VIRUS ALERT!! For Windows users out there.

VIRUS ALERT!! For Windows users out there.

Post by GreyClou » Sun, 21 Apr 2002 00:40:34

I'm just the messenger on this one.  I got it out of
comp.os.vms newsgroup.
Might I add also that linux will not be vulnerable to this
new virus either.

"Why? I could have written the same for Macintosh/MacOS systems. It's
just that VMS and MacOS are protected by the excellence their SW
engineers put into their work.

I spent since the beginning of the week more that 16 hours to remove the
new KLEZ virus from two PCs. I got that messages which propagated the
virus, but as I use a Mac (I am an IT professional, you see :-) I just
throwed the message away.

For you information, the message was:



Name: WIN_$100_NOW.DOC.pif
Type: unspecified type (application/octet-stream)
Encoding: base64

This new virus is made of two files, PE_ELKERN and KLEZ.x (I had .E) For
W98, the first one hides itself in KERNEL32.EXE and detects at each
startup (even without the starting applications disabled via msconfig)
if KLEZ is present. If you successfully succeeded to remove it via
FIX_KLEZ.COM, it reinstalls it. You have to build and use first that 6
floppy disks (more than two hours) to eradicate the thing (described
below). It also uses an ie "bug" which allows it to infect the PC even
if you do not open any email attachment (see

The solution is at:


1. Virus Alert: happy99.exe attachment is a virus.

Windows users: Do NOT open the happy99.exe attachment found in various
posts here. It's a well known virus - the user is most likely infected
and it attaches itself to outgoing mails - or mails all on it's own.


2. two ISPs and routers

3. VIRUS ALERT- Linux/*BSD honour virus found

4. HWAddress -> IP address

5. RAM Doubler

6. Alert: Windows may deny users...

7. AIX Performance Toolbox

8. Virus protection against WINDOWS Viruses, server releated.

9. If everyone used Windows (was: VIRUS ALERT!! For Windows users out there.)

10. Virus Alert

11. Virus alert ....

12. VIRUS ALERT: don't panic folks!