Tech moves fast! Stay ahead of the curve with Techopedia!
Join nearly 200,000 subscribers who receive actionable tech insights from Techopedia.
The Kriz virus is a computer virus discovered in 1999 that infects files on Windows 9x, Windows NT, and Windows 2000 operating systems. Once an infected file is run, the virus is triggered on December 25th of any year, and data on the hard drive, floppy disk drive, RAM drive and network drives is overwritten. Basic input/output system (BIOS) information can also be erased.
The Kriz virus is also known as Win32.Kriz.3862, Win32/Kriz and Win32.Kriz.3740.
Users may not know that a computer is infected with the Kriz virus until the following December 25th. This is when the virus is triggered and begins overwriting crucial data all over the infected machine. If the data stored in the BIOS is erased, this will cripple the machine. The attack may even prevent the computer from booting up. As files are corrupted, cleaning may become impossible. Specific files attacked are ".exe" files, ".scr" (screen saver) files and the kernel32.dll files.
Newer computers with 80486 microprocessors and later CPUs store BIOS memory in flash memory chips. The Kriz virus can infect that memory, much like the Chernobyl (or WIN32.CIH) virus, which was created in 1997 by Cheng Ing-Hau of Taiwan.
The Kriz virus a type of polymorphic virus, which means it resides in the memory until the computer is rebooted. It also encrypts its code, leaving only a small random decrypter in memory. Once it is in memory, the virus will infect the files opened by any application. Users are advised to have their computers scanned before December 25 to screen for the Kriz virus.