Computer worms usually spread through security holes in computer networks. To stay protected and avoid worm infection, you are to keep your operating system and antivirus software updated. Some computer worms propagate like Trojan horses, which means you can infect your computer by opening an innocent e-mail attachment like "try a new free game", "you are a lottery-winner", etc. Once you have activated the attachment, your files and documents (most often Microsoft Word and Excel) are infected and most likely corrupted.
The aim of this article is to introduce several dangerous computer worms to the public and thus prevent the users from getting infected by them. The most dangerous of them are considered new worms like Mytob.c, LovGate.w, NetSky.t, Bagle.fj Also old types of worm infection are worth mentioning - Nimda, Magistr, Sircam and Bugbear.
Nimda is a computer worm and a file infector, which was neutralized in September 2001. It propagated swiftly causing much damages. Nimda worm infected all Microsoft operating systems: Windows 95, 98, Me, NT, and 2000. The worm infection penetrates to your mail client with a randomly-generated subject and has a readme.exe file attached. There is no text message in the e-mail itself. When the infected mail is opened by Microsoft Outlook or Outlook Express, the worm starts its activity and propagates in different modes.
The worm copies itself into Windows System folder under LOAD.EXE. and modifies SYSTEM.INI file by adding the following line: Shell=explore.exe load.exe -dontrunold This means that next time you start your Windows operating system the worm will already be there.
Nimda was the first worm ever able to change the contents of existing web pages and replace it with infected files available for download. Nimda was the first worm which exploited user personal computers to search vulnerable scripts and security holes. There is a free script called CleanND.EXE which reveals and terminates the Nimda worm from your computer.
The Bugbear worm exploits the Incorrect MIME Header vulnerability to cause not updated computers to execute the worm immediately after opening or previewing the infected e-mail.
It is important to mention that the worm is designed specifically to infect financial corporations. This worm has affected the following systems: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me, while Windows 3.x, Macintosh, OS/2, UNIX, Linux did not catch the worm infection.
The Magistr worm affects Windows applications (EXE-files) and is propagated via infected e-mail messages. The worm is also capable of propagating in LAN (local area network), damaging shared files on network drives. Magistr is efficient on Win32 machines only and remains in the system memory after the infection. The virus remembers ten last e-mail addresses of infected users. When propagating the worm checks the victim's e-mail address, and in case this e-mail address is already in the list, the message will not be sent to it as this computer is already infected.