Monday,  June 16 12:01 AM EDT

Virus Alert: W32.Leech

Virus researchers from several Anti-Virus labs, such as Symantec, McAfee, and AVG, have declared a state of emergency, as a new virus, dubbed W32.Leech, has taken over the Internet. When its payload is delivered, the victim's hard drive is saturated with files downloaded from random sources. The virus is so complex it seems to be able to connect with other instances of itself on other machines.

So far, researchers have been unable to find the virus itself, though infected machines are easy to spot due to constant "Your Hard Drive Is Full" message boxes from the operating system. The only similarity discovered so far in the infected machines is that most of them appear to have file sharing software installed. This leads the researchers to conclude that the virus is spread through this software - or may even install it without the knowledge of the user.

Virus researcher Roger Caprici stated, "Users of file sharing software are probably downloading executables that contain this virus, and run them, unaware that they are actually installing the virus. There can be no other explanation for this."

Researchers are frustrated by their inability to find the virus itself, though the symptoms are obvious. In the words of a Symantec employee, "it feels like someone is out there, laughing at us. We know the virus is there, but we simply can't find it. To make matters worse, we've even discovered that several of our own computers have been infected. You have to admire the incredible craftsmanship. Hopefully, the downloads can help us locate the virus. We're keeping them for further study."

This virus has been detected in homes, offices, Internet cafes, schools and colleges worldwide. Fortunately, Symantec has provided a way for Windows users to detect if their computer is infected. Just follow these steps:

1. At the Start menu, select Search->Files or Folders
2. Search for *.mp3 and then for *.avi
3. If no files are found, your computer is safe.

While no removal tool is available for the virus, the symptoms may be significantly reduced using these simple steps:

1. At the Start menu, type "cmd" which will bring up a black window with white or light gray letters.
2. Type "del c:\*.mp3 /s" and hit enter.
3. Type "del c:\*.avi /s" and hit enter.
4. If you have more than one partition, repeat steps 2 and 3, replacing "c" with the corresponding drive letters.

Among the countless victims of the Virus is RIAA employee Mervin Sanchez, who unknowingly suffered from the virus for weeks. "It has been a living hell. Every few minutes I would get a "disk full" warning and would have to delete files. I could have saved the musicians millions in the hours I wasted on cleaning up after the virus. Now all I can do is to backup my hard drive, reinstall, and hope those pirate bastards don't manage to infect my computer again. RIAA estimates 9-digit losses in lost man-hours and digital theft."

More Tech News

Recommend this Story to a Friend