ECC Home


Contact us
Expert Computer Consulting - 184 Eaglecrest Drive, Matthews, NC 28104  (704) 882-7551
October 3, 2001
In the past few weeks, I have seen more nasty viruses than in any period I can recall. Hybris, Magistr, SirCam, and Nando are but a few of them and the vast majority of computers are not protected, at all.
As of last night, 25% of the computers scanned by McAfee were infected with the Nando virus, which first appeared on September 18!  It is a wicked little devil that resends itself to everyone in the computer's address book, infects every system on the local network, and even inserts itself into the company's homepage, if it can.  The cost of the bad PR due to the infection of every website visitor's system could be staggering.
Unless the antiviral data files have been updated within the past week, the computer is not protected.  Virus software compares files that are opened or executed against a database of "signatures".  With three new viruses every day, systems that have old virus definition files might as well not even be running the software; it will not recognize or stop the new viruses and creates a false sense of security.
Most of the "Roadrunner" clients I have serviced were not running any antiviral software at all and not one of them had been updated.  Since that is one of the most expensive services available, doesn't it stand to reason that the subscribers will tend to be more influential and successful infection of their systems would be the most damaging?
Most computer technicians also tend to ignore the antiviral software altogether.  Don't assume that the guys taking care of your computer even check to see if the antiviral software is working, much less whether it is current.  Most of the companies servicing small businesses have no procedures for regular software maintenance and most of the technicians don't have any data they care about.
I believe that we must have a major publicity campaign to educate the computer user's of the danger and, more importantly, how to check for and perform regular antiviral updates.  If we don't, then I am afraid a truly destructive attack will be outrageously successful.
One fourth of our computers are already infected with Nando.  The virus itself seems to do little except spread.  It does; however, open the door for a follow-up by creating shares to all drives with no password and by holding open every TCP/IP port it can.
We need to move fast, before the next virus comes through those holes.
If I can be of any assistance in this matter, or any of you should have any questions, please feel free to contact me.
Davis M McCarn
184 Eaglecrest Drive
Matthews, NC 28104
(704) 882-7550