Friday, October 15, 1999

George Mindling Column 10-15-1999


Bitten by the Monkey!


I had read many articles about computer viruses, and, quite frankly, I paid no serious attention to any of them. The vulnerability of my company's PCs was not an issue as far as I was concerned. After all. I used only "shrink-wrapped" software. Everything I loaded was purchased from software companies and only in sealed boxes. Pirated software is known to be one of the prime source of viruses, and I don't use any of it.

Besides, running the virus programs had never found anything anyway, and they simply took too much time. I backed up my data regularly and wasn't too concerned about the threat of a virus. Not until the day I tried to boot the 486 PC with all my company's financial records from the “A” drive, the floppy diskette drive, and got the message 'Invalid Drive Specification" instead of my customary "C>" when I tried to switch to the hard drive.

Out of curiosity. I ran the virus checker. "Monkey-2 virus has been detected" was the response. As the realization sank. in, my initial reaction boiled over to outright anger! I had the virus checker available but had never enabled it. What was this Monkey virus going to do to my data? I had never even heard of the Monkey virus. I had to determine what damage had been done and remove the virus as quickly and as intelligently as possible.

I had been told improper removal of an active virus can destroy the FAT, or File Allocation Table. That in itself will make data impossible to recover. I ran the virus program several times on both of my company PCs with always the same result. Both PCs were infected with the Monkey-2 virus. I purchased a new version of McAfee's Virus Scan from among several available virus detection and protection programs. After loading Virus Scan, it was confirmed again, both computers had "Monkey-B", as McAfee calls it. Again, the virus couldn't be removed!

I called McAfee's technical support desk. After being switched four times in less than two minutes, I had the right desk. and the bright young woman on the phone had the right answers. "The Monkey virus has been around since 1992." she said as she keyed her PC's keyboard in the background, "I believe that one is from Eastern Europe, maybe Bulgaria ... "

Thirty minutes later with the help of Norton Utilities, both machines were clean. How did I get the virus? It came from a diskette that accompanied an external modem I purchased at my computer store. The virus was found on a "factory", write-protected diskette. The modem company guaranteed me their diskettes are shipped "clean". They suggested someone had purchased one of their modems which. included the software diskette, contaminated the diskette, then returned the modem with I its software diskette to the store for a refund. I called the store and asked their pol­icy on returned components. If a unit is returned new for other than defective reasons, the contents of the box are checked for completeness. and the box is shrink wrapped again and returned to the shelf. I now run the PC virus detection programs on every boot on both PCs. I scan the boot records and changed files. I scan both systems completely on a weekly basis. A little paranoid? Perhaps, but once bitten...

George Mindling © 1999

No comments:

Post a Comment