I'm at wits end with this Virus...HELP

[ssoni223]

My outlooks express killled me again today, b/c of that preview pane autorunning some kind of VBScript. And no, turning OFF the preview pane is not a solution b/c I would still need to OPEN the mail to know its a virus, But anyways.... The subject of the email was "Is not passed in" I was running Norton VirusScan but this peice of garbage has never stopped ANY outlook VBScript virus for me before. After the virus installed itself, VirusScan doesnt even restart. Now, There is a process called "winkjbr.exe" that cant be killed The CPU is getting pinned at times. I deleted all references to winkjbr.exe in the registry. There is no reference to winkjbr.exe anywhere on google.com I rebooted in SAFE mode, and did a search for winkjbr.exe, figuring I'd delete it. It was not found on the hard drive. There us also no reference to "Is not passed in" anywhere.... Any help? I think I'm screwed.

 

[minendo]

My roommate just got a similar virus/program. The one on his computer is called winkhow.exe. I am working on removing it as we speak and if I find any breakthroughs I will let you know asap.

 

[IJump]

Trend Antivirus WORM_KLEZ.E Info


Try that site. It may be the virus that you have. Trend also has a virus scanner in their free tools section called house call. I would also suggest running that and seeing if it finds anything.

 

[ssoni223]

Thanks, that could have been it...
Virus would make WINLOGON.EXE pin the CPU.
The OS became unusable, so I've already reverted to an old backup build.

Need to figure out how to turn off HTML/VBA type email in Outlook Express.
I want to revert to plain text msgs...

 

[n0cmonkey]

Stop using OE. Stop using the preview pane. Do not open emails with attatchments. Do not open emails from people you do not recognize. Use a better anti-virus program. Its pretty simple

 

[DanStp]

Norton antivirus will kill this worm too................if you have your definitions up to date. My dad got hit by it, and you have to have your NAV updated from like 1/15/02 to detect it. This worm also sends out Emails to your friends on your address book, and hides the source of the virus your sending them. NAV is still a great program. Symantec has a tool to kill these worms on their site too.

 

[Apatewnas]

well i can tell u one thing about klez. It made me cry laughing when it tried thit the inbox on my yahoo account. read this!

Date: Tue, 7 May 2002 00:21:43 +1000
From: | Block Address | Add to Address Book
To:

Subject: Worm Klez.E immunity

Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.
Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.
We developed this free immunity tool to defeat the malicious virus.
You only need to run this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.
If so,Ignore the warning,and select 'continue'.
If you have any question,please mail to me.

HAHAAHAHAHAHAHAHAHAHAHAHHAHAHAHAHAHHHAHHHHHHHHHAAAAAAAAAAAAAAAAAAAAAHAHAH

 

[bsobel]

> I was running Norton VirusScan but this peice of garbage has never stopped ANY outlook VBScript virus for me before.

We've had virus defs since November for this, are you sure you have us enabled? (either email scanning or autoprotect?) Or where you just relying on running a weekly scan or something that won't help until after your infected?

Bill

 

[WarCon]

My Norton's stopped Klez.

 

[Texun]

Anyone used AVG fcrom grisoft.com? I used it after I found that my Norton wouldn't work with my new install of XP. While waiting for a fresh CD of Norton to arrive I loaded the free AVG scanner and found that it worked pretty well. I almost never get hit with email bugs, but shortly after installing AVG it happend. Sure enough, AVG nailed it upon entry......... no harm done. For a freebie it damn sure got my vote!

 

[Dreadogg]

I cant beleave there are people out there that will not use Antivirus software, you have to be nuts! I personally use Norton it works great, I have also heard good things about Trend I use thier online scanner once or twice a month just to be sure. I also use a special trojan scanner for scanning files out of news groups and kazza etc.. you can never be sure this is called ???????? (me not telling thats a secret) it works great and has caught a few!

 

[stockjock]

My NAV stopped it too...I'm guessing you don't have your LiveUpDate turned on or you have that preview version of NAV that the subscription eventually runs out.

You got KLEZ'ed!!! and its nasty!!

BTW...if you had your subscription up to date you should have gotten an email from Symantec telling you to be sure to have an up to date def. because this bug has turned nasty!! As a matter of fact I believe all the AVS companies sent out email alerts about this booger!

 

[GregANDTCH]

Here's a page that talks about different "Klez." virus' .
Symantec Link
There's a removal tool there too.