high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Detected by | All Sophos products |
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing infected executable files.
Please read the instructions for removing the W32/ElKern-C and W32/Klez-H viruses.
More Information
W32/ElKern-C is a parasitic virus very similar to W32/ElKern-A but which does not include a payload.
W32/ElKern-C works under Windows 98, Windows Me, Windows 2000 and Windows XP. The virus infects Windows PE executables within the current folder and within all shared folders on the local area network. It is capable of infecting file cavities, meaning that it may not change the size of files it infects.
W32/ElKern-C infects all active processes on NT-based systems and the Explorer process on W9x based systems.
The virus is dropped into the Program Files folder and run by W32/Klez-H.
W32/ElKern-C contains routines to disable the on-access component of virus scanners developed by major anti-virus software vendors. The body of the virus contains the text "Win32 Foroux V1.0" in an encrypted format.
|
