            
|
- Worm scares
Internet users - The
Hindu, March 3, 2001
- "Chernboyle"
virus may hit tomorrow - The
Hindu, April 25, 2001
- Anna virus
spreading - The Hindu,
Feb 15, 2001
- New Computer
Virus Threat - The
Hindu, Dec 22, 2000
- Another virus
threatens Internet - The
Hindu, Dec 05, 2000
- New worm
prevents access to anti-virus
sites - The Hindu, Sep
28, 2000
- Virus Marker-O
Strikes - The Hindu,
July 29, 2000
- A Solution to
tackle virus attacks - The
Hindu, June 23, 2000
- Alert Sounded
for Internet bug - The
Hindu, May 28, 2000
- Beware the worm
- The Hindu, May 13,
2000
- Solution to
combat Internet worm - The
Hindu, May 13, 2000
- CIH virus to
hit today - The Hindu,
April 25, 2000
- Chennai firm
offers solution to virus - The
Hindu, June 13, 1999
- CIH to hit
again - Express
Computer, May 12, 1999
- Dangerous
Computer Virus - The
Hindu, April 24, 1999
- Melissa plays
havoc, Prognet Fires solvo - DQ
Week,April 3,1999
- Melissa Virus
attacking computers - The
Hindu, March 30, 1999
Worm
scares Internet users - The
Hindu, March 3, 2001
A Worm that
spreads through the Internet using
Outlook and Outlook Express, infected
several computers last night, throwing a
scare among users including those in the
city.
The Wscript/Kak
worm affects those using Internet
Explorer 5 and Outlook/Outlook Express.
When viewing the mail in these e-mail
clients, the VBScript code in it creates
"KAK.HTA" in the startup
directory.
The city-based
anti-virus software maker, Prognet
Technologies, says that when running
startup next time, it will create"
KAK.HTA" in the Windows folder and
change the MS Outlook Express registry
setting automatically copying itself to
every outgoing message as a signature. It
keeps spreading through this mode. The
worm comes in different variants and each
attacks on the different date and in a
different style, displaying a few windows
confusing and scaring the users. A system
shutdown is caused by one variant of the
worm, which struck last night timed for
March1.
After cleaning
the worm, the user should download a
patch file from the Microsoft Security
Bulletin (MS99-032) to avoid further
attacks, says the Prognet Managing
Director, Mr. Stanley Rakesh.
A free utility to
detect and clean the virus has been made
clean the virus has been made available
at www.fireantivirus.com.
"Chernboyle"
virus may hit tomorrow - The
Hindu, April 25, 2001
The
"Chernobyle" or CIH virus,
which ruined motherboards during each
past strike, could hit computer users
again on April26, anti-virus software
makers have said. The virus could be
dormant in computers, and get activated
on April 26, damaging both the
motherboard and the hard disk, city-based
Fire Antivirus said ktoday.
A solution to
detect and clean the virus is available
free at www.fireantivirus.com according
to Mr. Stanley Rakesh, managing director
of the company.In the wake of a CIH
strike, some motherboards could be
revived by replacing the BIOS chip is
soldered to it.
In another
scenario, if the Flash BIOS is write
protected by jumper, the CIH virus
deletes all data stored on the hard disk,
which practically puts every computer
User at risk.
Over the past
couple of days, 1,800 users have
downloaded the clean-up utility from
Fire, the company said. CIH is rated as
the most dangerous virus globally, as it
is the only one targeting hard ware, and
its author landed behind bars.
Anna
virus spreading - The
Hindu, Feb 15, 2001
An alert has been
sounded for
"Annakournikova.jpg.vbs", an
internet virus that enters computers as
an e-mail attachment and mass mails
itself using the recipient's address
book.
Although it does
not destroy the files on the recipient's
computer the pattern of its spread
threatens e-mail servers through sheer
overload.
The encrypted VB
script worm uses Microsoft outlook to
spread and its message boy is
"Hi:check This!", according to
Prognet Technologies, and anti-virus
software company which has posted a free
solution to it at its website,
www.fireav.com.
The VBS extension
would not appear if Windows Scripting
Host is installed, in which case it
appears as a jbg file. On opening the
attachment, however, the virus copies to
windows system folder.
Back to the Top
New
Computer Virus Threat - The
Hindu, Dec 22, 2000
Computer virus
expert have warned about a new virus that
will get activated on -December 25 and
damage the mother-board and hard-disk.
Called "Win32/Kriz", this
"portable executable", virus
will infect the .EXE files under Win9x
and WinNT 4.0 platforms. At present five
known versions of Kriz have been
reported.
The virus
directly attacks the code stored in the
flash ROM chip and makes the computer
unbootable, says Mr. Stanley Rakesh of
Prognet Technologies, which makes Fire
Antivirus. A free solution could be
downloaded to detect and clean the virus
at www.fireantivirus.com.
Back to the Top
Another
virus threatens Internet - The
Hindu, Dec 05, 2000
An internet
virus, Prolin, working as a worm poses a
serious threat to internet users, with
capability of copying all e-mail ids in
the affected person's MicrosoftOutlook
address book, automatically sending
itself to these addresses and renaming
files On the hard disk.
Outlining the
worm's potential for harm, anti-virus
maker Prognet Technologies said today
that it had posted a solution to detect
and clean the virus at its site,
www.fireantivirus.com. The Prolin virus
written in Visual Basic 6, comes as an
attachment file, with the subject "
A great Shockwave Flash Movie" and
the body stating "Check out this new
Flash movie that I downloaded just
now… its great" and an
attachment "Creative. Exe".
The virus
searches for files with extension.zip;
.mp3 and .jpg, renaming , them with an
additional extension and moving them to
the root directory. It also creates a
file named c:\messageforu.txt in the rood
directory, signed by "The
Penguin", with text that warns the
recipient that "this a
warning…I could have completely
wiped out your har disk", and
challenging the affected person tko
reverse the process. As a conclusion, the
virus sends a notification message to the
virus author , with the subject,
"Job Complete", and the
message, "Got Yet Another
Idiot".
Back to the Top
New
worm prevents access to anti-virus sites
- The Hindu,
Sep 28, 2000
A complex
computer virus name MTX threatens to
spread fast via email and prevents the
affected user from accessing prominent
anti-virus sites on the internet. The
virus, with three components, a virus,
worm and a backdoor, enters the machine
as a attachment with one of 32 names, but
has a blank message body and subject line
in the e-mail, Prognet Technologies,
which provides free detection of the
virus at its website,
www.fireantivirus.com, said.
The worm monitors
all the Internet sites that the user
visits and the e-mails sent. It attaches
itself to all the outgoing emails, and
restricts the usage pattern. The backdoor
stays active and downloads dangerous
files from the specific virus group site.
When activated in Windows it affects
files with .exe and .dll extensions. The
use of Entry point obscuring technology
by the virus makes it difficult to solve.
Back to the Top
Virus
Marker-O Strikes - The
Hindu, July 29, 2000
A virus gets
activated by opening a word document has
affected several computers across the
country. Though it does not destroy files
on memory chips, it slows down machine
speed while opening and closing
documents.
Called W97/Marker
- O the new virus is a modified version
of W97M/Marker virus. If a computer is
infected, the virus checks for system
date while opening word document. If the
month is greater than seven and the day
is greater or equal to 23, then it will
display the message " did you wish
Shankar on his birthday?" The user
is given the option of saying "yes
or no". While closing the document a
caption says, "happy birthday
Shankar on his birthday?" If the
"yes" option selected its says.
"Thank you! I love you. You are
wonderful." If the "no option
is selected It displays, " You are
heartless. You will be punished for
this."
According to Mr.
Stanley Rakesh of Prognet Technologies,
which makes Fire Anti-virus programmes,
the virus will display its payload from
July 23, to July 31. A programme to
detect the virus could be downloaded free
of cost from www.fireantivirus.com.
Back to the Top
A
Solution to tackle virus attacks - The
Hindu, June 23, 2000
Internet users
threatened by a new virus, VBS. Stages,
which spread through email, Mirc, pirch
and ICQ, have been offered a free
solution.
The Virus which
is in fact a fast spreading internet worm
capable of overloading mail servers,
picks up addresses from the address book
of MS Outlook and sends mail randomly.
The subject line
will be either "Fw" or
"Life stages" or
"Funny" or combination of these
says Mr. Stanley Rakesh, of Prognet
Technologies, markers of "fire
antivirus" software.
According to him,
the body of the mail will be " The
male and female stages of life" and
the attachment will be
LIFE-STAGES.TXT.SHS. The worm is
disguised because the.shs extension is
invisible and the user is made to believe
that it is a harmless text file.
It spreads to all
available mapped drives with random
names. The worm also modifies the
registry and generates a copy in the
recycle bin. Prognet has offered a
solution for the virus which can be
downloaded free from www.fireantivirus.com.
Back to the Top
Alert
Sounded for Internet bug - The
Hindu, May 28, 2000
An alert has been
sounded for an internet bug, W97M/
Resume, that enters computers through
email and deletes all files in the user's
mapped drives.
Appearing as
harmless"Resume". In the mail
from "Janet Simons". The
internet worm targets users of
Microsoft's Outlook email client. The
attachment with the mail, once opened,
will do the damage by sending email to
all entries in the available address
books and executing the file deletions
later.
Once the
programme is closed, it deletes all the
files in the mapped drives nad the
following directories: C:\My documents\**
C:\WINDOWS\**
C:\WINDOWS\SYSTEM\**
C:\WINNT\**"
C:\WINNT\SYSTEM32\*.* says Prognet
Technologies, which has put up a free
solution to the worm at its site
www.fireantivirus.com.
This variant of "Melissa" bears
the subject Resume-Janet Simons and has
the attachment: Explorer.doc or
Resume1.doc or Normal.doc.
Prognet said users of its Fire anti-virus
are protected as its automatically
detects the worm in the name W97m.melissa
variant.
Back to the Top
Beware
the worm - The
Hindu, May 13, 2000
Mother's Day is
not all about love and caring of
cyberspace , there are malevolent
programmers working to leave some
computers users with devastating after
effects. Their gift for Mother's Day is
an Internet worm that goes by the same
name, as a variant of VBS/Love letter.
Beware the worm today.
What looks like a
news of a warm and glowing gift in E-mail
message actually wrenks havoc on picture
files on the computer and unleashes a
Trojan, to steal password
Says Mr. Stanley Rakesh of Prognet
Technologies, which makes Fire Antivirus.
The worm opens MS outlook Address Book
and sends e-mail to all addresses
contained in it, causing heavy traffic
and crash of servers as well.
The E-mail
arrives with the subject:Mothers Day
order confirmation the body as amessage
to the effect that the credit card of the
recipient has been charged for a
particular amount for the mother's day
diamond special".
The mail further
states that a "detailed
invoice", has been attached to the
mail, which should be printed out and
kept in a safe place. The body contains
attached the email address
mothersday@subdimension.com. The deadly
crgo, of course, is the attachment
mothersday.vbs.
But doomsday can
yet be averted, with a visit to the site
www.fireantivirus.com which provides a
free utility to detect and clean this
virus, and appropriate antivirus
software.
Back to the Top
Solution
to combat Internet worm - The
Hindu, May 13, 2000
A solution for
the new internet worm, south park, has
been offered by an antivirus company here
free. It will help detect and clean the
infection which appears as an e-mail with
the subject "subject Alter!"
Fire Antivirus
from Prognet Technologies has hosted the
solution to the worm at its website
www.fireantivirus.com which could be
downloaded without charge.
The bug which
uses Microsoft Outlook and copies a .exe.
files to floppy and mapped drives to
spread, is 19,968 bytes long and is
written in Visual Basic the e-mail
attachment is name"south
park.exe". says a press release from
Prognet Technologies.
The major impact
of the worm is that it creates a
"swapfile.vxd, in the windows
directory and fils the entire hard disk
with garbage. Windows then shows that
hard disk is full as an alert message. It
also creates an autoexec file on floppies
to spread the damage.
The technical
team of the company says the worm has a
dormant attacking capability and could
activate in different forms. More details
of the worm would be updated soon.
Back to the Top
CIH
virus to hit today - The
Hindu, April 25, 2000
Those who thought
about the havoc wreaked by CIH computer
virus in flashback terms, please fast
forward to April 26, There is little time
left before the computer is licked clean
by the virus again.
The CIH virus,
which affected about 4000 computers in
Chennai alone, might be staging a
comeback today. According to Mr. Stanley
Rakesh of Prognet Technologies , a virus
company which is cruising the Net with an
electronic microscope looking for the
non-living danger. CIH will activiate its
"payload" again today.
This could damage
the motherboard and the hardisk,
according to Mr. Rakesh there are 15
known versions of the virus and one of
them hits computers on April 26, The
virus made its maiden, but destructive
appearance on this day last year.
For those without
fool proof antivirus protection in their
computers its is safer "to boot the
system with a clean bootable floppy disk,
then check for the virus before booting
through hard disk says Mr. Rakesh. Those
who are unsure should not touch the
computer on 'Wednesday. A free solution
to the virus can be downloaded from www.fireantivirus.com
Back to the Top
Chennai
firm offers solution to virus - The
Hindu, June 13, 1999
A Chennai based
anti-virus company has offered a solution
to prevent computers from being hit by
the latest threat, the e-mail worm,
ExploreZip. Computer users can download
the protection free from the Internet
site www.fireantivirus.com, said the
Prognet Technologies in a press release
today.
ExploreZip uses
standard e-mail software such as Outlook
Express and Exchange hits Windows 95, 98
and NT systems. Files affected by the
worm are reduced to zero byte, and data
is thus non-recoverable.
The worm comes as
an attachment,
"zipped-files.exe" and when
executed, copies itself to the Windows
system registry to damage targeted files.
Back to the Top
CIH to
hit again - Express
Computer, May 12, 1999
A more dangerous
and deadly virus called "CIH"
has damaged the motherboards and hard
disk of many computers (on 26th of April
1999) and is all set to activate again on
June 26. The CIH virus is spread through
disguised download via Internet.
At present, there
are four known versions of CIH virus,
which destroys motherboards and or hard
disks. The first and second versions had
already dropped its payload on April 26.
The third version will strike on 26th of
June and the fourth version on the 26th
of every month. While the first three
versions are aggressive and long-lived,
the fourth version is to stay for a very
short time.
The computer
motherboards manufactured in the last few
years store their BIOS on a flash ROM
chip which are rewritable. The CIH virus
directly attacks the code stored in the
flash ROM chip and makes your computer
unbootable.
case 1: In certain
motherboards, the BIOS chips are
replaceable and the solution is possible
by inserting a new chip.
case 2: However, in most
cases the BIOS chip is soldered to the
motherboard and there is no solution
except to replace the motherboard, which
could be cost-effective.
case 3: If the flash BIOS
is write-protected by jumper set then the
CIH virus will delete all the data stored
in hard disk which puts every computer at
risk irrespective of the BIOS LAYOUT.
The CIH virus
that affected motherboards and hard disks
amounts to 80 percent, and the remaining
20 percent attacked the hard disks alone,
during the April 26th hit. Chennai-based
Prognet Technologies, provider of
anti-virus solutions, is offering a free
solution for this virus which is
available at www.fireantivirus.com.
Back to the Top
Dangerous
Computer Virus - The
Hindu, April 24, 1999
Mr. Stanley
Rakesh, writes on behalf of Prognet
Technologies, Chennai. A virus more
dangerous and deadly than the melissa
virus, and called "CIH" has
spread rapidly and remains dormant in
many computers. This virus will wake up
or get activated on April 26 and it will
damage the motherboard and the hard disk.
case 1: In
certain motherboard the BIOS chip are
replaceable and solution is possible by
inserting a new chip. case 2: In most
cases the BIOS chip is soldered to the
motherboard and there is no solution
except to replace the motherboard. case
3: If the flash BIOS is write-protected
by jumper set then the CIH virus will
delete all the data stored on hard disk
which puts every computer at risk
irrespective of the BIOS layout.
At present there
are four known versions of CIH virus
which destroys your motherboard or hard
disk. The first and second version will
drop its payload on April 26. The third
version strikes on June 26 and the fourth
version on the 26th of every month. In
the interest of the public we are
providing a free solution for this virus
at www.fireantivirus.com.
Back to the Top
Melissa
plays havoc, Prognet Fires solvo - The
DQ Week, April 3, 1999
Melissa the new
e-mail virus, which has been widely
talked in the media few days ago will
soon fade out (atleast in Chennai) like
other viruses, which has got attention
only for a short span of time. The
Chennai based company, Prognet
Technologies have discovered a software
to attack this virus and this being
offered free to all.
How does it work?
The virus sends, on behalf of the
recipient, a similar e-mail with subject
body-text and attachment to the first 50
addresses in the Address Book option of
Outlook Express.
Similar to other
word macro virus. With the normal.dot
infected, it infects any word document
that is opened thereafter. The virus
displays the following text in the active
document when the 'date' is equal to the
minute. eg April 16th at 10:16 am.
To offer a
solution to Prognet Technologies has
released a public domain cure for the
same. This is available form their web
site www.fireantivirus.com. This virus
creates and Outlook object using Visual
Basic instruction and reads the list of
members from the address book. It sends
e-mail to the first 50 recipients in the
list only if Outlook is present and not
through any other mail client.
Usually, such
viruses attack individual machines, but
this one apparently can overload mail
services by sending out repeated
messages, especially in a large network.
People cannot get the virus by merely
opening up a message, but only by opening
up a message, but only opening the
attached document. Hence, users should be
careful of anything that arrives by
e-mail, especially from unfamiliar
people. The virus also appears to turn
off Office's macro protection, which
could leave users more vulnerable to
future viruses. After cleansing their
machines of the virus, those affected
might need to reactivate the macro
protection.
Like this, there
are other viruses which, can affect the
PC and the network too. For instance and
email titled- it takes Guts to say
'Jesus'- when opened, it will erase
everything on your hard disk. This is a
new virus which is very malicious and not
many know about this.
There is one more
virus which says 'Returned or unable to
deliver'. This will attach itself to your
computer components and render them
useless. According to an AOL press
release, this is a very dangerous virus
and there is no remedy for it at time.
Also there are other virus like list1.doc
which is also quite dangerous and
harmful.
Back to the Top
Melissa
Virus attacking computers - The
Hindu, March 30, 1999
Mr. Stanley Rakesh,
Prognet Technologies, Chennai, writes:
We introduce
ourselves as a software company providing
IT solutions. We have developed an
anti-virus software called "fire
anti-virus kit" which provides
solution for all kinds of virus name
"Melissa". We are the first to
provide a solution for this Virus in
India. It is freely available at www.fireantivirus.com
Virus Name: Melissa virus.
Type of virus: Microsoft
word macro Virus: Infects: MS word 97and
Office 2000 documents:
Details:
This virus grabs
the first 50 addresses from the address
book of Microsoft Outlook Express and
resends the mail. The infected word
document contains the porno site address.
In word 97, the virus disables the Tools
/macro menu commands, the confirm
conversions option, the MS word macro
virus protection, and the save normal
template prompt. The virus then checks to
see if the registry key "HKEY-
CURRENT-USER\Software\Microsoft\Office\Melisa?"
contains the value"...by
Kwyibo." This is how the virus
determines whether it has activated on
this system. The virus then opens
outlook, if present on the system, and
sends one email for each address list.
The email may contain up to 50
recipients.
The email will
contain the subject line: "Important
Message from (user name)" and the
message body will be "Here is that
document you asked for ... don't show
anyone else:-)" The virus then
attaches a copy of the infected
attachment to the outgoing mail. The name
of the original infected attachment was
List.doc, but it could by any name, If
the user does not have the outlook, the
virus will not work. Then the virus
modifies the value of the registry key
mentioned above as it is equal
to"..by kwijibo" indicating
that it has successfully activated on
this computer. After that, the virus
checks to see if the normal template and
active document infected and if either is
not. It infects the file. Finally, if the
day of the month is equal to the minute
(for example. if is march 26 at 3.26
p.m.), the virus will type the following
text on active document: "
Twenty-two points plus triple-word-score,
plus fifty points for using all my
letters. Game's over. I'm outta
here."
visit web site www.fireantivirus.com for more
details. A free download is available to
detect and clean this virus.
|
.