Lots of Virus's coming my way lately?

Jim · 04-29-2002, 08:11 PM

In the last few days I have been getting lots of infected emails, anybody else? Seems to be the same virus.

Norton is doing its job, is there any way for me to fight back against the senders?

Jim

Joe · 04-29-2002, 10:10 PM

Here is a dump from my Trend Interscan Virus Wall that monitors and filters all the email on my local email server:

Quote:

[email]
7. Date : 04/24/2002 15:34:31
File : Bb.pif
From : <TERMINATE@GATOR.COM>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
8. Date : 04/24/2002 20:38:06
File : size.scr
From : <htl@surfnet.fi>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
9. Date : 04/25/2002 00:15:17
File : WIDTH.pif
From : <jordanja@pop.belmont.edu>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
10. Date : 04/25/2002 02:13:12
File : MDIALTON.scr
From : <htl@surfnet.fi>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
11. Date : 04/25/2002 10:24:15
File : Fmvj.bat
From : <jordanja@pop.belmont.edu>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
12. Date : 04/25/2002 16:30:28
File : creativefps1600b[1].scr
From : <support@gator.com>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
13. Date : 04/25/2002 17:36:50
File : play.exe
From : <bjgnal@quick.cz>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.E

[email]
14. Date : 04/26/2002 02:02:45
File : class.scr
From : <htl@surfnet.fi>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
15. Date : 04/26/2002 17:56:51
File : FAX 252.pif
From : <mpisaac@clear.net.nz>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
16. Date : 04/29/2002 05:05:37
File : URL.scr
From : <manelcatalan@canbruixa.com>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
17. Date : 04/29/2002 05:36:15
File : src.bat
From : <olikno@infonie.be>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
18. Date : 04/29/2002 06:06:14
File : biosvideothumb[1].exe
From : <afn51965@afn.org>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

[email]
19. Date : 04/29/2002 07:48:46
File : sunhydraulik[1].exe
From : <tilly@swissflow.com>
To : <X@X.com>
Action : clean failed - deleted
Virus : WORM_KLEZ.G

X@X.com is just my local domain email... dont like giving it out.

check it out even Swiss Flow is getting in on the KLEZ action.

Jim · 04-29-2002, 10:24 PM

Joe-

Yep that is the same worm virus I keep having sent to me, Norton is catching it.
"Klez.g"

What is this "Swiss Flow" you refer to?

Jim

sunblade · 05-04-2002, 12:40 AM

Quote:

Originally posted by Joe
From : <support@gator.com>

LOL, I knew gator was pure evil.

What scares me the most are the people who don't care if they have viruses because "I've had them on here forever and they haven't done anything to me."

Jim · 05-04-2002, 09:52 AM

Joe (anybody) ?-

Does your program delete the entire attachment when infected and not repaired?

With my setup on Norton AV I have it checked to delete the infected attachement, but an attachment comes through regardless.

I virus scan the file and no virus is found, but I'll be dammed if I am going to open it to see if it is infected or not! I would have thought the attachment would be deleted before it get to OExpress but it is still present.

Any help is appreciated. I sent a question to Symantec about this with no reply so far.

TIA
Jim

Brad · 05-05-2002, 01:36 AM

everyone is getting klez right now... its the current virus of the month

Joe · 05-05-2002, 01:57 AM

Well it wouldnt be if people would stop using The Virus Explorer - Outlook Express/Outlook

ksw · 05-05-2002, 04:29 AM

WOW. i feel weird... ive only gotten 42 emails containing w32.CIH since 12th of april

Joe · 05-06-2002, 12:07 AM

CIH?!

I thought that virus was killed off a long time ago. That was the first of the viruses that scrambles some BIOS

ksw · 05-06-2002, 12:53 PM

as i said, ive gotten A LOT of w32.cih... nad i tell you. its a PEST to get rid of.
a REAL pest..
i wouldnt have nopticed it in time unless Half-life said the hl.exe file was corrupted.. ONE more day, and KABOOM my comp would have been scrap. and i mean it.

04-29-2002, 08:11 PM	#1
Jim Cooling Savant Join Date: Feb 2002 Location: Illinois Posts: 389	Lots of Virus's coming my way lately? In the last few days I have been getting lots of infected emails, anybody else? Seems to be the same virus. Norton is doing its job, is there any way for me to fight back against the senders? Jim

05-05-2002, 01:36 AM	#6
Brad Thermophile Join Date: Oct 2001 Location: Nuu Zeeelin Posts: 3,175	everyone is getting klez right now... its the current virus of the month __________________ 2x P3 1100's at 1400, Abit VP6, 2x Corsair 256mb PC150 sticks, 20gb 'cuda ATA-III, 2x 40gb 'cuda ATA-IV in raid 0. 20" Trinitron. No fans 2x 2400+ at 2288mhz (16.0 x 143), Iwill MPX2, 2x Kingmax PC-3200 256mb sticks, 4x 20gb 60gxp in Raid 5 on a Promise SX6000. Asus Ti4200 320/630. Cooled by Water

05-05-2002, 01:57 AM	#7
Joe The Pro/Life Support System Join Date: Dec 1999 Location: Denver, CO Posts: 4,041	Well it wouldnt be if people would stop using The Virus Explorer - Outlook Express/Outlook __________________ Joe - I only take this hat off for one thing... ProCooling archive curator and dusty skeleton.

05-05-2002, 04:29 AM	#8
ksw Cooling Savant Join Date: Feb 2002 Location: SWEDEN(cold...) Posts: 195	WOW. i feel weird... ive only gotten 42 emails containing w32.CIH since 12th of april __________________ www.webraced.com <- addicted as hell /me is!

05-06-2002, 12:07 AM	#9
Joe The Pro/Life Support System Join Date: Dec 1999 Location: Denver, CO Posts: 4,041	CIH?! I thought that virus was killed off a long time ago. That was the first of the viruses that scrambles some BIOS __________________ Joe - I only take this hat off for one thing... ProCooling archive curator and dusty skeleton.

04-29-2002, 10:24 PM	#3
Jim Cooling Savant Join Date: Feb 2002 Location: Illinois Posts: 389	Joe- Yep that is the same worm virus I keep having sent to me, Norton is catching it. "Klez.g" What is this "Swiss Flow" you refer to? Jim

05-04-2002, 09:52 AM	#5
Jim Cooling Savant Join Date: Feb 2002 Location: Illinois Posts: 389	Joe (anybody) ?- Does your program delete the entire attachment when infected and not repaired? With my setup on Norton AV I have it checked to delete the infected attachement, but an attachment comes through regardless. I virus scan the file and no virus is found, but I'll be dammed if I am going to open it to see if it is infected or not! I would have thought the attachment would be deleted before it get to OExpress but it is still present. Any help is appreciated. I sent a question to Symantec about this with no reply so far. TIA Jim

05-06-2002, 12:53 PM	#10
ksw Cooling Savant Join Date: Feb 2002 Location: SWEDEN(cold...) Posts: 195	as i said, ive gotten A LOT of w32.cih... nad i tell you. its a PEST to get rid of. a REAL pest.. i wouldnt have nopticed it in time unless Half-life said the hl.exe file was corrupted.. ONE more day, and KABOOM my comp would have been scrap. and i mean it. __________________ www.webraced.com <- addicted as hell /me is!

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)