Snow White hits again
You have no credits left. To view this article subscribe to Business News.
You have used {{points}} and have {{current_points}} remaining. Your credits will reset on {{reset_date}}.
This article is part of a special report and is available to paid Business News subscribers only.
You can purchase access to this special report or subscribe to Business News.
You can purchase access to this special report or subscribe to Business News.
This article is premium content and is available to paid Business News subscribers only.
Subscribe to Business News.
Subscribe to Business News.
Tuesday, 9 January, 2001 - 21:00
BUSINESS houses returned to work in the New Year to face one of the worst computer virus plagues yet – a new version of the Snow White worm virus.
While worm viruses normally simply take over the Windsock 32 Internet services program and cause minor irritations this one is actually deleting files.
It is also stopping users from going to virus Internet sites to download the latest virus checkers to rid their system of it.
This worm virus is officially labelled W95.MTX with variations designated W95.Oisdbo, W95.MTX.dr, W95.MTX (.dll).
Launched in August last year, it finally arrived in WA before Christmas and has swept through business houses in the past two weeks on the back of the Christmas rush of fun emails.
It has played havoc with PC and even Internet web pages.
It pops up with variations on the theme “Snow White and the Seven Dwarves as you have never seen them before”.
Do not open it, delete immediately.
The virus propagates using email. It attaches itself to your address book firing off versions of itself to people on your email address.
Due to the nature of this virus, some corrupted files are not repairable, say the anti-virus experts.
The unrepairable files will need to be restored from clean backup copies, or from the original distribution disks.
Also it infects some Win32 executables in specific directories.
The virus also has the capability to block access to certain websites to stop you downloading new virus definitions.
It has defied most of the traditional virus checkers and can only be removed by erasing parts of the Windows operating system.
Gary Warner, who operates his online motoring magazine Fastlane out of Mandurah, was seriously hit.
He said: “I still find it hard to believe just how much damage it did to my system. It is the first-ever virus attack to affect FastLane.
“Apparently it is a mutation of the Snow White and the Seven Dwarves virus that is flying around, it arrived as an attachment.
“It appears to piggy-back to any emails sent out then hides itself away and takes over your address book, sending corrupted messages without your knowledge.”
Mr Warner was pointed to the US Symantec site by a Sydney-based computer professional and was eventually able to clean out his system by running the virus program through DOS.
Barbagallo in Osborne Park was hit and Marketing Manager Greg Ross said it took their technical support people 1-1/2 hours to clean it out of the system.
McAfee virus checker was recommended by Hue Lam of Perth’s Corporate Computers who says that this checker is better than others because it looks for the activity rather than the virus.
For Norton anti-virus users, the W95.MTX Fix Tool is at the Symantec website.
The tool scans for and repairs (where possible) infected files. If an infected file cannot be repaired (because it has been corrupted), then a message will appear.
Restore the damaged files.
The tool repairs wsock32.dll by removing the virus code. If wsock32.dll is in use at that time, then a copy is made of wsock32.dll and this copy is repaired.
While worm viruses normally simply take over the Windsock 32 Internet services program and cause minor irritations this one is actually deleting files.
It is also stopping users from going to virus Internet sites to download the latest virus checkers to rid their system of it.
This worm virus is officially labelled W95.MTX with variations designated W95.Oisdbo, W95.MTX.dr, W95.MTX (.dll).
Launched in August last year, it finally arrived in WA before Christmas and has swept through business houses in the past two weeks on the back of the Christmas rush of fun emails.
It has played havoc with PC and even Internet web pages.
It pops up with variations on the theme “Snow White and the Seven Dwarves as you have never seen them before”.
Do not open it, delete immediately.
The virus propagates using email. It attaches itself to your address book firing off versions of itself to people on your email address.
Due to the nature of this virus, some corrupted files are not repairable, say the anti-virus experts.
The unrepairable files will need to be restored from clean backup copies, or from the original distribution disks.
Also it infects some Win32 executables in specific directories.
The virus also has the capability to block access to certain websites to stop you downloading new virus definitions.
It has defied most of the traditional virus checkers and can only be removed by erasing parts of the Windows operating system.
Gary Warner, who operates his online motoring magazine Fastlane out of Mandurah, was seriously hit.
He said: “I still find it hard to believe just how much damage it did to my system. It is the first-ever virus attack to affect FastLane.
“Apparently it is a mutation of the Snow White and the Seven Dwarves virus that is flying around, it arrived as an attachment.
“It appears to piggy-back to any emails sent out then hides itself away and takes over your address book, sending corrupted messages without your knowledge.”
Mr Warner was pointed to the US Symantec site by a Sydney-based computer professional and was eventually able to clean out his system by running the virus program through DOS.
Barbagallo in Osborne Park was hit and Marketing Manager Greg Ross said it took their technical support people 1-1/2 hours to clean it out of the system.
McAfee virus checker was recommended by Hue Lam of Perth’s Corporate Computers who says that this checker is better than others because it looks for the activity rather than the virus.
For Norton anti-virus users, the W95.MTX Fix Tool is at the Symantec website.
The tool scans for and repairs (where possible) infected files. If an infected file cannot be repaired (because it has been corrupted), then a message will appear.
Restore the damaged files.
The tool repairs wsock32.dll by removing the virus code. If wsock32.dll is in use at that time, then a copy is made of wsock32.dll and this copy is repaired.