Connect with us

Hi, what are you looking for?

Tech & Science

Virus Alert of the Week: The Kriz Computer Virus

Windows users watch out for the Kriz computer virus (W32.Kriz also known as Win32.Kriz.3740/3863), which will try to wipe out your machine on December 25th.

Kriz hits Windows 9x and NT machines infecting certain Windows
files and stays in your computer’s memory. It can spread to any
hard or floppy drives in your computer, RAM disks, or any network
drives you’re mapped to. Nothing happens until December 25th,
when Kriz will try to flash your BIOS and start overwriting files.

Kriz has a similar payload to the Win.CIH virus which appeared early in 1999. The virus code has been encrypted in an attempt to hide the virus’ presence from anti-virus scanners. Two variants of this virus are known to exist: Kriz.3863 and 3740.

When an infected file is run, it will create a copy of the systems Kernel32.dll file, will insert viral code inside it, saves it as KRIZED.TT6. It then modifies WININIT.INI so that it will automatically rename KRIZED.TT6 to Kernel32.dll when the PC is rebooted. This will overwrite the existing Kernel32.dll with the infected version. Then the virus will attempt to infect any Windows PE (.EXE) files that are run on the PC. Since Kernel32.dll has been overwritten the original copy of Kernel32.dll has been destroyed. Returning the infected system to its clean state involves cleaning all infected files and replacing Kernel32.dll with a clean copy of the original file.

If an infected file is run on Christmas Day (the 25th of December) of any year, the virus will clear the computer’s CMOS memory, and attempts to destroy the computer’s flash BIOS.

Please note:

If the flash BIOS is damaged the chip will need to be replaced on the PCs motherboard.
If the BIOS chip is soldered to the motherboard it is unlikely to be cost effective to repair it.

Our Tip:
Update your anti-virus software today. Then, scan your computer
now for Kriz and then again on Christmas Day. The data you
save will be your own!

You may also like:


Evolve Bank has disclosed a ransomware attack from infamous ransomware gang, LockBit.


Singer-songwriter Bonnie McKee chatted about her pop album "Hot City."


Actors Hal Linden and Marilu Henner star in the new Off-Broadway show "The Journals of Adam and Eve."


The shooting of Donald Trump has seen the odds on him being re-elected president in November jump - Copyright AFP Rebecca DROKEAsian markets were...