Original Posted By: Michael Conkling
I have found out that the Happy99.exe attachment may be a virus. Do notopen itCraigI have found out that the Happy99.exe attachment may be avirus. Donot open itCraig________________________________________________________________________________
Pietenpol-List: Happy99.exe
Pietenpol-List: Re: Happy99.exe
Original Posted By: steve(at)byu.edu
This is what Norton antivirus had to say about it Virus Information Virus Name: Happy99.Worm Aliases: I-Worm. Happy Infects: N/A Likelihood: Common Length: 10000 bytes Characteristics Memory Resident No Triggered Event No Size Stealth No Encrypting No Full Stealth No Polymorphic No Comments This worm modifies WSQCK32.DLL to send itself as attachment when aposting is made to USENET or MAIL. Delete SKA.EXE and SKA.DLL inWINDOWSSYSTEM folder and replace WSOCK32.DLL with WSOCK32.SKA inWINDOWSSYSTEM folder________________________________________________________________________________
This is what Norton antivirus had to say about it Virus Information Virus Name: Happy99.Worm Aliases: I-Worm. Happy Infects: N/A Likelihood: Common Length: 10000 bytes Characteristics Memory Resident No Triggered Event No Size Stealth No Encrypting No Full Stealth No Polymorphic No Comments This worm modifies WSQCK32.DLL to send itself as attachment when aposting is made to USENET or MAIL. Delete SKA.EXE and SKA.DLL inWINDOWSSYSTEM folder and replace WSOCK32.DLL with WSOCK32.SKA inWINDOWSSYSTEM folder________________________________________________________________________________
Pietenpol-List: Re: Happy99.exe
Original Posted By: Jgmatt2(at)aol.com
Ken Hannan,You wroteThis worm modifies WSQCK32.DLL to send itself as attachment when a postingis made to USENET or MAIL. Delete SKA.EXE and SKA.DLL in WINDOWSSYSTEMfolder and replace WSOCK32.DLL with WSOCK32.SKA in WINDOWSSYSTEM folderHow do you replace WSOCK32.DLL with WSOCK32.SKA.I have no problems with the delete but the replace has me baffledCraig=FF=FE=00=0D=00=0A==00=00=00=0D=00=0A==00=00=00=0D=00=0A==00=0D=00=0A==00=00=0D=00=0A==00=00=00=00=00=00=00=0D=00=0A==00=00=0D=00=0A==00=00K=00e=00n=00=00H=00a=00n=00n=00a=00n=00,=00=00=0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00Y=00o=00u=00=00w=00r=00o=00t=00e=00&=00n=00b=00s=00p=00;=00 =00=0D=00=0A==00=00T=00h=00i=00s=00 =00w=00o=00r=00m=00=00m=00o=00d=00i=00f=00i=00e=00s=00=00W=00S=00Q=00C=00K=003=002=00.=00D=00L=00L=00 =00t=00o=00=00s=00e=00n=00d=00 =00i=00t=00s=00e=00l=00f=00 =00a=00s=00=00a=00t=00t=00a=00c=00h=00m=00e=00n=00t=00 =00w=00h=00e=00n=00 =00a=00=00p=00o=00s=00t=00i=00n=00g=00 =00i=00s=00 =00=0D=00=0A==00m=00a=00d=00e=00 =00t=00o=00 =00U=00S=00E=00N=00E=00T=00 =00o=00r=00=00M=00A=00I=00L=00.=00 =00D=00e=00l=00e=00t=00e=00=00S=00K=00A=00.=00E=00X=00E=00 =00a=00n=00d=00=00S=00K=00A=00.=00D=00L=00L=00 =00i=00n=00=00W=00I=00N=00D=00O=00W=00S=00=00S=00Y=00S=00T=00E=00M=00=00f=00o=00l=00d=00e=00r=00 =00a=00n=00d=00 =00=0D=00=0A==00r=00e=00p=00l=00a=00c=00e=00=00W=00S=00O=00C=00K=003=002=00.=00D=00L=00L=00 =00w=00i=00t=00h=00=00W=00S=00O=00C=00K=003=002=00.=00S=00K=00A=00 =00i=00n=00=00W=00I=00N=00D=00O=00W=00S=00=00S=00Y=00S=00T=00E=00M=00=00f=00o=00l=00d=00e=00r=00=00=00=0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00H=00o=00w=00 =00d=00o=00 =00y=00o=00u=00=00r=00e=00p=00l=00a=00c=00e=00=00W=00S=00O=00C=00K=003=002=00.=00D=00L=00L=00 =00w=00i=00t=00h=00=00W=00S=00O=00C=00K=003=002=00.=00S=00K=00A=00.=00=00==0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00I=00 =00h=00a=00v=00e=00 =00n=00o=00=00p=00r=00o=00b=00l=00e=00m=00s=00 =00w=00i=00t=00h=00 =00t=00h=00e=00=00d=00e=00l=00e=00t=00e=00 =00b=00u=00t=00 =00t=00h=00e=00=00r=00e=00p=00l=00a=00c=00e=00 =00h=00a=00s=00 =00m=00e=00=00b=00a=00f=00f=00l=00e=00d=00=00=0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00C=00r=00a=00i=00g=00=00=00=00=0D=00=0A==00________________________________________________________________________________
Ken Hannan,You wroteThis worm modifies WSQCK32.DLL to send itself as attachment when a postingis made to USENET or MAIL. Delete SKA.EXE and SKA.DLL in WINDOWSSYSTEMfolder and replace WSOCK32.DLL with WSOCK32.SKA in WINDOWSSYSTEM folderHow do you replace WSOCK32.DLL with WSOCK32.SKA.I have no problems with the delete but the replace has me baffledCraig=FF=FE=00=0D=00=0A==00=00=00=0D=00=0A==00=00=00=0D=00=0A==00=0D=00=0A==00=00=0D=00=0A==00=00=00=00=00=00=00=0D=00=0A==00=00=0D=00=0A==00=00K=00e=00n=00=00H=00a=00n=00n=00a=00n=00,=00=00=0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00Y=00o=00u=00=00w=00r=00o=00t=00e=00&=00n=00b=00s=00p=00;=00 =00=0D=00=0A==00=00T=00h=00i=00s=00 =00w=00o=00r=00m=00=00m=00o=00d=00i=00f=00i=00e=00s=00=00W=00S=00Q=00C=00K=003=002=00.=00D=00L=00L=00 =00t=00o=00=00s=00e=00n=00d=00 =00i=00t=00s=00e=00l=00f=00 =00a=00s=00=00a=00t=00t=00a=00c=00h=00m=00e=00n=00t=00 =00w=00h=00e=00n=00 =00a=00=00p=00o=00s=00t=00i=00n=00g=00 =00i=00s=00 =00=0D=00=0A==00m=00a=00d=00e=00 =00t=00o=00 =00U=00S=00E=00N=00E=00T=00 =00o=00r=00=00M=00A=00I=00L=00.=00 =00D=00e=00l=00e=00t=00e=00=00S=00K=00A=00.=00E=00X=00E=00 =00a=00n=00d=00=00S=00K=00A=00.=00D=00L=00L=00 =00i=00n=00=00W=00I=00N=00D=00O=00W=00S=00=00S=00Y=00S=00T=00E=00M=00=00f=00o=00l=00d=00e=00r=00 =00a=00n=00d=00 =00=0D=00=0A==00r=00e=00p=00l=00a=00c=00e=00=00W=00S=00O=00C=00K=003=002=00.=00D=00L=00L=00 =00w=00i=00t=00h=00=00W=00S=00O=00C=00K=003=002=00.=00S=00K=00A=00 =00i=00n=00=00W=00I=00N=00D=00O=00W=00S=00=00S=00Y=00S=00T=00E=00M=00=00f=00o=00l=00d=00e=00r=00=00=00=0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00H=00o=00w=00 =00d=00o=00 =00y=00o=00u=00=00r=00e=00p=00l=00a=00c=00e=00=00W=00S=00O=00C=00K=003=002=00.=00D=00L=00L=00 =00w=00i=00t=00h=00=00W=00S=00O=00C=00K=003=002=00.=00S=00K=00A=00.=00=00==0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00I=00 =00h=00a=00v=00e=00 =00n=00o=00=00p=00r=00o=00b=00l=00e=00m=00s=00 =00w=00i=00t=00h=00 =00t=00h=00e=00=00d=00e=00l=00e=00t=00e=00 =00b=00u=00t=00 =00t=00h=00e=00=00r=00e=00p=00l=00a=00c=00e=00 =00h=00a=00s=00 =00m=00e=00=00b=00a=00f=00f=00l=00e=00d=00=00=0D=00=0A==00=00&=00n=00b=00s=00p=00;=00=00=0D==00=0A==00=00C=00r=00a=00i=00g=00=00=00=00=0D=00=0A==00________________________________________________________________________________
Pietenpol-List: Re: Happy99.exe
Original Posted By: Gandalf
Craig:You cannot replace the WSOCK32 file as indicated with windows. Windows willnot let you do it. Exit Windows into MSDOS. Use CD to get to theWindowsSYSTEM subdirectory then copy command to replace the file. I did itand it worked fine. Restart Windows.Joe________________________________________________________________________________
Craig:You cannot replace the WSOCK32 file as indicated with windows. Windows willnot let you do it. Exit Windows into MSDOS. Use CD to get to theWindowsSYSTEM subdirectory then copy command to replace the file. I did itand it worked fine. Restart Windows.Joe________________________________________________________________________________