BARBELITH underground
 

Subcultural engagement for the 21st Century...
Barbelith is a new kind of community (find out more)...
You can login or register.


Underground > Conversation >

Klez virus...help!

  
 
Murray Hamhandler
21:32 / 07.12.02
So I've been getting all of these unexplained e-mails lately that I had assumed were simple spam, but then I noticed that an inordinate number of them had the word 'klez' in the subject. A quick web search has revealed (to my less than tech-savvy self) that this is a virus. This is the opposite of good, I would imagine. Soooo...what do I do about this? They're being sent through my university e-mail account, if that makes any difference. Help is greatly appreciated!
 
 
Less searchable M0rd4nt
23:27 / 07.12.02
Hokay. Not really my line of work, but here's what I know:

Klez is a nasty wee bugger. First stop is your Uni's computery nerve centre, en route to Grass-Upon-The-Fucker. Thence to Backupville, via Virus-Checkton. (I presume you have a decent virus checker installed.)

Google for up-to-date advice on how to deal with the latest variation on the Klez theme. While you're online, visit SamSpade.org for details on how to report the abuse.

BTW: are you getting any blank emails with no attachments? These too are wormy.
 
 
The Apple-Picker
04:18 / 08.12.02
Hm. I have received some blank e-mails with no attachments. I think I opened one or two. Every other I've seen I've just deleted. Am I in trouble?
 
 
Tezcatlipoca
06:30 / 08.12.02
Right, here we go again. Essentially, Miss Carnival has hit the nail on the head with regards to what the Klez is, and how to identify it. For the cure there are several options but the one I sincerely advise is to go here and download their free Anti-virus checker, AVG. This program will quite happily blitz all current (as of 25th November) Klez worms and their variants, and repair any damaged files afterwards.
If you keep using the program - which I advise you to do since it will guard against you getting new viruses - just make sure you update its database about once a month to keep up with newly produced viruses.

If you are using Microsoft's Outlook/Outlook Express, I suggest you go install the updated security patches for your version, which can be found here. Better still, stop using it, as Outlook is possibly the best virus propagation tool ever written (in fact, the Klez family was designed purely with spreading via Outlook in mind).

Hope this helps...
 
 
The Apple-Picker
07:07 / 08.12.02
I have Norton AntiVirus "autoprotect" running on my computer all the time, and it runs a virus scan every week. It hasn't come across any yet. Should I be okay then?
 
 
Murray Hamhandler
16:50 / 08.12.02
Thanks for the heads-up. I generally only check my campus mail on uni computers, but I've got my own (if I ever get the bugger set up). Should I probably just avoid checking my campus mail via my computer?
 
 
Linus Dunce
18:07 / 08.12.02
I'd consider installing a personal firewall like Zonealarm (I think there's another good free one by Syquest?) as well as AV software and using an alternative e-mail client. But none of this will make you invincible, no matter how much money you spend. You'll just have to weigh up the balance of cost, convenience and risk for yourself.

Personally, I do all the above, and I probably would check my college e-mail. But I don't do chat or filesharing (also risky businesses) because I don't get enough out of the experiences to make them worth the hassle. You might, though.
 
 
w1rebaby
18:47 / 08.12.02
Seriously, the best and easiest way to avoid this stuff is to not use Outlook. Virus checkers and firewalls only go so far, and are all post-hoc damage-limitation fixes. I have received virus emails, but none of them has ever affected me at all. Try Eudora, or Pegasus Mail, or use webmail all the time.

(Or use Linux.)
 
 
Tezcatlipoca
18:55 / 08.12.02
I have Norton AntiVirus "autoprotect" running on my computer all the time, and it runs a virus scan every week. It hasn't come across any yet. Should I be okay then?

I'd assume so. As long as it's kept up to date, of course.
 
 
Linus Dunce
19:25 / 08.12.02
Oh, that reminds me. No matter what you're using, never, ever open an attachment unless you're sure it's OK or are willing to take the risk. If you open something, you give it permission to do whatever it likes, including maybe switching off your firewall and AV before it gets to work. If I understand correctly, that's how they work. (You could say that a virus that runs automatically does so by making your computer assume you have given permission.)

Not sure about webmail. Aren't there some Internet Explorer security loopholes? But you could use Netscape, Mozilla, or whatever instead to get round this.

Macs don't get so many virii, either.
 
 
Murray Hamhandler
21:56 / 08.12.02
I check my campus mail through a webmail system. And I haven't opened any unknown attachments. I guess I'm just curious as to whether or not there's any way that I can block future "klez" e-mails (noting that my campus mail system has no spam filter to my knowledge). Probably just going to have to delete them as they arrive, yes? And make sure not to open any of them?
 
 
w1rebaby
22:02 / 08.12.02
If it's through webmail then you're pretty safe. Just don't open anything. Try not to use IE, since while I don't think Klez exploits it, there are viruses which do. If you don't have any choice, make sure everything to do with ActiveX (spit, spit) is turned off.
 
  
Add Your Reply