-
I get this worm at least 50x a day. I have an up-to-date virus scanner. The problem I have noticed is that other people with the virus have spoofed my email address on it. The reply to address it puts in is my address. I do not have the worm, I get a ton of undeliverable mail messages coming back to me. I check the source of the message and my address is in the reply to field. My address is on a website with a lot of traffic. I assume the worm goes through a users temporary internet files and finds address' there. It is a big pain in the a$$. Is there any way I can prevent this? Any advice would be appreciated.
-
apprentice - Since the Klez infected messages typically use another address they find on an infected computer as the "from" on the infected messages they send out, it is pretty hard to avoid if your email is likely to be on many computers due to your website. However, you might try checking the return-path address on infected messages you receive. This might lead you to finding one or more of the infected computers. But should you contact them, they would still have to open and read your email and do something about it before it would help you.
More information on the return-path discussion is found in this thread.
-
emrys - I agree wholeheartedly with zigar on this one. It seems I read somewhere also that such emails claiming to come from Norton or McAfee were used by Klez and actually contained the Klez worm. (I don't have time now to look for it.) But I definitely would not trust anything coming in an email. Make sure you have an antivirus with updated virus definitions on your computer, have it set to scan all files, preferably with heuristics scanning, as well. However, not every email which is "supposed" to contain the worm actually does. I know, I got one which was an exact example of an infected message as shown on the Symantec website, but the message I received was not infected. Others, however, were, and Norton quarantined them.
-
Airhead saith:
"I read somewhere also that such emails claiming to come from Norton or McAfee were used by Klez and actually contained the Klez worm. (I don't have time now to look for it.)"
Trend Micro calls this Klez.g. Norton seens to call this Klez.H
What ever you call it, it is a very powful tool. <lame anti-virius humor>
-
i have not had an email with the klez.h worm yet yippee ive got the removal tool just incase :)
-
Is the tide turning.. or is it just a laps in the flow.. 3 days with out a Klez mail here or at work..
cheers
-
bah stupid me i think i got infected again...so of i go to start up in safe mode once again to remove this damn worm...bah
-
HeyEmrys:
Stop.
Think.
Exactly what did you do that could have infected your computer with the Klez virus ?
::coffee::