A new computer virus whose origin is not yet clearly known is affecting computer files throughout the world. The virus, first detected on September 22, 2008, has caused extreme disruption by attacking office and operating system files.
‘Dula@204’ attaches itself to executable files and corrupts different types of files. Many experts in the field are expressing their frustration over its special attacking style.
Eyal Ben gal, CEO of ETS Software, an international Microsoft certified company, told Capital that the virus replicates itself in a disruptive way.
“First known by the code name ‘virus.win32.agent.cb’, it continually returns to your computer even if you clean it,” says Mr. Ben gal. “It is very fatal; I have never seen anything like this before.”
The Israeli IT specialist recommended that computer users upgrade their antivirus software continually to effectively protect from such attacks.
According to research, computer viruses have been around since the invention of PCs and target different files. The wide use of the internet has accelerated the dissemination of viruses through enhanced file sharing and downloading capabilities. Historically, computer graduates, programmers and hackers have been developing computer viruses for a variety of purposes.
“For example, hackers develop viruses in the form of programs to enter into other peoples’ accounts and access personal information,” Mr. Ben gal explained.
Even the country’s computer experts have been challenged to deal with the unique virus.
“By modifying Windows registry and adding its own key to run itself when Windows starts, it is disrupting all my files,” Dawit Kiros, a computer expert said, adding that the main problem with this virus is that infected files cannot be recovered once they are lost. “Antivirus software like Kaspersky run all the time and prevent your computer from being infected.
TsereDulla, an antivirus developed by the Information Network Society Agency (INSA), on the other hand cleans files but cannot recover them once lost.”
The Ethiopian Telecommunications Corporation (ETC) has sent an SMS message to its customers advising computer users to download the TsereDulla either from its or INSA’s website.
It says the virus replaces many bytes of important data with ‘garbage’ bytes making the files corrupt and difficult to view. It further added its antivirus is not compatible with Vista but that work is in progress to recover damaged files and make the software compatible with Vista.
However, INSA seemed to have encountered serious trouble with its previous version of the antivirus.
“There was a harmful bug in our previous virus removal algorithm, making some files especially at risk,” INSA said on its website. “We apologize for the damage caused and recommend those affected by it to reinstall their files. Those who encountered serious problems are welcome to contact our agency for further support.”
Users are also perplexed by the virus’s unique characters. While some encounter difficulty in restarting their computer after downloading TsereDulla, others found the virus continued coming back after being cleaned. Accordingly, antivirus experts like ETS are offering tech support for troubled computers.
An IT specialist advised people who have infected computers to follow carefully a series of procedures to clean their computers.
“To disinfect the virus, download the latest version of TsereDulla and remove services related with Dulla,” the IT specialist recommended. “Then, use Kaspersky or Avira antivirus for prevention and periodically update antivirus programs.”