View Full Version : Klez virus?
08-24-2002, 10:56 AM
Can someone tell me how a computer is infected with the Klez virus?
I've read that an attached file has to be opened to be infected, which is understandable.
But I have also read just previewing the message can infect you, which I don't understand.
Does that mean the message is infected by HTML or a script of some kind? I would imagine scripted.
How would it be possible to avoid such viruses?
I just checked Outlook Express and found no way of turning off HTML and/or scripts. (If there is a way, please let me know.)
Does that mean if I received such a virus, I am basically hosed if I merely preview the message? ICK... is all I can say to that.
Basically you catch it from an infected email, and yes it runs from a script.
There is a way to prevent scrips from running in OE, go to Tools => Options => Security => Restricted Sites Zone. Then make sure that all scripting, JS and ActiveX is turned off in the Restricted Zone...not prompt, but disabled.
Also under View => Layout and disable the Preview pane.
Of course another option would be to NOT use OE...see the link in my sig...
08-24-2002, 12:15 PM
I already had OE on the Restricted Site Zone. And the Restricted Site Zone is set to the default setting to high which disables just about everything. :) So maybe I already received this virus in the scripted form and didn't even realized it.
I tried using Pegasus right before I asked the question and I didn't see any options for turning off HTML and/or scripting.
Of course most of my time was spent trying to fix a problem. It was trying to access my network printer each time I started the program and each time I tried to view the default installed email messages which caused it to crash each time.
Needless to say, I couldn't find that option and there was no help with that particular problem. So I just decided to uninstall it. When I tried to access OE via the icon, guess what? It couldn't find the program.
I had to open Explorer and find the OE program and start that up and make that my default email program.
Maybe others had better luck with it, but I won't be installing that program again.
08-24-2002, 02:23 PM
I use MailWasher to see what my email is before downloading it and I delete anything that looks like Klez. As a backup, I have Norton AV scanning email and it caught the Klez on the one time I missed it in MailWasher so I was able to delete it before it had a chance to do any damage. I use Netscape for email, so the setup may be a bit different, but generally I would encourage using several layers of security these days.
08-31-2002, 10:43 PM
I've gotten this worm and it took me sometime to get rid of it. When I first got it, I had no idea that I had it. If I remember right, my computer wouldn't close down right and after awhile it got to be annoying. Since then I have gotten a new VS program and twice so far it has comeback to me, but it gotten caught both times.
It is certainly a devil of a worm to get rid of, it took me 3 days to get it off a friend's computer.
09-01-2002, 09:08 AM
To get OE back (if you want to):-
(1)IE Tools<>Options<>Programs and make sure OE is set as EMail
(2)OE Tools<>Options<>Programs and make OE the Default Mail Handler
(3) From Start<>Run and type exactly with quotes and spaces "C:\Program Files\Outlook Express\MSIMN.EXE" /REG
When you used Pegasus it was obviously set as the default mail client - and it doesn't revert back automatically.
Foxmail (http://www.pcworld.com/downloads/file_description/0,fid,16961,00.asp) has HTML turned off by default though you can both use a toggle button or set HTML as default if you want.
btw ... The script (if there - it isn't there with every version) isn't the virus but it can activate the virus attachment without you actually opening it; this wont happen (so far) if the preview pane is disabled or until you open the message.
09-01-2002, 12:02 PM
I had done option #2 last week in order to make OE my default client again.
Right now, I got all Internet options set to high for OE.
Scripting, Java, ActiveX, ect... are all disabled.
If I happen to get this virus, that will teach me not to trust OE (and Microsoft) ever again.
As it stands, I can say that I've only been affected by one virus in all my computer years. And that happened like 5 years ago.
Either I've been very lucky, or just playing it smart. ;)
Powered by vBulletin® Version 4.2.0 Copyright © 2013 vBulletin Solutions, Inc. All rights reserved.