VISUAL NEWSLETTER – APR 2002
A new powerful virus cropped up in April, a variation known
as the W32.KLEZ virus. This virus is an internet worm with unusually powerful
abilities to kill anti-virus programs.
It popped up in our case on a brand new computer installed
in early April. Even though the new computer came with Norton Anti-Virus 2002
installed, the new virus was not detected and definitions made available by
Symantec until April 17th. In the interim it infected the new
computer and disabled the anti-virus. When we went to install the new more
powerful Corporate Edition of the Norton Anti-Virus it blocked the
installation.
The nature of the block was such that even Symantec
personnel believed it was purely a Windows installation problem. As such they
ran us through a host of manual Anti-Virus uninstall / reinstall procedures as
well as a full reinstallation of Windows XP.
When it no longer appeared to be purely a Windows
installation problem I logged on to an Anti-Virus Website and scanned the
drive. This free web-site is called:
WWW.HOUSECALLS.ANTIVIRUS.COM
This was able to identify the virus as a new variant of the
W32.KLEZ virus and from there I downloaded a special tool from Symantec to
destroy the virus. This entailed booting into Safe Mode and running the tool
two or three times until the virus was destroyed.
After removing the virus, the new anti-virus was installed
without a problem and the latest virus definitions downloaded. After this experience
I recommend setting your Anti-Virus for daily updates. Even then, you are not
100 % protected as each new virus requires several days to be detected and for
Symantec to post new definitions for it.
THE
VIRUS HOAX
As if the internet worm viruses were not enough of a problem
with their enticing “Check Out This New Web-Site” or “View Naked Wife”
messages, a new threat has emerged as of late known as the virus hoax.
This will come in as a somewhat legitimate looking virus
alert message in your e-mail. It often comes with instructions to go into
Windows Explorer and look for a certain file. If you find this file, it tells
you to delete it because you are infected. In actuality it instructs you to
delete a vital Windows system file. As soon as you reboot your computer you
find that it has been disabled.
In this case faulty advice causes you to disable your own
computer. On the other hand many viruses do this as a matter of fact. They
often infect many files to spread the virus but they also damage or delete
files without infecting them. In this case even if you remove the virus you end
up with a computer that will eventually malfunction unless the damaged files
are replaced.
This often requires that Microsoft Windows, Microsoft Office
and any number of other programs on your computer be reinstalled. Unless
something malfunctions you may not realize that it has been damaged. The most
common targets of the virus attacks tend to be Microsoft & Symantec
products since these are among the most commonly used and I think the virus
creators get a kick out of going after the big kids on the block.
The
“Trojan Horse” is another common form of virus that attaches itself to
otherwise harmless and desirable files such as Movie Trailers and such. These
are downloaded and saved to our hard drives only to emerge and wreak havoc on
our computers weeks later. A good anti-virus as a first defence has never been
more important than it is now.