Melissa by Mayur Kamat SignUp
Boloji.com

Channels

In Focus

 
Analysis
Cartoons
Education
Environment
Opinion
Photo Essays
 
 

Columns

 
A Bystander's Diary
Business
Random Thoughts
 
 

Our Heritage

 
Architecture
Astrology
Ayurveda
Buddhism
Cinema
Culture
Festivals
Hinduism
History
People
Places
Sikhism
Spirituality
 
 

Society & Lifestyle

 
Health
Parenting
Perspective
Recipes
Society
Teens
Women
 
 

Creative Writings

 
Book Reviews
Computing
Ghalib's Corner
Humor
Individuality
Literary Shelf
Love Letters
Memoirs
Quotes
Stories
Travelogues
Workshop
 
 
Computing Share This Page
Melissa
by Mayur Kamat Bookmark and Share

Until now, we have seen the anatomy of a computer virus, its modus operandi and symptoms. To complete this series, I am going to discuss few of the most deadly virus species. These may not be the latest in the offering but are important study materials because they are the source of inspiration for new variants. First on this list is Melissa.

Also known as WM97, Melissa made its first appearance in late 1998. According to its nature, it is a Macro virus. Specifically targeted at Microsoft Word 97/2000, this is supposed to be the first in-the-wild virus which accelerates its spread via email.

If you have Microsoft OutLook98 installed (Latest variants also known to work with Outlook Express 5), the virus will send itself to the first 50 names in your address book.

The message sent by the original Melissa variant contains this subject:

    Important Message From xxxxx

(Where "xxxxx" is the name of the sender, who is most likely someone that you know and who is probably unaware that they are infected.) This is not the only subject of the infected mail you may receive. Different Melissa variants have their own subjects. Try to recognize the pattern of the subject rather than the subject itself.

This e-mail is accompanied by an attachment List.doc (may be different also). This may contain sultry pornographic material. When this file is opened, Melissa lowers the computer security levels and permits use of all macros without warning.

The virus sets the registry key:

   HKEY_Current_UserSoftwareMicrosoftOfficeMelissa?

to a value of "... by Kwyjibo" and emails copies of itself to the first 50 people in your address book, if the above key is not already present. The virus will infect the default template file and all newly created documents on the infected system. So all word documents created henceforth will be infected. if the minute of the hour matches the day of the month, the virus will insert into the current document the message 

"Twenty-two points, plus triple-word-score, plus fifty points for using all my letters. Game's over. I'm outta here."

Damage caused by this virus is variant dependent. Some are known to damage data and corrupt files. Since this is an old virus, all latest anti-virus software readily detect this virus. This is only if you have a virus scanner on all the time. If not, take the following precautions.

  1. Scan all emails with attachments.

  2. Never open any executable attachments unless you have specifically requested the file. (MS Office files, such as MS Word documents and Excel Spreadsheets can contain programs that are automatically executed when you open these files.)

  3. Whenever you run a new program for the first time, run an integrity check to make sure that nothing changed on your PC that shouldn't be. This will help protect against threats like Happy99 and Melissa but will also prevent damage from poorly designed or buggy programs.

  4. Unless you absolutely need to use macros, disable them. (This applies to any program that is foolish enough to have macros that can be executed automatically without the user being aware but the threat is greatest with MS Word and MS Excel.)

    Note: In MS Word2000 make sure your security setting is set to "high" (click on Tools/Macro/Security). This will give a warning before executing any document with a macro.

Next time, we'll take a look at I Love You virus which created headlines and is the most damage-causing virus of 2000.   

Share This:
29-Jul-2001
More by :  Mayur Kamat
 
Views: 1876      Comments: 1

Comments on this Article

Comment Hi Mayur,

Can i have the Name of the book for studying windows registry.
Which will you prefer.

Sufiyan Shaikh
12/14/2010 00:49 AM




Name *
Email ID
 (will not be published)
Comment
Characters
Verification Code*
Can't read? Reload
Please fill the above code for verification.
 
Top | Computing



 
 
 
 
 
 
 
2018 All Rights Reserved
 
No part of this Internet site may be reproduced without prior written permission of the copyright holder
.