file which I got today is called movie0045.pif. This too is a virus (Trojan horse) called W32.Sobig.F@mm. The attached file may be called any of these:
And the subject line may be any of these:
This one may or may not be harmless (there is no attachment), but it is not from Microsoft:
====================================================================== Pop-up ads. Viruses. Hackers. I'm taking a stand. ----------------------------------------------------------------------
Computer security is an issue that concerns us all. That's why, as an important part of our ongoing security effort, we've developed Microsoft(R) Windows(R) XP Service Pack 2 (SP2) with Advanced Security Technologies. Download the update or order the CD today at: http://communications3.msn.com/Key=9882.VBpG.C.Cm.KDxNhR
Service Pack 2 provides proactive protection for Windows XP. Which means if you're a Windows XP user, it can help you protect your computer from all sorts of potential problems. Here's what you'll get:
* More secure Internet browsing and communication. Service Pack 2 includes enhancements to Microsoft Internet Explorer and an improved Windows Firewall that help block annoying pop-up ads and help guard against malicious viruses and hackers.
* Simplified security controls. The handy new Windows Security Center puts all your security settings in one central location.
* More of what you love about your computer. You'll get the latest updates and drivers for music, videos, Web browsing, gaming, and more. The easiest way to get SP2 is by turning on your Automatic Update. To learn more and get Windows XP Service Pack 2, visit: http://communications3.msn.com/Key=9882.VBpG.C.Cm.KDxNhR ----------------------------------------------------------------------
*Connect time fees may apply.
Please do not respond to this message, it has been sent from an unmonitored address.
(C) 2004 Microsoft Corporation. All rights reserved. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
This e-mail is intended for distribution within the United States. Please contact your local Microsoft Subsidiary for similar offerings outside the U.S.
Protect Your PC: 3 steps to help ensure your PC is protected Microsoft wants to help ensure your PC is protected from viruses and worms like Mydoom and Blaster, as well as from future threats. Please go to http://communications3.msn.com/Key=9882.VBpG.C.Cm.KDxNhR and follow these steps today.
1. Use an Internet Firewall
2. Update Your Computer
3. Use Up-to-Date Antivirus SoftwareTo get more information and resources about how to help protect your PC, go to http://communications3.msn.com/Key=9882.VBpG.C.Cm.KDxNhR
You are receiving this message because you are a preferred Microsoft Customer. If you have questions about our privacy policies, please read our privacy statement. http://communications3.msn.com/Key=9882.VBpG.D.Cm.HK3JQ.
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052Message-Id: <20040923191749.B98B.2251916-9882@communications3.msn.com>
The above is an outright lie. If you want the service pack, visit http://www.microsoft.com/athome/security/protect/windowsxp/choose.aspx.