VISUAL NEWSLETTER – APR 2002           




A new powerful virus cropped up in April, a variation known as the W32.KLEZ virus. This virus is an internet worm with unusually powerful abilities to kill anti-virus programs.


It popped up in our case on a brand new computer installed in early April. Even though the new computer came with Norton Anti-Virus 2002 installed, the new virus was not detected and definitions made available by Symantec until April 17th. In the interim it infected the new computer and disabled the anti-virus. When we went to install the new more powerful Corporate Edition of the Norton Anti-Virus it blocked the installation.


The nature of the block was such that even Symantec personnel believed it was purely a Windows installation problem. As such they ran us through a host of manual Anti-Virus uninstall / reinstall procedures as well as a full reinstallation of Windows XP.


When it no longer appeared to be purely a Windows installation problem I logged on to an Anti-Virus Website and scanned the drive. This free web-site is called:




This was able to identify the virus as a new variant of the W32.KLEZ virus and from there I downloaded a special tool from Symantec to destroy the virus. This entailed booting into Safe Mode and running the tool two or three times until the virus was destroyed.


After removing the virus, the new anti-virus was installed without a problem and the latest virus definitions downloaded. After this experience I recommend setting your Anti-Virus for daily updates. Even then, you are not 100 % protected as each new virus requires several days to be detected and for Symantec to post new definitions for it.




As if the internet worm viruses were not enough of a problem with their enticing “Check Out This New Web-Site” or “View Naked Wife” messages, a new threat has emerged as of late known as the virus hoax.


This will come in as a somewhat legitimate looking virus alert message in your e-mail. It often comes with instructions to go into Windows Explorer and look for a certain file. If you find this file, it tells you to delete it because you are infected. In actuality it instructs you to delete a vital Windows system file. As soon as you reboot your computer you find that it has been disabled.


In this case faulty advice causes you to disable your own computer. On the other hand many viruses do this as a matter of fact. They often infect many files to spread the virus but they also damage or delete files without infecting them. In this case even if you remove the virus you end up with a computer that will eventually malfunction unless the damaged files are replaced.


This often requires that Microsoft Windows, Microsoft Office and any number of other programs on your computer be reinstalled. Unless something malfunctions you may not realize that it has been damaged. The most common targets of the virus attacks tend to be Microsoft & Symantec products since these are among the most commonly used and I think the virus creators get a kick out of going after the big kids on the block.


The “Trojan Horse” is another common form of virus that attaches itself to otherwise harmless and desirable files such as Movie Trailers and such. These are downloaded and saved to our hard drives only to emerge and wreak havoc on our computers weeks later. A good anti-virus as a first defence has never been more important than it is now.