In computer news this week, 06/12/2002

One of the worst new viruses continues to attack internet users and you must be aware ...

Last week I talked about the W32/klez virus which is fast becoming one of the worst computer viruses in history and is threatening all Internet Users today.

If you go to any of the anti-virus vendors sites - Panda - McAfee - Norton - you'll find detailed information on this virus, what the symptoms are, how you can get it, and how to remove it and hopefully get all your files back.

This virus is so different and dangerous that major anti-virus vendors are totally updating their antivirus engines, and so must you. To explain what I mean here, normally when you buy an antivirus program - which must today be considered an essential piece of system software - you install it, and then you make the committment to upgrading the virus signature file generated by the vendor with new virus information daily. As new viruses emerge every day - you have to update your antivirus software daily also. Some programs let you choose to do this manually yourself when you feel like it, or they can set themselves to automatically update daily at a specified time.

The upside of this is that you will never forget to update your virus program; the downside is that you might be in the middle of something and all of a sudden your computer mysteriously starts doing something on its own.

But now you have to update your antivirus software itself - not just the virus signature file - to protect yourself against this new type of virus. This can take a lot of time, but it's necessary.

The W32/Klez virus has features not seen before in a virus. Various mutations of it will attempt to look for and unload any anti-virus software you may be running. Because of its very smart stealth and anti-anti-virus techniques, many common AV software can't detect or clean it.

The Klez virus can corrupt files on your hard disk so it is very dangerous. It can come disguised in a variety of email messages with a variety of attachments that look completely safe. It used to be that you would be suspicious of an attached executable file, but not a text file or a picture. The Klez virus changes all that - it can disguise itself in virtually any type of a file. It might even come in an email that claims to be a removal tool for the virus.

But probably the most dangerous part of the Klez virus is that it can be triggered by your merely viewing the email in the Microsoft Outlook Express' Preview Pane - and then you'll be infected just by reading the email. You can turn this feature off in Version 5 and below.

The virus will attempt to damage your hard disk, and email itself out to everyone in your addressbook. Then using further stealth techniques, it may change the email so that it is not addressed from you - anticipating that you might attempt to warn people in your addressbook to watch for a virus coming from you in an email.

So now with viruses like this threatening internet users, virutally every email you receive comes under suspicion.

Whichever antivirus program you use - you need to go to their website and see what they recommend you do in light of these new viruses. Most vendors also offer online scans of your computer or free utilities you can download to check your system.

Even though this is supposedly the high tech computer world - old fashioned sayings and ideas still work fine here - "An ounce of prevention is worth a pound of cure..."

And if you're on the internet today without an antivirus program, and a firewall program which I'll be talking about soon, you are in a very vulnerable situation for which there may be no cure.

For Raw Bytes, This is Frank Delaney

POB 222 Spangle, Wa 99031 (509)245-3736 624-7230