Happy 99 exe


This was the start of a particularly virulent epidemic.

Happy 99 read the message, fireworks, but quite a boring little display .
It came from a friend, so of course (in those far off days) one opened it.

I thought nothing of it until much later when I received an e-mail from an associate,
and immediately following it was another blank e-mail from the same company,
containing only happy 99.exe.

I deleted it by instinct...(I had one computer in the office that had lost it's hard drive by now ) and wrote to him immediately asking if he had just sent me anything else.
He knew nothing about it.

That's the beauty of this pesky little Trojan , you trust its source, and so you will probably open it.

Then it attaches itself to all your outgoing messages and infects everyone else.

If you don't open it, you will be ok, then just delete it.
But if you do open it, follow the instructions below, and then write to everyone you ever contacted and tell them how to fix it and to inform all their contacts.
(taken from Symantec's Virus Index)

 

When being executed, the program also opens a window entitled "Happy New Year 1999 !!" showing a firework display to disguise its other actions. The program copies itself as SCALENE and extracts a DLL that it carries as SKA.DLL into WINDOWS\SYSTEM directory. It also modifies WSOCK32.DLL in WINDOWS\SYSTEM directory and copies the original WSOCK32.DLL into WSOCK32.SKA.

WSOCK32.DLL handles internet-connectivity in Windows 95 and 98. The modification to WSOCK32.DLL allows the worm routine to be triggered when a connect or send activity is detected. When such online activity occurs, the modified code loads the worm's SKA.DLL. This SKA.DLL creates a new email or a new article with UUENCODED HAPPY99.EXE inserted into the email or article. It then sends this email or posts this article.

If WSOCK32.DLL is in use when the worm tries to modify it (i.e. a user is online), the worm adds a registry entry:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce=SKA.EXE

The registry entry loads the worm the next time Windows start.


Removing the worm manually:

  1. delete WINDOWS\SYSTEM\SKA.EXE
  2. delete WINDOWS\SYSTEM\SKA.DLL
  3. in WINDOWS\SYSTEM\ directory, rename WSOCK32.DLL to WSOCK32.BAK
  4. in WINDOWS\SYSTEM\ directory, rename WSOCK32.SKA to WSOCK32.DLL
  5. delete the downloaded file, usually named HAPPY99.EXE

Windows prevents you to do step #3 and #4 above if the machine is still connected to the Internet. The file "windows\system\wsock32.dll" is used whenever the machine is connected to Internet (i.e. through dial-up or LAN connection).


If you are using dial-up connection (i.e. America Online), you need to do the following:

  1. terminate internet connection
    delete WINDOWS\SYSTEM\SKA.EXE
    delete WINDOWS\SYSTEM\SKA.DLL

in WINDOWS\SYSTEM\ directory, rename WSOCK32.DLL to WSOCK32.BAK in WINDOWS\SYSTEM\ directory, rename WSOCK32.SKA to WSOCK32.DLL delete the downloaded file, usually named HAPPY99.EXE


If you are connected to Internet through LAN (i.e. in the office or cable modem), you need to do the following:

  1. From the Start menu, select shutdown-restart in MS DOS mode
  2. type CD \windows\system when DOS prompt (C:\)appears
  3. type RENAME WSOCK32.DLL WSOCK32.BAK
  4. type RENAME WSOCK32.SKA WSOCK32.DLL
  5. type DEL SKA.EXE
  6. type DEL SKA.DLL

That's It, you are now clear. Happy 99 was just one of thousands of pesky virii which will try to infect your computer every day, as we get more aware of them, the perpetrators become cleverer and mask their goods more cleverly. The one tool I have found invaluable over the years is this.

We have recently become an affiliate as so many people ask what we use as company protection. It is very reasonably priced wherever in the world you are (this seems to make a difference!) and updates are available on an almost daily basis, which if you set to download automatically will keep you up to date with latest virus treats.

I have used others and must say that for overall user friendliness, cost effectiveness and the fact that it works - it is the best by far.

Adventure Treks Agrotourism Akamas Alternatives Animals Aliens in Cyprus Art Awards Ayia Napa Banking Books Bungee Business Guide Car Hire Chat Classifieds Contacts Cruises Views Disabled Diving Education Feedback Ferry Fishing Equipment Hire Flying Food General info Pink peace Getting Here Gift shop Greetings History Holiday Horoscope Horse Racing Hotels Intro Kids stuff Larnaca Leather Lefkara Like it/ hate it Limassol links Location Mailing & Privacy Maps Meanderings Newsletter Nicosia Paphos Penfriends Politics Property Protaras Riding Safari Tours Sailing / Boats Search Shopping Site Map Skiing Sport Travel Troodos Wines Villas Weather Weddings Your Pics Zenon/Stoic

 

OUR CYPRUS LINKS

 

HOT LINKS


- All about Cyprus

- Cyprus holidays

- Cyprus villas

- Cyprus car hire

- Cyprus apartments

- Cyprus agrotourism

- Cyprus yachts

- Cyprus hotels

- Cyprus flowers

- Weddings in Cyprus

- Cyprus cruises

 

HOT BUYS


- General shopping

- Cyprus property
- Buy Property

- Buy a yacht in Cyprus

 

GENERAL INTEREST


- Holidays in Cyprus

- Property in Cyprus

- Rent-a-car

- Agrotourism Cyprus

- Villas for rent

- Cyprus hotel guide
- Autobiographies
- Sunny Cyprus

 

 

 

Cruises from Cyprus to Egypt, Israel, Lebanon, Syria, Rhodes and the Greek Islands

 

Car hire and rental throughout Cyprus - airport fly and drive from Larnaca and Paphos

Buy or sell your sailing yacht or motor boat here.

Check out the weather in Cyprus today and everyday of your holiday

 

The following links are a lead into all the different websites about Cyprus which have grown through your requirements over the years. We have responded to your wants and so each service has it's own place.

 

If you are here looking for tourist  information about Cyprus please see the following:

Cyprus Maps

A Window on Cyprus for Everything about Cyprus

 Agrotourism Traditional houses for rent in Cyprus

Cyprus Hotels and self catering Apartments &

 accommodation

 Weekly Cultural Events with Cyprus Art Cyprus property -Land and second hand houses for sale and rental
Cyprus Holiday Villas to rent throughout the island Flights with Cyprus Holidays

Cyprus Property Developers for off the shelf villas and houses
Cyprus Holiday Apartments Have your Wedding in Cyprus Property for sale in Cyprus database
Cyprus Yacht Charters Cyprus Adventure for activities and outings Yachts for sale also crew and delivery,
Cyprus Car Hire for self drive cars, minibus hire, transfers and motorbike rental

Sunny Cyprus -

A Holiday Directory

 

 Ships for sale for vessels worldwide, also crew etc

Cyprus agrotourism village accommodation

 Cyprus Shopping for  classified items, employment & shops Sailing Charters Worldwide
Cruises from Cyprus to Egypt Israel the Greek Islands and others Cyprus Weather for current & averages Cyprus Hotel Net

Cyprus Hotels service

 

 

To find out about tourism in Cyprus please see Here