# Dealing with the KLEZ virus



## John Corn (Mar 21, 2002)

I'm using Microsoft Outlook Express and I am dealing with a ton of people sending the KLEZ virus in various forms to me.

I try to set up message rules so they will delete any email sending me an attachment off the server but that doesn't seem to solve the problem. Im using NAV.

Can anyone suggest anything?


----------



## gcutler (Mar 23, 2002)

Dosen't Norton Anti Virus intercept the virus. You can program it to autodelete the virus and not even inform you...

Normally I like to be informed, but if that annoying, auto-delete.

Each version of NAV is a little different, but you can set it up to 

A) Ask you or do automatically

1) First try and clean.
2) If fails to clean, either quarantine or delete .


----------



## Steve Mehs (Mar 21, 2002)

I got it a few time, I set norton to inform me then I delete it. I dont even bother to run a clean or quarentene.


----------



## gcutler (Mar 23, 2002)

I have like a 0% success rate with CLEAN. I used to quarantine the files, but then I realized I have no need for the infected file so Auto Delete is the best way to go for me.


----------



## Steve Mehs (Mar 21, 2002)

What is the point of trying to clean a file? Or even quarantine? I mean who would want a useless file on there PC


----------



## gcutler (Mar 23, 2002)

In the old days of viruses, it was possible to "Clean" a file, and when the bad part was removed you had a partial or fully working file. More like a spreadsheet or word processing document with 1/2 the data garbled, but you still had 1/2 the data. Haven't seen a file cleaned in years, either the viruses have gotten stronger or even small bit of corruption loses all data of an MP3 or MPEG???


----------



## Steve Mehs (Mar 21, 2002)

Oh yeah, I forgot about MS Excel/Word macros viruses. Thanks Gcutler


----------



## Bogy (Mar 23, 2002)

Most of the worms/viruses that raid an addressbook and generate their own messages are sending garbage. I don't think I have ever been sent a virus attached to a message anyone actually meant to send me.


----------



## John Corn (Mar 21, 2002)

This virus is not new, but there have been mutations.

Also, the virus checkers don't always catch it because of the way it is embedded in the email message rather than as an attachment.

Virus checkers will look at attachments, but if it's embeded in the message, and the message is previewed, you can be infected.

Basically, exploiting another security hole MS calls a feature. 

So far Norton has done the job.  Guess I'm paranoid.


----------



## Steve Mehs (Mar 21, 2002)

> Guess I'm paranoid.


You paranoid? Im the one that had 2 AV programs and 3 firewalls operating simultainusly for a few days.


----------



## Bob Haller (Mar 24, 2002)

Klez got me Turned out it was the reason for my slow DSL acess and other problems. We bought McAfee about the same time and jen spent hours on the phone with tech support getting our computer working again.


----------



## John Walsh (Apr 22, 2002)

Go to the Microsoft office website and do the updates to outlook. They supposedly won't allow anything to access the address book or create a new email without first asking permission. I also find that Zone Alarm Pro does a pretty good job of not allowing anything access to the net without getting permission first. Of course you have to watch what you give permission to in the first place. As a general rule I do not give permission unless I know that it is legit.


----------

