COMMENT
CopyFileW
CreateFileA
CreateFileW
CreateProcessA CreateProcessW
DeleteFileA
DeleteFileW
GetFileAttributesA
GetFileAttributesW
MoveFileA
MoveFileW
MoveFileExA
MoveFileExW
SetFileAttributesA
SetFileAttributesW When Kriz is resident in memory, these functions allow any recently run executable file to become infected with Kriz. If an infected executable file is run on 25 December, Kriz will erase the computer's CMOS, which contains information such as date and time, and what type of hard disk the computer uses. It will also erase the contents of any floppy disks, hard drives, and networked drives. It will also attempt to flash the computer's BIOS with garbage. This only works on some BIOS. If it is successful, however, the computer will no longer boot and its motherboard will have to be replaced. Kriz has been around long enough that all the anti-virus software companies have detection and removal software available. For example, Symantec offers an online tool for users using Internet Explorer or Netscape. Here are the key steps for preventing Kriz: 1. Get protected. You may already be infected, so if you don't already have virus protection software on your machine, you should. If you're a home or individual user, it's as easy as downloading any of these five-star programs then following the installation instructions. If you're on a network, check with your network administrator first. If you're not sure if your existing antivirus software is up-to-date, scan your system for free to find out. 2. Scan your system regularly. If you're just loading antivirus software for the first time, it's a good idea to let it scan your entire system. It's better to start with your PC clean and free of virus problems. Often the antivirus program can be set to scan each time the computer is rebooted or on a periodic schedule. Some will scan in the background while you are connected to the Internet. Make it a regular habit to scan for viruses. 3. Update your antivirus software. Now that you have virus protection software installed, make sure it's up-to-date. Some antivirus protection programs have a feature that will automatically link to the Internet and add new virus detection code whenever the software vendor discovers a new threat. You can also download updates from ZDNet Updates.com. 4. Download Microsoft's Outlook Security Patch. If you haven't already installed it, download the Outlook 98 Security Patch or the Outlook 2000 Security Patch (which requires the Office 2000 Service Release 1a). Please note that this patch does not include Outlook Express. Click here for help with installation, or for more information regarding this patch. 5. Remember: "Don't open attachments!" One way to prevent virus infections is not to open attachments, especially when viruses such as Kriz are being actively circulated. Even if the email is from a known source, be careful. A few viruses take the mailing lists from an infected computer and send out new messages with its destructive payload attached. Always scan the attached files first for viruses. Unless it's a file or an image you are expecting, delete it. 6. Stay informed. Did you know that there are virus and security alerts almost every day? Keep up-to-date on breaking viruses and solutions by bookmarking our Viruses, Bugs, Security Alerts page. Take me to the Virus Workshop Take me to ZDNet Enterprise Have your say instantly, and see what others have said. Click on the TalkBack button and go to the ZDNet News forum. Let the editors know what you think in the Mailroom. And read what others have said.
