# Klez Worm



## RichW (Mar 29, 2002)

How many of you have been sent this worm in your e-mail?

It seems to me that virus activity has been "kicked up a notch" with the new variants of this worm. I rarely get viruses by email. until recently. I have been sent the Klez worm through four different mailing lists plus two individual emails. One list has sent it out over 7 times. This one is hard to filter in an email server because it uses some special characters to fool the filters. 

What are others experiencing?


----------



## gcutler (Mar 23, 2002)

Depends on the e-mail system, I support Lotus Domino/Notes systems and many of the viruses out there don't know what to do with a Lotus Notes System, so just end up being harmless. Not to say that Notes is less succeptable, but if a virus writer is going to "go for the gusto", they will target MS Outlook based end users.

Anyone supporting a e-mail system should have several layers of Anti-Virus. We have anti-virus on the Firewall, Anti-Virus on the Mail servers, and Anti-Virus on the workstations (and all 3 these all get daily or multiple daily updates). The only way to survive these days  PARANOIA IS THE RULE OF THE DAY


----------



## Steve Mehs (Mar 21, 2002)

Speaking of viruses, I just installed Mcafee on my old machine yesterday, it dected *7* viruses. Now this computer has never had an anti virus program on it before and it has been connected to the net since 12/24/99. I used to download all sorts of crap so I expected this.


----------



## gcutler (Mar 23, 2002)

Just to show how quick it can happen. I was learning W2K Adv Server and had just gotten my DSL router and wanted to surf the internet from the lab machine instead of my "Production Machine". I downloaded a couple of files from legit sources, but I also visited lots of sites just like any surfing spree. 1 day later I finally remember to install an Anti-Virus SW and there were 3 viruses on the machine after only 1 day. The machine had AV on it the week before and then I blew away the config and started from scratch and the other machines on my Lab Network were all running A-V, so I believe that there were no viruses until I made the machine able to surf the internet. 1 Day!!! :shrug:


----------



## Rick_EE (Apr 5, 2002)

The guy in the office next to me got it on Friday.


----------



## Bogy (Mar 23, 2002)

I have received this worm about a half dozen times (three times from one person) on several different computers and mail systems. It has been caught every time by my virus scanner. I use AVG by Grisoft. Free program, free updates. A friend of mine got hit by a worm a few months ago. It took out most of seven networked computers. He had thought he was impregnable. Firewalls, both hardware and software, and MacAfee. After he got hit he downloaded AVG and it found seven viruses on the one computer that wasn't completely wiped out. He doesn't use MacAfee anymore.


----------



## Rage (Aug 19, 2001)

"three times from one person"

Do you mean that there's somebody out there who likes you less than I do?  I got a virus once and it came from typing in the wrong URL. It was one to attack NT but my Norton s/w took care of it.


----------



## Chris Blount (Jun 22, 2001)

Off the subject but Rick, love your avatar. Makes me want to say:

Just a flesh wound!


----------



## Neil Derryberry (Mar 23, 2002)

I'll bite your knees off!


----------



## gcutler (Mar 23, 2002)

Will post this in the correct forum as well. But the Special Edition Monty Python and the Holy Grail DVD is really great. Right now I listening to the Palin/Idle/Cleese commentary, the Jones/Gillian commentary will no doubt be as spectacular. They also have option to display the script onscreen. Haven't even looked at the 2nd DVD of the set yet


----------



## Bogy (Mar 23, 2002)

> _Originally posted by Rage _
> *"three times from one person"
> 
> Do you mean that there's somebody out there who likes you less than I do?  I got a virus once and it came from typing in the wrong URL. It was one to attack NT but my Norton s/w took care of it. *


All three came at the same time. This is a somebody who because of her work receives around 150 to 200 emails a day. At least two of the times she wasn't noted as the sender, but her address was listed as the return address, which tipped me off something was wrong. The worm was taking address out of her book and sending them randomly. When I get an email from you Rage, I fumigate it, put it in isolation for a few days, hose it down real good, and them check it with at least two virus scans. I'm not going to forget that virus you sent me not long ago. That Amish one.


----------



## Rage (Aug 19, 2001)

" I'm not going to forget that virus you sent me not long ago. That Amish one."

Oh! I forgot about that one. That was pretty funny.


----------



## RichW (Mar 29, 2002)

"Just to show how quick it can happen. I was learning W2K Adv Server and had just gotten my DSL router and wanted to surf the internet from the lab machine instead of my "Production Machine". "

With W2K Adv server, you can get worms even without surfing the net. Back in February, I installed one and before I could apply the MS security updates and service pack the next morning, it had gotten the Nimda worm and was trying to propagate it to other servers on the Internet. It had been vulnerable on the net only for about 12 hours.


----------

