Wednesday, April 21, 2010

The I LOVE YOU Virus

There ain't no love
in this little bug!

If you receive email with a subject line with the phrase ILOVEYOU (all one word, no spaces) in it… DON'T OPEN the attachment named Love-Letter-For-You.txt.vbs.

Over a five-hour period, during May 4, 2000, this virus spread across Asia, Europe and the United States via e-mail messages titled "ILOVEYOU." The menace clogged Web servers, overwrote personal files and caused corporate IT managers to shut down e-mail systems.

A scan of the Visual Basic code included in the attachment reveals that the virus may be corrupting MP3 and JPEG files on users' hard drives, as well as mIRC, a version of Internet Relay Chat. It also appears to reset the default start page for Internet Explorer.

This virus arrives as e-mail with the subject line "I Love You" and an attachment named "Love-Letter-For-You.txt.vbs." Opening the attachment infects your computer. The infection first scans your PC's memory for passwords, which are sent back to the virus's creator (a Web site in the Philippines which has since been shut down). The infection then replicates itself to everyone in your Outlook address book. Finally, the infection corrupts files ending with .vbs, .vbe, .js, .css, .wsh, .sct, .hta, .jpg, .jpeg, .mp2, .mp3 by overwriting them with a copy of itself.

You can get this bug in only one way. If you receive an email with an attachment with the name Love-Letter-For-You.txt.vbs and you execute it, by double clicking on the attachment, you will get infected. Don't execute it, just delete it and you will be fine.


How to keep from becoming
infected by this bug

Of course, first and foremost, never open any email attachment that you are uncertain of. That said, I strongly recommended that if you do not use Visual Basic scripting , (Most Don't) you should turn this option off. To do so:
Click your start button
Click on Settings
Click on Control Panel
Double-Click on the Add/Remove Programs icon
Click on the Windows Setup tab
Click on Accessories to obtain the details
Uncheck Windows Scripting Host if it is checked
Click "ok" to save any changes
Remember, the above will only protect you from the ILOVEYOU virus, and it's variants. Other viruses can still get to your computer.
Variations on the ILOVEYOU virus are already hitting the net. The only sure way to protect yourself from email viruses is, DON'T OPEN ATTACHMENTS even if sent by someone you know. See the links on the upper left of this page for more information.





If you think you are infected

By now all the anti-virus companies have updates for the ILOVEYOU bug and can detect if your computer is infected. Click Here for a list of many of the companies that produce virus diction and removal products.
If your computer is infected you can delete the following files from your infected system:

MSKernel32.vbs in the Windows System directory
Win32DLL.vbs in the Windows directory
LOVE-LETTER-FOR-YOU.TXT.vbs in the Windows System
WinFAT32.EXE in the Internet download directory
script.ini in the mIRC directory




If you need more help E-Mail Me






Special Notice For
TCO customers
Those of you who are customers of TCO “Tehama County Online” please note that the good folks at TCO have implemented a filter that will block this virus from your computer. You just don't have to worry about this problem.


TCO is by-far one of the best ISPs in the business! Visit them at: TCO.NET








--------------------------------------------------------------------------------

Use the above procedures
at your own risk!
J.R. has been building and repairing computers for over 25 years, and has personally used the above procedure on many computers. Each computer is different and the competence of the user can vary. J.R. Whipple, in no way warrants the above procedure, nor can he be held responsible for any problems, loss of data, loss of business, or any other damages caused by the application of the above procedure. If you are not comfortable with the above procedure, DON'T DO IT. If you need help please contact J.R. Whipple & Associates before attempting the above procedure.
The best virus protection is a good Anti-Virus program. Click Here for a list of many of the anti-virus companies.

I hope this helps you keep and maintain a proper and safely running computer. If you have any computer related questions or needs, feel free to call or Email Me.

Removing Files & Programs From Your Hard Drive

Please read the disclaimer at the end of this page, before preforming this procedure.
For optimum performance your computer should have no less then 10% free space on the hard drive. That is, if you have a 1-gigabyte hard drive, you should try to maintain a minimum of 100 megabytes of free space on that drive, 150 to 200 megabytes is even better. If you have a 10-gigabyte drive you should have no less then 1 gigabyte of free space on the drive, etc… If you are running Windows 95/98, you should never have less then 75 megabytes of free space, regardless of your hard drive size.

Deleting files can cause lots of problems. Some programs install parts of themselves into the operating system. If later, the subdirectory that a program is contained in is deleted, when the computer is restarted it may complain that a file or driver is no longer available, and not finish booting.

Some programs include an "Uninstaller" which will safely remove the program from your hard drive. Check to see if the program you want to remove from your computer has an uninstaller, and use it to remove the program from your computer.

Many programs written for Windows 95/98 are 32 bit programs, and can be uninstalled from the "Add/Remove Programs" icon in the control panel. To do this: double click your "My Computer" icon, then double click the "Control Panel" icon, then double click the "Add/Remove Programs" icon. If the program is listed in the window, click once on it then click the "Add/Remove" button, this will safely remove the program from your computer.

If all else fails you may need to manually remove the program from your hard drive. Please be very careful performing the following steps. Mistakes during the following steps can turn a running computer into a very expensive repair problem.

Most third party programs are installed in their own subdirectory or "Folder"

A sure-fire way to insure that a program can be deleted is to hide it from Windows before you actually delete it.

What we are going to do here is rename the subdirectory "Folder" that contains the program, then restart the computer and check ALL the other programs. If everything works ok we can delete the renamed subdirectory "Folder".

First we need to know what subdirectory or folder contains the program that we want to delete. In Windows 95/98 do this by right clicking the icon that runs the program and click on properties, then on the Short cut tab. In Windows 3.x click once on the program's icon then click on "File" and properties in the upper left of program manager.

Once we know the name of the subdirectory that contains the program, we will use Explorer in Win 95/98 or File Manager in Win 3.x to rename the subdirectory, I,e, If your program was in a subdirectory like C:\PROGRAM rename it to C:\PROGRAM.OLD

Now close out Windows and restart your computer. If it starts without problems, check all other programs to insure that a component in the old program is not shared with any other programs. If all is well you can delete the C:\PROGRAM.OLD subdirectory or Folder and the icon for that program. If all is not well, you will need to return the subdirectory's name to the original and restart the computer.

Please note DO NOT rename C:\WINDOWS or any subdirectories under it, or C:\DOS, C:\My Documents, C:\Program Files, or C:\Recycled. Doing so may cause your computer to become a doorstop!

Do only one subdirectory at a time, then restart and test. If you are not comfortable moving around in your hard disk with Explorer or File Manager don't do the above deletions. Take your computer to an expert "Not your friend that has had a computer two weeks longer than you have" but a real expert. I hope this helps. Remember "When in doubt don't do it!"

After you have deleted some programs or files your hard drive may become fragmented. It is a good idea to run "Scandisk" then "Defrag" in that order. Running defrag will reorder the files on your hard drive, and make your computer more efficient.







--------------------------------------------------------------------------------

Use the above procedure at your own risk!
J.R. has been building and repairing computers for over 25 years, and has personally used the above procedure on thousands of computers. Each computer is different and the competence of the user can vary. J.R. Whipple, in no way warrants the above procedure, nor can he be held responsible for any problems, loss of data, loss of business, or any other damages caused by the application of the above procedure. If you are not comfortable with the above procedure, DON'T DO IT. If you need help please Contact Us before attempting the above procedure.

What You Should NOT Install in Your Computer

The following is a list of some types of software that I don't recommend you use:


Disk Compression Utilities
Programs that make more free space on your hard drive by compressing the data can reduce the overall system performance, and in some cases cause loss of all your data.

RAM Doublers

Programs that claim to increase the amount of memory in your computer DO NOT WORK. They slow the computer, and in some cases will cause the computer to become unstable or crash.

Speed Enhancers
Programs that claim to increase the speed of your computer or it's sub systems, such as; CD-ROM drive, Hard drive, etc. Most of these utilities are, at best, of minimal help, and in most cases will actually reduce the overall performance of your computer.

Computer Diagnostic or Repair Programs
Programs or utilities that claim to diagnose or repair problems with your computer are generally more trouble than they are worth. Find a competent computer professional and have them fix your computer.

Cutesy little screen things
Many times a well-meaning friend will email you an attachment, or a link to a web page, that has some little screen animation novelty, that causes gremlins, rabbits, or some other nonsense to hop, crawl, or move around on your screen. Don't download or install these little novelty programs. There are several reasons not to bother with these things:
1. The fun goes away fast, but the program may not. Many of these novelties are easy to install but exceedingly hard to remove from your computer.
2. Most are so poorly crafted that they pose a crash hazard to your computer. They may work just fine on Aunt Martha's computer but can cause instability problems when installed on another machine.

3. Some may contain a virus. For a few minutes of animated fun on your computer screen you may pay the price of a virus that can destroy all the programs and data on your computer. Is five minutes of dubious entertainment worth the risk?

When in doubt throw it out! Before you download, install or run any new program on your computer EMail Us. A few minutes of thought now could save you much time, grief and money later.

Reformatting Your Removable Hard Drive

Please read the disclaimer at the end of this page, before preforming this procedure.

PLEASE NOTE: The following applies ONLY to those that have one of our Dual Removable Hard Drive computer systems. If you do not have one of our Dual-Drive systems DO NOT TRY THE FOLLOWING. Instead see: Starting Over

CAUTION

Formatting, or re-formatting, a hard drive permanently and irrecoverably destroys ALL data and programs on the drive!
Be absolutely sure you know which drive you are re-formatting. DO NOT re-format your only working drive!

If you have any questions or doubts about this procedure, Contact Us before you do any of the following:

We recommend you print this page, so you can more easily follow the instructions



1. Insure you have an "Emergency Boot" floppy disk available. If you don't you can make one from the following steps:


Double click the My Computer icon.
Double click the Control Panel icon.
Double click the Add/Remove Programs icon.
Select the Startup Disk tab, & follow the instructions.

2. Power-down the computer and remove both hard drives.
3. Insert the H/D to be formatted in the top slot. Leave the bottom slot empty.

4.
Insert the boot floppy in the drive. Insure that the CMOS setup is set to boot from the A: drive first. ( See the CMOS side-bar )

5. When the computer boots from the floppy disk you should be at the A: prompt

If you are reformatting the #1 drive, type the following:
FORMAT C: /S /U /V:DRIVE_1 and press "Enter"

If you are reformatting the #2 drive, type the following:
FORMAT C: /S /U /V:DRIVE_2 and press "Enter"


If you are reformatting the #3 drive, type the following:
FORMAT C: /S /U /V:DRIVE_3 and press "Enter"


If you are reformatting the primary game drive, type:
FORMAT C: /S /U /V:DRIVE_6 and press "Enter"


If you are reformatting the secondary game drive, type:
FORMAT C: /S /U /V:DRIVE_7 and press "Enter"


Spaces are Important: There must be ONE space between each command letter, as shown above.

Remember: They are FORWARD-SLASHES not back-slashes. (Forward-slashes are a shifted question mark.

During the end of the formatting process, you may see a "Logging errors" message, ignore it.

6. After the format is completed, remove the floppy disk and reboot the computer. It should boot to a C: DOS prompt.

7. Power down the computer and remove the H/D and install it in the secondary slot. Re-install the primary H/D in the top slot.

8. Power-up the computer, reset CMOS, as in step 4 above, for a boot sequence of C: first then A:

If you have the number 2 or 3 drive in the upper slot, you will see a message that you are booting from the wrong drive. This is normal, press the space bar to continue booting.

9. After your computer reboots to Windows 95/98, do a backup from Drive 1 to Drive 2. By double clicking the "Utilities" icon, then double clicking on the Backup icon.

If the number 1 drive is the drive you just re-formatted, and you have it now in the bottom slot, you will see some warning messages, press the Y key between each message.


10. After the backup is complete, and if the top drive is NOT the number 1 drive, shut down the computer in the normal way and move the drives to the proper order (1 on top, 2 on the bottom).

Make an Emergency Boot Disk

Please read the disclaimer at the end of this page, before preforming this procedure.
Every computer should have an emergency boot disk. Hard disk drives fail. It's not if, but, when your hard disk drive fails to boot, that you will be thankful that you have an emergency boot disk.

To completely eliminate the need for a boot disk, and free yourself from the worries of a hard-disk crash, see our Dual Drive Backup System.

Making an emergency boot disk is a multi-step process, and varies depending on the operating system, version of Windows, and the hardware in your particular computer. The following steps should be considered a guide and not absolute step-by-step instructions. You may need to apply a little creativity during the following procedure. Please read this entire procedure before you start, if you do not understand each and every step, and why you are doing it, DON'T start this procedure before you Contact Us.

1. Place a new, write enabled, empty floppy disk in the A: drive. (The floppy disk is write enabled when the upper right hole is blocked by the black slider.)

2a. If your computer is running DOS or Windows 3.x: do the following, else If your computer is running Windows 95 or 98, go to step 2b )

If your computer is running DOS or Windows 3.x: From the DOS prompt type:

FORMAT A: /S /U /V:BOOT
and press the Enter key. ( Please note the spaces. Double check that you have typed an "A" after the format command, and not a "C".) After the format process is complete you will need to copy a few files to the floppy disk.
The following files should be found in the C:\DOS or C:\(DOS subdirectory:

FDISK.EXE, FORMAT.COM, SYS.COM
Copy these files to the floppy by typing:
COPY C:\DOS\FDISK.EXE A:\ (Enter)
COPY C:\DOS\FORMAT.COM A:\ (Enter)
COPY C:\DOS\SYS.COM A:\ (Enter)


(Go to Step 3 )
2b. If your computer is running Windows 95 or 98 Double click the My Computer icon, then double click the Control Panel icon, then double click the Add/Remove Programs icon. Now single click the Startup Disk tab at the top right of the box, follow the instructions.

3. You now have a bootable floppy disk. If you have a CD-ROM drive, a PCMCIA modem or other special devices, (And are running DOS, Windows 3.x or 95) you will need to copy the drivers and other routines to the floppy disk and make some changes to them. If you are running Windows 98 or better, you won't have to do the following. (If you are running Windows 98 or better, skip to step 6.)

Examine the CONFIG.SYS and AUTOEXEC.BAT files in the root of your hard disk. Find the line(s) that reference you CD-ROM driver. You should see a line like this:

DEVICE=C:\DEV\ATAPI_CD.SYS /D:SONY_000
in the CONFIG.SYS file. Notice the subdirectory that the device driver is in, and copy all the files found in that subdirectory to a similarly named subdirectory on the floppy disk. ( Your subdirectory and/or driver name may be different. Here's where that creativity of yours comes in.)
In the AUTOEXEC.BAT file you should see a line something like this:

C:\DOS\MSCDEX.EXE /D:SONY_000 /L:E
Find and copy the MSCDEX.EXE file from the hard drive to the root of the floppy disk.
4. Copy or make an ASCII file in the root of the floppy called CONFIG.SYS this file should only contain lines something like the following:

LASTDRIVE=Z
DEVICE=A:\DEV\ATAPI_CD.SYS /D:SONY_000


Plus any other drivers you copied to the floppy
.
5. Copy or make an ASCII file in the root of the floppy called AUTOEXEC.BAT this file should only contain lines something like the following:

A:\MSCDEX.EXE /D:SONY_000 /L:E
PROMPT=$p$g

Plus any other drivers you copied to the floppy. (No path statements or other lines should be in the AUTOEXEC.BAT file). Notice all references to the hard drive have been changed to the floppy drive. The switch at the end of the MSCDEX line /L:E will force the CD-ROM to occupy drive E: If you have only one hard drive, this switch will leave a space for an additional hard drive to be added later, in the D: position. Remember your CD-ROM will now be E:
6. Testing your emergency boot disk: First remove the floppy disk and write protect it. Write protection can be achieved by exposing the hole in the upper right hand corner of the floppy.

Shut down the computer in the normal way, and turn it off.
Insert the floppy in drive A: and turn the computer back on.
If your computer's CMOS settings are set to allow your computer to boot from the floppy disk, you should hear the floppy drive accessing and eventually you should see the A:\> prompt on the screen. If the computer boots from the hard drive you will need to change the CMOS settings in your computer. ( See the CMOS Settings side-bar for instructions about setting the CMOS to boot from the A: drive first.)

7. Testing the CD-ROM drivers:
Once you have your computer booting from the floppy disk, Insert any CD-ROM disk in the drive and type E: and press the Enter key, then type DIR and press Enter. You should see a directory of the CD-ROM.

8. The ultimate test of your emergency boot disk: DON'T do the following unless you feel comfortable, and understand the safety issues when working inside your computer. Even if you do know how to work inside your computer, I strongly suggest you review the issues at Under The Hood of Your Computer before attempting the following.

Shut down your computer in the normal way, and turn it off. Remove the cover and unplug the power cord to the hard drive. Insert the emergency boot disk in the floppy drive, and turn on the computer. After it boots up check the CD-ROM again. ( This test simulates a hard drive failure, and double checks that the floppy boot does not reference any files or drivers on the hard drive.)

Congratulations you now have the single most important piece of insurance for your computer. Label the floppy and store it in a safe place.







--------------------------------------------------------------------------------

Use the above procedure at your own risk!
J.R. has been building and repairing computers for over 25 years, and has personally used the above procedure on thousands of computers. Each computer is different and the competence of the user can vary. J.R. Whipple, in no way warrants the above procedure, nor can he be held responsible for any problems, loss of data, loss of business, or any other damages caused by the application of the above procedure. If you are not comfortable with the above procedure, DON'T DO IT. If you need help please Contact Us before attempting the above procedure.

To learn all about computer viruses, or check you computer for viruses, click the above icon.




No mass-produced computers. I hand- craft each of my computer systems.






Return to the main page.

Installing Software/Programs in Your Computer

Please read the disclaimer at the end of this page, before preforming this procedure.

STOP! Before you install a new program in your computer, stop and think about it for a while. Installing a program is a lot easier than removing it from your computer. Some programs will adversely affect other programs or setups on your computer. A few programs can actually crash your computer and cause it to stop working altogether.

Before you install ANY new program I recommend you ask yourself the following questions:


Do you really want or need this program? Or do you just want to see what it does?

Will installing this program reduce your free hard disk space below 10%?

Does this program have an "Uninstaller"? Can you easily remove it if you don't like it?

Have you asked others, that have this program, what they think of it?

Will this program make changes to your video, or other system setups?

Have you contacted a computer professional for his thoughts about this program?

Is your computer running perfectly before you install anything new?

If you have decided to install the new program and you have one of our Dual-Drive computers, Insure that your computer is in perfect running condition then do a "Drive-to-Drive" backup. This will make an exact copy of the working drive so you can recover from any disaster that may occur from the installation of the new program.

If you do not have one of our Dual-Drive machines, get out your rabbit's foot and cross your fingers. I know that crossed fingers make it harder to type, but you may need all the help you can get. Seriously, you should backup all of your valuable data to floppies before you start the installation of any new program.

Each software installation routine is unique and the procedures will vary. When asked where you want to install the program, I recommend you accept the defaults.

After the program has been installed, test it as well as all other existing programs, to insure the new program has not affected other programs.

Install only one program at a time! I recommend you wait several days before you install another program. This allows time to insure the new program is working properly and has not caused any problems with the system and/or older programs on your computer.





--------------------------------------------------------------------------------

Use the above procedure at your own risk
!
J.R. has been building and repairing computers for over 20 years, and has personally used the above procedure on thousands of computers. Each computer is different and the competence of the user can vary. J.R. Whipple, in no way warrants the above procedure, nor can he be held responsible for any problems, loss of data, loss of business, or any other damages caused by the application of the above procedure. If you are not comfortable with the above procedure, DON'T DO IT. If you need help please Contact Us before attempting the above procedure.

Free Virus Checker

Click this Here check your computer.
Please read this page, in it's entirety,
before you start your scan!


The Never Ending Wonders
Of The Internet
The Internet promotes all sorts of wonderful, and many times, FREE information and products. By clicking on the above icon you can check your computer for viruses, for free. Try it, I think you'll like it!

Please note
: If this is your first time using this virus checker, expect to wait several minutes while the scanner prepares to check for viruses. This time will vary depending on your modem speed and current internet traffic, and will be shorter the next time you visit.
Virus checkers are no good if the list of viruses they check for is out of date. New viruses come out every few days. If you installed a virus checker a few weeks or months ago, it may already be out of date and miss the newer viruses. One sure way to get the latest in virus detection is to use this online virus checker, its list of viruses are updated on a daily basis.

We recommend that after each new program you install in your computer, or after any Internet download, you perform this free virus check. It may save you much grief and money.


--------------------------------------------------------------------------------

- CAUTION -
If you have never had a virus checker installed in your computer, or the Anti-Virus program, which was in your computer, has never been updated, there is a good chance that one or more viruses have already infected your computer and you don't know it!
Many computer viruses infect critical files that make up Windows. If an Anti-Virus program removes these infected files, your computer may fail to boot up the next time it is started, and you may need to reinstall Windows and/or other programs.

You're dammed if you do, and dammed if your don't! If you don't have an Anti-Virus program in your computer, you will eventually get infected, which may stop your computer from functioning… If an Anti-Virus program checks your computer and detects and removes infected files, that are critical to the computer's operation, this too may stop your computer from working right.

There is no easy way around this! All computers, that have Internet access, must have a good Anti-Virus program installed. Very few computers will be so infected that the Anti-Virus program will cause problems, but a few will. Backup all your critical data to floppies, or other removable media, then check you machine for viruses. Once your computer has been cleared of all viruses, do a normal power-down restart, and insure it starts up properly. In the rare case that your computer was so infected that it will no longer start properly, you may need to resort to your "Recovery CD" or completely clean and reload your hard drive: SEE THIS. If you have to resort to the recovery CD or to reloading Windows, after your computer is back up and running, you must then scan your backup media for viruses, or they could re-infect your computer.


--------------------------------------------------------------------------------
Please Note:
This, as well as all other virus checkers, DO NOT check for SpyWare, AdBots, or Parasites!
To check for those, you should Click Here.



NOTICE!

Trend Micro is the owner of this free virus checker. Please direct all questions about the operation of this virus scanner to Trend Micro's Tech-Support.
For information on purchasing the latest PC-cillin product, please call +9779845300999 or Click Here, to free it online.

PS: You may find that Trend Micro is much more receptive to your questions after you spend the few measly bucks they are asking for their product.