The worm exploits a vulnerability in Microsoft Outlook and Outlook Express in an attempt to execute itself when you open or even preview the message.
Saran saya, _paksa_ user supaya nggak pake Outlook Express atau Microsoft Outlook. Aku sendiri pake Calypso (www.mcsdallas.com) yang udah nggak diproduksi lagi, tapi bisa dibilang kebal dari serangan worm yang nyerang OE dan Outlook. Berikut dari Symantec.com, rasanya nggak susah... To remove the worm: 1. Run LiveUpdate to make sure that you have the most recent virus definitions. 2. Start Norton AntiVirus (NAV), and make sure that NAV is configured to scan all files. For instructions on how to do this, read the document How to configure Norton AntiVirus to scan all files. 3. Run a full system scan. 4. Delete all files that are detected as W32.Klez.D@mm. To edit the registry: 1. Click Start, and click Run. The Run dialog box appears. 2. Type regedit and then click OK. The Registry Editor opens. 3. Navigate to the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run 4. In the right pane, delete the values that refer to the following files: WinSvc.exe Wqk.exe 5. Click Registry, and click Exit. *********** REPLY SEPARATOR *********** On 11/19/01 at 10:17 PM systemadmin guci wrote: Halo admin, Sorry nih cross posting.. Saya punya beberapa Windowz Box (microsoft) dibelakang Linux. Saat ini lagi terinfeksi virus W32.Klez.A@mm Udah coba dibersihin, tapi tetap gak bisa pake AntiVirus 2001. Ada gak rekan2 admin yang pernah ngalami hal serupa. Dan pake utiliti apa buat ngebersihinnya...? Nuhun, GUCI Dapid Candra ---------------------------------- Chief Systems Engineer - karir.com -- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3
