virus screen   Virus Watch 21 November 2000

Tips & Hints

The risk of viruses eating your computer is a real, but overstated one. Most of the virus today are more of a nuisance value, But every computer user who receives e-mail or shares files must have a virus checker installed and kept up to date.

Most viruses at the moment are macro or scripting viruses which make use of the simple programming features in MS Windows or Office. If you receive an e-mail from someone you know with a strange attachment be suspicious. This is how most of these viruses spread.

What to watch for in an e-mail

The subject line "Snow White and the Seven Dwarfs" is the Hybris worm.
An attachment named "Navidad.exe" is the Navidad virus.
Any attachment with a .pif suffix is probably the MTX or the Sircam virus.
A signature file named kak.hta is the Kak worm.

Common viruses

The Hybris Worm: First found in September 2000, it has steadily spread across the Net. The infected files appear in your inbox from someone you know with the subject line "Snow White and the Seven Dwarfs". The message has an attachment that will infect your computer if you attempt to open it. Once you are infected you will have a large, psychedelic spiral across your screen, preventing you from doing anything useful. The spiral is launched from the run command in the win.ini file, so it is easily removed. The wsock32.dll file has to also be replaced to stop the worm from spreading.

The MTX Virus. This is an evil little beast that gets onto your system, sends e-mails to everybody in your address book, infects your system files and blocks access to the popular anti-virus web sites. Removing the infection is very difficult and the attachments to the e-mails are often obscene. If you have been infected, then you should call a computer expert to help clean your system.

The Navidad virus: If your computer gives you a message "could not find winsrvc.exe" when you try to open anything then you have the Navidad virus. Most of the anti-virus vendors have a repair tool for the virus. Note you can still run many of your programs from the MS-DOS command prompt.

The KAK worm: A worm that uses html mail to spread and exploits a bug in Internet Explorer. At 5pm on the 1st of the month it will cause the computer to shut down, but apart from that it is just an irritant. Most virus checkers will pick it up but will not remove it properly. Download the "eyedog" patch from Microsoft.

Vist our links page for link to useful anti-virus resources.

Updated 4 August 2001

PC Rescue Pty Ltd
Suite 236, 4 Young Street Neutral Bay NSW 2089
ABN 082 635 765
ŠTechnology Publishing Australia, 2011