VISUAL NEWSLETTER – APR 2002
A new powerful virus cropped up in
April, a variation known as the W32.KLEZ virus. This virus is an internet worm
with unusually powerful abilities to kill anti-virus programs.
It popped up in our case on a brand new
computer installed in early April. Even though the new computer came with
Norton Anti-Virus 2002 installed, the new virus was not detected and
definitions made available by Symantec until April 17th. In the
interim it infected the new computer and disabled the anti-virus. When we went
to install the new more powerful Corporate Edition of the Norton Anti-Virus it
blocked the installation.
The nature of the block was such that
even Symantec personnel believed it was purely a Windows installation problem.
As such they ran us through a host of manual Anti-Virus uninstall / reinstall
procedures as well as a full reinstallation of Windows XP.
When it no longer appeared to be purely
a Windows installation problem I logged on to an Anti-Virus Website and scanned
the drive. This free web-site is called:
WWW.HOUSECALLS.ANTIVIRUS.COM
This was able to identify the virus as
a new variant of the W32.KLEZ virus and from there I downloaded a special tool
from Symantec to destroy the virus. This entailed booting into Safe Mode and
running the tool two or three times until the virus was destroyed.
After removing the virus, the new
anti-virus was installed without a problem and the latest virus definitions
downloaded. After this experience I recommend setting your Anti-Virus for daily
updates. Even then, you are not 100 % protected as each new virus requires
several days to be detected and for Symantec to post new definitions for it.
THE VIRUS HOAX
As if the internet worm viruses were
not enough of a problem with their enticing “Check Out This New Web-Site” or
“View Naked Wife” messages, a new threat has emerged as of late known as the
virus hoax.
This will come in as a somewhat
legitimate looking virus alert message in your e-mail. It often comes with
instructions to go into Windows Explorer and look for a certain file. If you
find this file, it tells you to delete it because you are infected. In
actuality it instructs you to delete a vital Windows system file. As soon as
you reboot your computer you find that it has been disabled.
In this case faulty advice causes you
to disable your own computer. On the other hand many viruses do this as a
matter of fact. They often infect many files to spread the virus but they also
damage or delete files without infecting them. In this case even if you remove
the virus you end up with a computer that will eventually malfunction unless
the damaged files are replaced.
This often requires that Microsoft
Windows, Microsoft Office and any number of other programs on your computer be
reinstalled. Unless something malfunctions you may not realize that it has been
damaged. The most common targets of the virus attacks tend to be Microsoft
& Symantec products since these are among the most commonly used and I
think the virus creators get a kick out of going after the big kids on the
block.
The “Trojan Horse” is another common
form of virus that attaches itself to otherwise harmless and desirable files
such as Movie Trailers and such. These are downloaded and saved to our hard
drives only to emerge and wreak havoc on our computers weeks later. A good
anti-virus as a first defence has never been more important than it is now.