What is Kriz virus (W32.Kriz, W32.Kriz.dr, or PE_KRIZ)? - Definition from WhatIs.com

Definition

Kriz virus (W32.Kriz, W32.Kriz.dr, or PE_KRIZ)

Discovered in the fall of 1999, the Kriz virus (known more formally as W32.Kriz, W32.Kriz.dr, or PE_KRIZ) infects files on Windows 9x and Windows NT and 2000 systems. It has a potentially devastating payload that triggers on December 25th of any year once an infected file is run. When this happen the virus overwrites files on the floppy disk drive, hard drive, RAM drive, and network drives. It also erases the information stored on the computer's basic input/output system ( BIOS ). Although this can only happen on certain types of BIOS systems, a successful attempt could prevent the computer from booting up - even if a floppy disk is used. This behavior is similar to that caused by the CIH virus . In some cases, the Kriz virus will corrupt the file it infects and cleaning may not be possible.

W32.Kriz is known as a polymorphic virus, meaning it will reside in computer memory until the next time the system is rebooted. This virus encrypts its code, leaving only a small random decryptor. This virus will infect files as they are opened by any application while it is in memory. This will occur when a user scans files as well. In other words, computers users may be infected but not know about the virus until the following Dec. 25.

The Kriz virus is also known as Win32/Kriz, Win32.Kriz.3862, and Win32.Kriz.3740.

This was last updated in March 2011
Posted by: Margaret Rouse

Related Terms

Definitions

  • critical infrastructure security

    - Critical infrastructure security is the area of concern surrounding the protection of systems, networks and assets whose continuous operation is deemed necessary to ensure the security of a given n... (WhatIs.com)

  • virtual machine escape

    - Virtual machine escape is an exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. (WhatIs.com)

  • ransomware

    - Ransomware is a type of malware used for data kidnapping, an exploit in which the attacker encrypts the victim's data and demands payment for the decryption key. Sometimes the malware dupes the vic... (WhatIs.com)

Glossaries

  • Security threats and countermeasures

    - Terms related to security threats, including definitions about anti-virus programs or firewalls and words and phrases about malware, viruses, Trojans and other security attacks.

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question About Kriz virus (W32.Kriz, W32.Kriz.dr, or PE_KRIZ)Powered by ITKnowledgeExchange.com

Get answers from your peers on your most technical challenges

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.