May 30th, 2002 04:12 PM
I get this worm at least 50x a day. I have an up-to-date virus scanner. The problem I have noticed is that other people with the virus have spoofed my email address on it. The reply to address it puts in is my address. I do not have the worm, I get a ton of undeliverable mail messages coming back to me. I check the source of the message and my address is in the reply to field. My address is on a website with a lot of traffic. I assume the worm goes through a users temporary internet files and finds address' there. It is a big pain in the a$$. Is there any way I can prevent this? Any advice would be appreciated.
May 31st, 2002 10:43 PM
apprentice - Since the Klez infected messages typically use another address they find on an infected computer as the "from" on the infected messages they send out, it is pretty hard to avoid if your email is likely to be on many computers due to your website. However, you might try checking the return-path address on infected messages you receive. This might lead you to finding one or more of the infected computers. But should you contact them, they would still have to open and read your email and do something about it before it would help you.
More information on the return-path discussion is found in this thread.
May 31st, 2002 11:06 PM
emrys - I agree wholeheartedly with zigar on this one. It seems I read somewhere also that such emails claiming to come from Norton or McAfee were used by Klez and actually contained the Klez worm. (I don't have time now to look for it.) But I definitely would not trust anything coming in an email. Make sure you have an antivirus with updated virus definitions on your computer, have it set to scan all files, preferably with heuristics scanning, as well. However, not every email which is "supposed" to contain the worm actually does. I know, I got one which was an exact example of an infected message as shown on the Symantec website, but the message I received was not infected. Others, however, were, and Norton quarantined them.
June 1st, 2002 01:34 AM
"I read somewhere also that such emails claiming to come from Norton or McAfee were used by Klez and actually contained the Klez worm. (I don't have time now to look for it.)"
Trend Micro calls this Klez.g. Norton seens to call this Klez.H
What ever you call it, it is a very powful tool. <lame anti-virius humor>
June 3rd, 2002 12:48 PM
i have not had an email with the klez.h worm yet yippee ive got the removal tool just incase
By the sacred **** of the sacred psychedelic tibetan yeti ....We\'ll smoke the chinese out
The 20th century pharoes have the slaves demanding work
June 3rd, 2002 01:08 PM
Is the tide turning.. or is it just a laps in the flow.. 3 days with out a Klez mail here or at work..
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
June 9th, 2002 10:07 PM
bah stupid me i think i got infected again...so of i go to start up in safe mode once again to remove this damn worm...bah
\"\"A weak mind is like a microscope, which magnifies trifling things but cannot receive great ones.\" — G.K. Chesterton, 19th-century English essayist and poet\"
June 10th, 2002 10:27 AM
Exactly what did you do that could have infected your computer with the Klez virus ?