- Worldstart's Tech Tips And Computer Help - http://www.worldstart.com -

The Morris Virus

Robert Morris, a doctoral student at Cornell University, wrote one of the first computer viruses that spread itself via a network. When released, the virus would target VAX and Sun machines. Unlike some of today’s viruses, it was not designed to cause harm to the computer: when a computer was infected, the virus would duplicate itself every 90 seconds. This caused the computers to eventually slow down or crash as the number of virus processes running in the background increased. During this period, the virus would scan for other computers connected to the network and look for security holes in the OS and networks that it could bypass to infect another machine. It also used the send mail protocol to send infected emails from the host computer.

The virus caused 60,000 computers, including those of military and research installations, across the US to be shutdown, causing quite few heads to turn. The virus pointed out a number of security holes in the UNIX OS that had been discarded as being non-threatening. The worm also reiterated the importance of logs. Quite a few people were not able to find a solution to the problem since they did not maintain logs and there didn’t know how they were getting infected.

When system administrators started discovering that the virus also used send mail protocol to send out infected emails, they shut down the mail servers to stop spreading of this dangerous computer virus. This caused more harm that good since the virus had other methods of attack and doing so only delayed a chain mail doing the rounds that explained how to remove the virus from reaching affected users.

How to remove “The Morris Worm”

1.The Morris Worm directly comes through emails in the form .zip folders, so it’s better to delete all .zip folders that were on the computer.

2.The virus has a unique feature of spreading for every 90 seconds; every folder will have .exe folders installed which is virus. Scan the computer with Malware or Spyware software and remove the virus.

3.It’s always good to disconnect the computer from Internet, since it copies all the information/data from your computer and keeps sending emails to a hidden email address.

4.Collect all your important files and documents make sure there were no .zip files and no .exe folders. Reinstall the entire OS: Don’t repair the OS.

5.If the computer is connected in a LAN, WAN networking system, disconnect the computer from the remaining network. Because the virus spreads more quickly in networking.

The Morris Virus – History

Since its identification in 1988, it has taken 7 years of full-time research to identify how to remove the virus from a computer or a network. For making this code Robert T Morris, Jr. a Cornell University student was sentenced for three years under Computer Fraud and Abuse Act. In the history of computer worms/virus “The Morris Virus” is termed as the Malware that changed the world.

~Sandeep Seeram