PDA

View Full Version : W32 klez Virus



08-06-2002, 04:33 PM
Every 3-4 days I'm receiving 5-15 w32klez viruses by email. Norton 2002 Antivirus catches them OK but is there a way that automaticly puts them in quaratine with out any input from me.??

08-06-2002, 04:50 PM
Yes, there is.

Open NAV and go to Options, select Autoprotect and in the Actions box select quarantine. You can also choose to delete them if you wish. I'd have look at who is sending them to you if I were you and let them know of your displeasure!

Cheers

Billy 8-{)

08-06-2002, 07:44 PM
Be careful about showing your displeasure!! I was the recipient of one of those from a friend who claimed that I had sent them virus. I spent hours scanning and rescanning my computer with NAV, online scans etc etc thinking that I had said virus only to discover that in actual fact the virus was sent from a mutual friend with MY email address as the 'from' address.

Don't rip into them as the 'from' address may not be the culprit. Don't want you to lose any friends over this.
;-)

sam m

08-06-2002, 10:08 PM
Rip away.. but use the address found in the headers as the return address NOT the from address, as that is a random thing. If i beleived the 'from' addy, i would have to assume that i first got sent klez from myself!

The relevant part of the header is at/near the top, and looks like this:
Return-Path: <virus_sender@paradise.net.nz>
blah blah blah header blah blah blah

Obviously i modified the address in the header to protect privavcy. If anyone has that address they deserve what they get!

08-06-2002, 10:32 PM
Rip away.. but use the address found in the headers as the return address NOT the from address, as that is a random thing. If i beleived the 'from' addy, i would have to assume that i first got sent klez from myself!

The relevant part of the header is at/near the top, and looks like this:
Return-Path: <virus_sender@paradise.net.nz>
blah blah blah header blah blah blah

Obviously i modified the address in the header to protect privavcy. If anyone has that address they deserve what they get!

08-06-2002, 11:20 PM
Yeah that god damn Klez is a pain in the but.

Just stayed behind for around 2 hours after college on Friday helping rid Klez from the system. It slows it down so much.

JMN

08-06-2002, 11:29 PM
Whenever I have get sent a virus or anything, I normally deal with it through my ISP.

Xtra have a service whereby they confirm who sent the e-mail (probably the header thing like you suggest, Chris) but then they also contact the person who sent the e-mail and inform them of the virus...it just makes it more official and believable I guess...some people will doubt :)

Callum