What do you really see when you look at your desktop? Is it what you saw some minutes earlier? Is there something new on your desktop? Is it supposed to be there?
Like the saying goes, "Look before you leap." I would say in the computer field leaping is clicking. So, you should "Look before you click."
I was working on a computer and left it for another person to use. When the person was through, I looked and found something on the desktop that was unusual. It was the ICQ icon, but it was a virus (wintask.exe) on my system tray on the taskbar. I and my colleague had to battle that for a long time before we could handle it. Finally we had peace. (If you'd like me to give you information on that, you could e-mail me at firstname.lastname@example.org.)
Late last year we had another incident, this time on a Windows2K machine. I saw Readme.exe in the documents menu of the start menu. I looked for a while wondering what this could be. I had already heard about Nimda, and since I was interested in viruses I knew what it was. I wondered why the person had not taken a good look at what he had downloaded and run unknowingly. If he had taken another look, he would have known that it was README.EXE and not README.TXT or README.HTM. Now we all know how fast this virus spreads and how to overcome it on the first day it attacks.
One strange thing was that it had the Internet Explorer logo of a saved HTML page. This could have been the reason why the virus was executed in the first place. Files began to appear on the desktop, the task bar, start menu, etc.
SirCam is another virus that changed to that icon as well. It infects Rundll32.exe and changes its icon the same way. Once this file is deleted and you try to right-click on an icon on the desktop, for instance, the pop-up menu refuses to appear.
The trouble now becomes complex when you have more than one virus working on your system like MTX_.exe as well as SirCam. Both affect Rundll32.exe and could cause greater problems.
I am not talking about the viruses themselves, but you could do some manual deleting of the viruses if the antivirus software would not do the job.
I would also advise you to rename a file or move it to another directory and see if your operating system needs it before deleting the file.
My last bit of advice would be always to show the hidden files and their extension names in your Windows Explorer. You may not realize how much help this offers you until you get struck by a virus that could end the life of your computer.
Always make sure you "Look and look real good." Some e-mail messages come with attachments with filenames ending in .doc.exe or .doc.pif.
This was first published in March 2002