A computer virus which can worm its way into hard drives, cracking passwords and access all areas is currently sweeping its way through Bermuda via a chain-letter type e-mail.

The message, entitled Prettypark is, according to the Symantec AntiVirus Research Enter, a type of Trojan Horse which allows the original sender unlimited access to computer programmes.

The "pretty'' picture, which is a 3-D pipe screen saver, hides a programme that can reach all passwords, registered owner details, dial up numbers, user names and a whole host of product and computer information.

The virus is a worm-type infection which attaches itself to address books and automatically sends itself out to each person or company on that address book.

The system is known as PrettyPark.Worm, W32.PrettyPark.C.Worm and was first detected June 1, 1999. Another variant appeared on February 2, 200 and this, latest strain, known as a `D' variant, started on February 18.

Norton AntiVirus users can protect themselves from this virus by downloading the current virus definitions either through LiveUpdate or from the Download Virus Definition Updates page.

This worm programme behaves similarly to Happy99 Worm which swept around the world last year which was originally spread by e-mail spanning from a French e-mail address.

A notice on the Systemantec AntiVirus page states: "When the attached programme file, PrettyPark.exe, is executed, it may display the 3D pipe screen saver.

"It also creates a file called files32.vxd in the Windows System directory and modifies the following registry entry value from %1%* to files32.vxd %1%* without your knowledge.'' The page goes on: "Once the worm programme is executed, it tries to e-mail itself automatically every 30 minutes (or 30 minutes after it is loaded) to e-mail addresses registered in your Internet address book.

"It also tries to connect to an IRC (chat room) server and join a specific IRC channel. The worm sends information to IRC every 30 seconds to keep itself connected, and to retrieve any commands from the IRC channel.'' Through the chat room, the author or distributor of the worm can obtain system information including the computer name, product name, product identifier, product key, registered owner, registered organisation, system root path, version, version number, ICQ identification numbers, ICQ nicknames, victim's e-mail address, and Dial Up Networking user name and passwords.

In addition, being connected to IRC opens a security hole in which the client can potentially be used to receive and execute files.

For instructions to remove the PrettyPark worm see: http/www.symantec.com/avcenter/venc/data/p rettypark.worm.html.

The Symantic AntiVirus Research Centre says that companies and individuals should be wary of e-mails from unknown sources.

"Because of Worms and Trojan Horse programmes, you must practise safe computing. Be suspicious of executable file attachments (for example, .exe, .shs, or MS Word, or MS Excel files), especially ones from newsgroups or unknown sources. For continuous protection, always run Norton AntiVirus Auto-Protect and use LiveUpdate to make sure you have the latest virus definitions.''