**Someone on here needs to run this KLEZ Virus removal tool**
#1
Scooby Regular
Thread Starter
Join Date: Apr 1999
Location: Surferk
Posts: 2,464
Likes: 0
Received 0 Likes
on
0 Posts
Carl the virus spoofs your e-mail address. Your address is held on somebodies PC (lets call it X). X sends itself an e-mail that looks likes it comes from your e-mail address. The owner of X will probably send an e-mail to you saying you a have sent them a virus. You'll run the check and find no virus.
It's a bit complicated but explained well on the Norton site.
Mark
Bugger too late twice over!
[Edited by Mark Champion - 7/4/2002 3:14:41 PM]
It's a bit complicated but explained well on the Norton site.
Mark
Bugger too late twice over!
[Edited by Mark Champion - 7/4/2002 3:14:41 PM]
#2
Don't forget Klez can spoof the "From" Address.
I had a virus warning back from an ISP saying I'd sent an infected message when my PC was OFF and I was 30 miles sat outside enjoying the sunshine.
Our resident AV expert Jack Clark has suffered from this as well.
[Edited by ChrisB - 7/4/2002 3:14:02 PM]
I had a virus warning back from an ISP saying I'd sent an infected message when my PC was OFF and I was 30 miles sat outside enjoying the sunshine.
Our resident AV expert Jack Clark has suffered from this as well.
[Edited by ChrisB - 7/4/2002 3:14:02 PM]
#3
Scooby Regular
Join Date: May 2001
Location: Scotland
Posts: 4,580
Likes: 0
Received 0 Likes
on
0 Posts
Carl, yup its me, I sent you the email yesterday asking who you were!
Thought what the heck is this guy doing sending me a "good tool"
Gotta hand it to the little shytes that write these damn viruses..
[Edited by mega_stream - 7/4/2002 3:51:30 PM]
Thought what the heck is this guy doing sending me a "good tool"
Gotta hand it to the little shytes that write these damn viruses..
[Edited by mega_stream - 7/4/2002 3:51:30 PM]
#4
Moderator
iTrader: (5)
Join Date: Nov 2001
Location: Not all those who wander are lost
Posts: 17,863
Received 0 Likes
on
0 Posts
Mine came from 'scoobiedude@hotmail.com' or something
Never mind, good 'ol Sophos should have licked it anyway
The virus, not the good tool
[Edited by DJ Dunk - 7/4/2002 3:56:15 PM]
Never mind, good 'ol Sophos should have licked it anyway
The virus, not the good tool
[Edited by DJ Dunk - 7/4/2002 3:56:15 PM]
#5
Scooby Regular
Join Date: May 2001
Location: Scotland
Posts: 4,580
Likes: 0
Received 0 Likes
on
0 Posts
I got an email yesterday from someone titled "A good tool", didn't know who it was from so I thought I'ld check out the domain where the mail originated....an Impreza owner...emailed him and asked him, turns out he's been getting suspect emails from various people on Scoobynet.
I know this ones probably been done before, but can people check they have AV software on there PC's! (and its up-to-date)
The clean for this particular virus can be found here..
http://antivirus.about.com/gi/dynami...oval.tool.html
Please read the instructions before using this..
Cheers all
I know this ones probably been done before, but can people check they have AV software on there PC's! (and its up-to-date)
The clean for this particular virus can be found here..
http://antivirus.about.com/gi/dynami...oval.tool.html
Please read the instructions before using this..
Cheers all
#7
Ooh, was it from me?
<carl@bogart.org.uk>
I don't think I have a virus -- it virus-checks clean, I don't have either of your e-mail addresses in my address book, and I don't use microsoft mail software. Also the mail allegedly sent from me was at a time when none of my machines were switched on.
<carl@bogart.org.uk>
I don't think I have a virus -- it virus-checks clean, I don't have either of your e-mail addresses in my address book, and I don't use microsoft mail software. Also the mail allegedly sent from me was at a time when none of my machines were switched on.
Trending Topics
#8
Update -- I read up on the Klez worm and apparently some variants are able to spoof the originator's address. This may explain why I received an e-mail with an attachment specific to MRO Scoobystyling, but the e-mail's originator was not Rob of MRO. It also suggests that someone with one of my e-mail addresses in their address book (who is using Outlook/Outlook Express) has this worm.
#9
Don't forget, Klez masks it's origination point, so the senders e-mail address is pretty useless. Look at the sending machines host IP, you should be able to track it down to an ISP and then you can say "A **** user needs to run this Klez removal tool"
#11
LOL@Mr B, no association with them blah, blah etc don't forget
My AV is updated, I have run the Klez check on mine and I am free, yet it has spoofed my email address as if I was the sender.
Worth doing a quick check, doesn't take long
Michelle.
My AV is updated, I have run the Klez check on mine and I am free, yet it has spoofed my email address as if I was the sender.
Worth doing a quick check, doesn't take long
Michelle.
#13
Scooby Regular
Join Date: May 2001
Location: Scotland
Posts: 4,580
Likes: 0
Received 0 Likes
on
0 Posts
LOL
I didn't tweek that it was a virus at first (due to my Defcon5 AV setup ), so I actually sent Carl an email saying there was no attachment..
I guess what threw me was my recent post about Dewalt power tools
I didn't tweek that it was a virus at first (due to my Defcon5 AV setup ), so I actually sent Carl an email saying there was no attachment..
I guess what threw me was my recent post about Dewalt power tools
#14
Scooby Regular
Join Date: Mar 1999
Location: The Great White North
Posts: 25,080
Likes: 0
Received 0 Likes
on
0 Posts
yeah, klez seems to be infecting quite a few people. have helped some of my RS friends clean it up.
Nasty ****** it is too!
Why do people write viruses?? WHY???
Nasty ****** it is too!
Why do people write viruses?? WHY???
Thread
Thread Starter
Forum
Replies
Last Post
hedgecutter
General Technical
3
25 September 2015 02:35 PM