Return To Home Page Search Fire Products, Services and others Overview of the Site Design and Build a Career Contact us for customer service and other feedback info Prognet Privacy Statement

Click here to view product details, fire framework, screen shots, Y2K statement, etc.Download fire evaluation copy, updates, upgrades, user manual, free utils and lot more.Customers can enjoy technical support, security tips, FAQ, free virus alert mail, etc. Online ordering, renewal form and upgrade details.Resellers, dealers and distributors can enter here.Click here to view latest virus alerts, virus information center, virus calendar, etc.Latest news and other press releases.About Prognet Technologies Pvt. Ltd, technical team, clients, events and lot more.

 

Kriz Virus

Information about Kriz virus:

                      Win32/Kriz is a Windows file virus infects PE files under Win9x and WinNT 4.0 platforms. This virus will wake up or get activated on 25th of December [Christmas day] and it will damage the motherboard and the hard disk. The damage caused could be extreme and expensive.

                     When the virus is first run, it patches the critical operating system file KERNEL32.DLL and stores it in the name of KRIZED.TT6. On the next startup it replaces original KERNEL32.DLL file with KRIZED.TT6. The variants of Kriz will use different name to patch KERNEL32.DLL. Then it become memory resident and infects all accessed Windows Portable Executable files.

        

                     The payload of Win32/Kriz is stolen from deadly Win95/CIH virus. The computer motherboards manufactured in the last few years store their BIOS on a flash ROM chip which are rewritable. Win32/Kriz virus directly attacks the code stored in the flash ROM chip and makes the computer unbootable.

                     In certain motherboard the BIOS chip are replaceable and solution is possible by inserting a new chip. However in most of the cases the BIOS chip is soldered to the motherboard and there is no solution except to replace the motherboard which could be expensive. If the Flash BIOS is write-protected by jumper set then the Kriz virus will delete all the data stored on hard disk, which puts every computer at risk irrespective of the BIOS layout.

                     At present there are 5 known versions of Kriz variants reported which destroys the motherboard and hard disk. Win32/Kriz.4271 is most frequently reported in the wild. Fire cleans Win32/Kriz and its variants without problems.

Removing Kriz virus from your system:

                     Fire has incorporated Win32/Kriz into its virus signature file, with the aim of helping users affected by this virus attack to detect and eliminate it from their systems. Fire anti-virus users can get updates by using online update facility.

                     A free download is available for public to detect and clean Win32/Kriz virus. If you find Kriz virus, reboot the machine using a Clean Boot Disk and run the downloaded file CleanKZ.exe. After cleaning the Kriz virus, KERNEL32.DLL file must be copied from an uninfected machine. Click here for free download [22KB].

                     To find other viruses use our FireLite version. A free download of FireLite [ 1100KB ] version is available to detect all viruses. If you find virus infected files in the system, use registered version of Fire to remove. To get the registered version of Fire call us at 044-28170440 or mail to service@fireav.com or purchase Fire online using

Data recovery for Win32/Kriz virus

                     It is possible to recover the data from a Hard disk affected by Win32/Kriz virus. We have sucessfully recovered data from most of the Hard disks. Our data recovery team proved their skill in recent CIH incident. Our team members had proven more than 90% of accuracy in data recovery. If you lost any important data due to Kriz attack, you can contact us for data recovery.

[Analysis: Mr.Ramesh, Mr.Stanley Rakesh, Prognet Technologies Pvt. Ltd, 2000]
Go to top of the page
.