Klez virus getting trickier..

MrCodeDude · Apr 27, 2002

Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.
Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.
We developed this free immunity tool to defeat the malicious virus.
You only need to run this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.
If so,Ignore the warning,and select 'continue'.
If you have any question,please mail to me.

NAV caught it..
-- mrcodedude

erikistired · Apr 27, 2002

NAV has caught it trying to infect me thru email 19 times in the last week.

~erik

MrCodeDude · Apr 27, 2002

Also, as Outlook was checking my other accounts, it found another Klez virus, so I quarantined it, then clicked on the message to delete it and an image popped up called like Misfits, it opened in Windows Picture Viewer.. But I didn't double click the attachment, for some stupid reason Outlook thought it would be a good idea to open it iself when I was just clicking on it (once, not double click) to delete the email.. Am I infected? I'm going to run a full system scan now, but fsckin' outlook..
-- mrcodedude

gypsyman · Apr 27, 2002

MrCodeDude... I have had the same thing happen to me with the pop up viewer .. used 1 click to delete and the viewer pops open. No attachments opened. Norton got everything.. PC is clean... I have been hit repeatedly in 3 mailboxes using IE outlook express in the last 2 days. Good luck.

Fritzo · Apr 27, 2002

We get it at least 6 times a day at work.

Nocturnal · Apr 27, 2002

this is the first one to ever hit my mail box. my main e-mail was recently added to a spam list so i guess thats why. stupid outlook!

Kelvrick · Apr 27, 2002

SOmetimes my Nortan will pop up a virus warning and say it failed to fix some virus or something and quarranteened it. Then, I'll try to find the file it says is inftected to delete it, but I won't be able to find it.

Also, I do a full system scan and it doesn't say anything. WTF is up with that? I'm confused, so please expain.

Bullhonkie · Apr 27, 2002

<< SOmetimes my Nortan will pop up a virus warning and say it failed to fix some virus or something and quarranteened it. Then, I'll try to find the file it says is inftected to delete it, but I won't be able to find it.

Also, I do a full system scan and it doesn't say anything. WTF is up with that? I'm confused, so please expain. >>

I think it moves questionable things like that into the quarantine, but don't quote me on that. Have you looked in your NAV quarantine to see what's sitting around there?

Whenever I get a message from NAV saying it had to quarantine something, I immediately open it up and delete the offending file from the quarantine and I also run a scan - just in case.

ThaGrandCow · Apr 27, 2002

<< Also, as Outlook was checking my other accounts, it found another Klez virus, so I quarantined it, then clicked on the message to delete it and an image popped up called like Misfits, it opened in Windows Picture Viewer.. But I didn't double click the attachment, for some stupid reason Outlook thought it would be a good idea to open it iself when I was just clicking on it (once, not double click) to delete the email.. Am I infected? I'm going to run a full system scan now, but fsckin' outlook..
-- mrcodedude >>

Yes, you are infected. That's one of the big things that people complain about with outlook, also one of the big ways that the virus gets spread.

gypsyman · Apr 27, 2002

Hello TheGrandCow.. are you saying that even when you run a full system scan with NAV 2002 and it says you are clean that you can still be infected? Edit... also if microdude or I was infected, would not NAV 2002 catch the virus trying to mail itself out as NAV also checks all outgoing mail?

Hossenfeffer · Apr 28, 2002

Grab the latest virus def's, boot into safe mode and run a full scan. (Make sure you're scanning "all files" and not just "program files)

gypsyman · Apr 28, 2002

OK Hossenfeffer, I just ran full system scan in safe mode.... clean... nothing detected....

gypsyman · Apr 28, 2002

Just ran this Klez cleaning tool.... nothing found.

Klez Cleaner

MrCodeDude · Apr 28, 2002

Well, I'm on my mom's computer right now.. I ran the Klez scan on Safe Mode and guess what, it keeps getting one of those Not Responding error's from Windoze

.. I'm going to turn on System Restore and try it, if it doesn't work, I'll keep System Restore on, boot into Normal Mode, and try and run it..

I doubt I'm infected though, asked around, no one said I *should* be infected. The reason why, if I had ALREADY quarantined the file and the virus was attached to a VALID file, NAV would take out the virus and allow you to keep the VALID file.. I dunno, but I'd rather be safe than sorry, so I'm running a scan right now

-- mrcodedude

gypsyman · Apr 28, 2002

OK I just ran the Norton clean tool... You must disable system restore like the other cleaner and start in safe mode and run it.. Funny thing was the Norton cleaner took about 5 minutes to run and the other one took about 15 seconds. No infection here.

Here is the Norton cleaner link.
Norton Klez cleaner

dakata24 · Apr 28, 2002

i forgot who, but someone posted a link in disabling so vbs scripts wont run, by deleting the file type association in windows explorer.

i noticed another visual basic script association .vbe, should i delete that as well?

MrCodeDude · Apr 28, 2002

Well, I'm running the cleaning thing right now, in Normal Mode, with System Restore off, because the cleaning tool didn't work in Safe Mode for more than 5 minutes before Windoze wanted to crash it

Did a full system scan in Safe Mode, no infected files, I'm guessing I'm clean.
-- mrcodedude

MrCodeDude · Apr 28, 2002

Windoze doesn't like FixKlez thingy from Norton:

Click here to find out why
-- mrcodedude

bsobel · Apr 28, 2002

> for some stupid reason Outlook thought it would be a good idea to open it iself

The reason is Outlook (obviously wrongly) things it's a wav file and is nice enough to want to play it for you when you preview your message.
Bill

guyver01 · Apr 28, 2002

If the Norton Tool doesn't work... i recommend PANDA SOFTWARE'S PQREMOVE program

it's an all-in-one tool that will scan for the most common virii

Fandu · Apr 28, 2002

Time to start using Mozilla people! Not a single virus has managed to infect me through Mozilla. I got the Klez one about 20 times, no biggie, just delete em, it's harmless to Mozilla.

MrCodeDude · Apr 28, 2002

<< If the Norton Tool doesn't work... i recommend PANDA SOFTWARE'S PQREMOVE program

it's an all-in-one tool that will scan for the most common virii >>

Thanks, I'm scanning now

-- mrcodedude

Rob9874 · Apr 29, 2002

<< > for some stupid reason Outlook thought it would be a good idea to open it iself

The reason is Outlook (obviously wrongly) things it's a wav file and is nice enough to want to play it for you when you preview your message.
Bill >>

So should I turn Preview Pane off?

Zipp · Apr 29, 2002

<< So should I turn Preview Pane off? >>

I have mine off Rob.....I think if you do that, you really don't have to worry to much. Just don't open up any email from people you dont know and you'll be fine.

Klez virus getting trickier..

Lifer

Diamond Member

Lifer

Senior member

Lifer

Lifer

Lifer

Golden Member

Diamond Member

Senior member

Diamond Member

Senior member

Senior member

Lifer

Senior member

Diamond Member

Lifer

Lifer

Moderator Emeritus<br>Elite Member

Lifer

Golden Member

Lifer

Diamond Member

Senior member