विज्ञप्तियां उर्दू विज्ञप्तियां फोटो निमंत्रण लेख प्रत्यायन फीडबैक विज्ञप्तियां मंगाएं Search उन्नत खोज
RSS RSS
Quick Search
home Home
Releases Urdu Releases Photos Invitations Features Accreditation Feedback Subscribe Releases Advance Search
home  Printer friendly Page home  Email this page
English Release 1-September 2014
Date Month Year
  • President's Secretariat
  • Extracts from speech by the President of India, Shri Pranab Mukherjee at the 14th convocation of University of Jammu
  • President calls upon Universities to create the right environment for promoting entrepreneurship
  • President of India’s message on the eve of National Day of Vietnam
  • Vice President's Secretariat
  • PROBATIONERS OF IP&TAFS CALL ON VICE PRESIDENT
  • Vice President Meets Differently Abled Children from UMEED
  • Prime Minister's Office
  • Text of Prime Minister Shri Narendra Modi’s remarks at the Joint Press Briefing with Shri Shinzo Abe, the Prime Minister of Japan at Tokyo,Japan
  • Factsheet: India and Japan - Partners for Common Development
  • Remarks by Prime Minister at the Joint Press Briefing with Prime Minister Shinzo Abe of Japan
  • Tokyo Declaration for India - Japan Special Strategic and Global Partnership
  • Text of Prime Minister Shri Narendra Modi’s keynote address at the luncheon hosted by Nippon Kiedanren – the Japanese Chamber of Commerce and Industry and the Japan-India Business Cooperation Committee
  • Text of Prime Minister Shri Narendra Modi’s address during his visit to Taimei Elementary School in Tokyo, Japan
  • PM’s keynote address at the luncheon hosted by Nippon Kiedanren – the Japanese Chamber of Commerce and Industry, and the Japan-India Business Cooperation Committee
  • PM visits Taimei Elementary School in Tokyo
  • Election Commission
  • Bye- Election to the Council of States from Madhya Pradesh
  • Min of Agriculture
  • Conditions for Import of Onion
  • Min of Commerce & Industry
  • Index of Eight Core Industries (Base: 2004-05=100), July, 2014
  • Min of Defence
  • Student Interaction Drive by IAF – Guardians of the SKY-II
  • Ministry of Finance
  • Auction for Sale (Re-Issue) of Government Stocks
  • Min of Health and Family Welfare
  • 816 passengers being tracked for Ebola Virus Disease
  • Transparency assured in upcoming government organ transplantation network
  • Min of Home Affairs
  • Home Minister Denies Reports of Bilateral Talks with PAK Counterpart in Kathmandu
  • Min of Human Resource Development
  • 54th Foundation day of NCERT Celebrated with Focus on Gender Inclusion
  • Min of Personnel, Public Grievances & Pensions
  • Dr. Jitendra Singh meets Canadian Minister and President of Treasury Board, Mr. Tony Clement
  • Min of Petroleum & Natural Gas
  • Petroleum and Natural Gas Minister calls upon the Oil Marketing Companies to contribute to the welfare of the society in large measure
  • Diesel Under-Recovery decreased to Rs 0.08/litre for the fortnight commencing 01.09.2014
  • Min of Road Transport & Highways
  • “Road Traffic Act” to replace Motor Vehicles Act- 1988, says Gadkari

Previous Date

 
Ministry of Communications & Information Technology02-March, 2006 11:33 IST
DIT warns of new computer virus worm

The Indian Computer Emergency Response Team (CERT-In), working under the Department of Information Technology  (DIT)  has warned of a computer virus worm which  is very destructive in nature and is being activated  on every third day of the English Calendar month.   The worm called Nyxem,  a memory resident mass mailing and its variants, is spreading in the wild to attack Microsoft Windows systems. The worm propagates by sending an e-mail attachment to target users. It also spreads through network shares. Upon activation,  it replaces the content of user's files and reduces the size of all user data files to 1KB.  The worm has aliases such as W32.Blackmal.E@mm, W32/Kapser.A@mm, W32/MyWife.d@MM, Win32/Blackmal.F, WORM_GREW.A [Trend Micro], Win32/Blackmal.F [Computer Associates], Nyxem.e (F-secure)

 

How the worm works

 

When a user clicks on the attachment it gets executed and performs the following actions.

 

·         Drop and open a .ZIP archive with the same name in the Windows system folder to hide its functionality.

·         Copies itself to the system folder  with the filenames: scanregw.exe, Winzip.exe , Update.exe,movies.exe, Zipped Files.exe

·         Also copies itself to Windows folder with filenames: Rundll16.exe, WinZip_Tmp.exe

·         Create the registry entry to enable its automatic execution at every system startup

·         Hides files with both System and Read-only attributes

·         Deletes the files related to anti-virus applications

·         It attempts to spread to network shares with weak passwords

 

Nature of Subject and content of e-mail/attachments

 

·         The emails sent by the worm uses some obscene subject lines, message content and attachments as detailed  below.

 

Subject:   Mostly this contains obscene languages/ titles

 

Message body: (any of the following)

 

• forwarded message    • forwarded message attached.       hello,     • Helloi attached the details.        how are you?      • i just any one see my photos.      • i send the details.

 • i send the file.      • It's Free :)      • Note: forwarded message attached. You Must  View This Videoclip!      • Please see the file.      • Thank you       • The Best Videoclip Ever       • the file i send the details      • VIDEOS! FREE! (US$ 0,00)      • What?

 

Attachment: (any of the following)

 

    • 007.pif       • 3.92315089702606E02.UUE      • 392315089702606E-02,.scR 

    • 392315089702606E-02,UUE{spaces}.scR      • 677.pif       • ATT01.zip.sCR

    • Attachments00.HQX      • Attachments001.BHX      • Attachments[001],B64.sCr

    • Attachments[001].B64      • Clipe,zip.sCr      • document.pif       • DSC-00465.pIf

    • eBook.PIF        • eBook.Uu       • image04.pif       • New Video,zip  

    • New_Document_file.pif       • Original Message.B64         • photo.pif

    • Photos,zip.Scr          • School.pif       • Video_part.mim      • WinZip,zip.scR

    • WinZip.BHX      • WinZip.zip.sCR      • Word XP.zip.sCR      • Word.zip.sCR

    • Word_Document.hqx      • Word_Document.uu  

 

Do's

   

·         Scan the system to check infection of the worm by running removal tools as referred on CERT-In  website (Virus Alert)

·         Install and maintain updated Anti Virus software

·         Block e-mails with the subjects and attachments mentioned above at the e-mail gateway level

·         Block executable and unknown file types at the e-mail gateway

·         Send and receive e-mails in plain text

·         Backup all important data files

·         Apply appropriate security updates at OS and application level

 

Don’ts   

 

·         Do not open suspicious e-mails

·         Do not open mail if it has some funny subject/attachment

·         Exercise caution while opening email attachments

·         Do not visit un-trusted websites

·         Do not download and install software of unknown origin

 

For further information refer to CERT-In Virus Alert

http://www.cert-in.org.in/virus/nyxem_e-worm.htm

 

Contact CERT-In Incident Response Help Desk for any queries and help

 

Email : incident@cert-in.org.in

Tel.    : 1800 11 4949 (Toll free)

FAX   : 1800 11 6969 (Toll free)

 

RM/AMA – 020306 Virus


(Release ID :16084)

Web Ratana This site is winner of Platinum Icon for 'Outstanding Web Content' Web Ratna Award'09 presented in April 2010
Site is designed and hosted by National Informatics Centre (NIC),Information is provided and updated by Press Information Bureau
"A" - Wing, Shastri Bhawan, Dr. Rajendra Prasad Road, New Delhi - 110 001 Phone 23389338
Go Top Top

उपयोग संबंधी शर्तें स्वोत्वाधिकार नीति गोपनीयता संबंधी नीति हाइपरलिंकिंग नीति Terms of Use Copyright Policy Privacy Policy Hyperlinking Policy