Computer Associates International Inc says it has found a new, Melissa-like virus, set to trigger on Y2K and capable of deleting a user’s hard drive. Discovered on December 2 1999, the worm propagates through email to Windows 9x and NT platforms. When the attachment, called pics4you.exe, is executed, the worm becomes resident in memory and emails itself to 50 other people. It changes the Microsoft Internet Explorer home page to point to a Geocities web site. It also changes the windows registry keys to load the worm in memory whenever the machine is rebooted.
On Y2K, the worm is supposed to modify the system BIOS. The next time an infected computer is rebooted, it will display a message such as CMOS Checksum invalid and prevent the computer from booting. This is easy to fix by going into the BIOS setup, but CA claims that as soon as the BIOS settings are fixed, the worm executes its second payload and reformats the hard drive. Users can avoid infection just by not launching the attachment. Before panicking computer users might heed the words of Rob Rosenberger, maintainer of the Computer Virus Myths home page (http://www.kumite.com/myths/). Asked what was the most deadly computer virus he had ever seen, Rosenberger replied None: I consider them all a nuisance. á
