Klez virus

Discussion in 'Computer Information' started by Pablo, Jun 24, 2004.

  1. Pablo

    Pablo Guest

    Yesterday I was backing up my files, and I decided to backup all of my
    emails in Outlook Express (even though I haven't used it in a couple
    years...I use Thunderbird) by saving them in a folder. While they were
    copying over, AVG said something about having Klez.

    This morning the virus scan (does it every morning) said that it found
    the Klez virus and...isolated? it.

    I read online that it's apparently really difficult to get rid of, but I
    did another virus scan and it didn't find anything. I also deleted the
    file that had the email in it.

    So...is it gone? Did the virus never actually load?

    Thanks, I've never really had to deal with a virus, so I'm sort of in
    the dark at the moment.

    -Pablo
    Pablo, Jun 24, 2004
    #1
    1. Advertising

  2. Pablo

    Lloyd Jones Guest

    Lloyd Jones, Jun 24, 2004
    #2
    1. Advertising

  3. Pablo

    Pablo Guest

    Thanks, I'll check it out. At least this will teach me to back up more
    often.


    Lloyd Jones wrote:

    > If your AV hasn't found it after it quarantined it, it's probably gone but
    > you can download a removal tool for it form here:
    >
    > http://securityresponse.symantec.com/avcenter/venc/data/
    >
    > LJ
    >
    >
    >
    Pablo, Jun 24, 2004
    #3
  4. Pablo

    Pablo Guest

    Alright, I downloaded it and followed the instructions thus far
    (disabling system restore, disconnecting from network, etc), but I can't
    get into safe mode! Online I've read that you should press F8 for Win
    ME, but Dell's site says "Ctrl." I've done both, multiple times, and it
    doesn't boot into safe mode.

    Think it has something to do with GRUB, the boot loader (I have an old
    install of Linux on a different drive)?


    Lloyd Jones wrote:
    > If your AV hasn't found it after it quarantined it, it's probably gone but
    > you can download a removal tool for it form here:
    >
    > http://securityresponse.symantec.com/avcenter/venc/data/
    >
    > LJ
    >
    >
    >
    Pablo, Jun 24, 2004
    #4
  5. Pablo

    Lloyd Jones Guest

    I've always used F8 on every computer I've had to boot into safe mode. I'm
    sure someone can help you out in here.

    LJ
    Lloyd Jones, Jun 24, 2004
    #5
  6. Pablo

    Jim Berwick Guest

    Pablo <> wrote in news:_gFCc.111683$0y.21654
    @attbi_s03:

    > Alright, I downloaded it and followed the instructions thus far
    > (disabling system restore, disconnecting from network, etc), but I can't
    > get into safe mode! Online I've read that you should press F8 for Win
    > ME, but Dell's site says "Ctrl." I've done both, multiple times, and it
    > doesn't boot into safe mode.


    For ME I believe you can /HOLD/ the left control key down (ctrl) during
    boot and it will give you the boot menu.
    Jim Berwick, Jun 24, 2004
    #6
  7. Pablo

    Unknown Guest

    "Pablo" <> wrote in message
    news:uiECc.175062$Ly.19011@attbi_s01...
    > Yesterday I was backing up my files, and I decided to backup all of my
    > emails in Outlook Express (even though I haven't used it in a couple
    > years...I use Thunderbird) by saving them in a folder. While they were
    > copying over, AVG said something about having Klez.
    >
    > This morning the virus scan (does it every morning) said that it found
    > the Klez virus and...isolated? it.
    >
    > I read online that it's apparently really difficult to get rid of, but I



    http://vil.nai.com/vil/stinger/ and download Stinger to get rid of it and 40
    others in one pass.
    Unknown, Jun 24, 2004
    #7
  8. Pablo

    Unknown Guest

    "Lloyd Jones" <> wrote in message
    news:cbf3qv$lpb$...
    > If your AV hasn't found it after it quarantined it, it's probably gone but
    > you can download a removal tool for it form here:
    >
    >

    http://securityresponse.symantec.com/avcenter/venc/data/
    >
    > LJ
    >
    >
    >


    Symantec removal tools are not as good as Stinger. You need one per
    infection from them and you can only run one of them at a time whereas
    Stinger knows 41 and variants and gets rid of them all in 1 pass.
    Unknown, Jun 24, 2004
    #8
  9. Pablo

    Unknown Guest

    "Pablo" <> wrote in message
    news:_gFCc.111683$0y.21654@attbi_s03...
    > Alright, I downloaded it and followed the instructions thus far
    > (disabling system restore, disconnecting from network, etc), but I can't
    > get into safe mode! Online I've read that you should press F8 for Win
    > ME, but Dell's site says "Ctrl." I've done both, multiple times, and it
    > doesn't boot into safe mode.


    Go to your normal Windows, then Start button and Run. Type Msconfig in there
    and hit enter. When that comes up go to the "boot.ini" tab and in there you
    will see a tick box for "/SAFEBOOT". Put a tick in there, click OK and
    restart. It can ONLY start in Safe Mode from now on. Go into safe mode, do
    whatever you have to do then run Msconfig again, remove that tick and click
    OK and then it boots normally again.
    Unknown, Jun 24, 2004
    #9
  10. Pablo

    Lloyd Jones Guest

    The link I posted will get rid of that virus or it can sometimes be a worm,
    but it will get rid 100%.

    LJ
    Lloyd Jones, Jun 25, 2004
    #10
  11. Pablo

    Unknown Guest

    "Lloyd Jones" <> wrote in message
    news:cbfnq5$64k$...
    > The link I posted will get rid of that virus or it can sometimes be a

    worm,
    > but it will get rid 100%.
    >
    > LJ
    >
    >


    The link you posted is to Symantec tools which are useless. 1 program per
    infection run once at a time OR you can get Stinger, as I said and do 41 of
    them and variants all at once in one pass. What makes more sense? Running
    multiple Symantec tools one at a time to get rid of more than one infection
    or just one program once?
    Unknown, Jun 25, 2004
    #11
  12. Pablo

    Thor Guest

    "Unknown" <> wrote in message
    news:05WCc.375$...
    >
    > "Lloyd Jones" <> wrote in message
    > news:cbfnq5$64k$...
    > > The link I posted will get rid of that virus or it can sometimes be a

    > worm,
    > > but it will get rid 100%.
    > >
    > > LJ
    > >
    > >

    >
    > The link you posted is to Symantec tools which are useless. 1 program per
    > infection run once at a time OR you can get Stinger, as I said and do 41

    of
    > them and variants all at once in one pass. What makes more sense? Running
    > multiple Symantec tools one at a time to get rid of more than one

    infection
    > or just one program once?


    If you know what the infection is and are certain that it is the only
    infection, then the symantec tools are fine. If you know what *multiple*
    infections you have, and you know that Stinger covers them, then using
    Stinger is better suited to the task than the Symantec tools. If you don't
    know what the infection is, then using a scanner that only catches 41
    viruses and worms is not very wise anyway. The symantec tools are no more
    useless than the Stinger tool is in this situation. They are both limited
    essentially to infections you already know about. To use stinger, OR
    Symantec you would have to be aware of what you had in the first place,
    otherwise you would be stupid to only scan for 41 viruses, or one virus. And
    FYI, Symantec updates it's tools when a new variant is released. For
    example, their sasser removal tool, handles all known variants of the sasser
    worm. The difference is in application of the tools. The tools described are
    *removal* tools. That implies that you are aware of the viruses you have. If
    you aren't, then you use a general purpose scanner that checks for
    everything.
    Thor, Jun 25, 2004
    #12
  13. Pablo

    Trent© Guest

    On Thu, 24 Jun 2004 18:43:06 GMT, Pablo <> wrote:

    >Alright, I downloaded it and followed the instructions thus far
    >(disabling system restore, disconnecting from network, etc), but I can't
    >get into safe mode! Online I've read that you should press F8 for Win
    >ME, but Dell's site says "Ctrl." I've done both, multiple times, and it
    >doesn't boot into safe mode.


    Go to the Trend Micro site...and run their Housecalls.


    Have a nice week...

    Trent©

    Follow Joan Rivers' example --- get pre-embalmed!
    Trent©, Jun 26, 2004
    #13
  14. Pablo

    Lloyd Jones Guest

    Don't be so stupid!

    LJ
    Lloyd Jones, Jun 26, 2004
    #14
  15. Pablo

    Lloyd Jones Guest

    Btw, that was meant to go under unknown's post.

    LJ
    Lloyd Jones, Jun 26, 2004
    #15
  16. Pablo

    Thor Guest

    "Lloyd Jones" <> wrote in message
    news:cbjgf2$v9b$...
    > Btw, that was meant to go under unknown's post.
    >
    > LJ
    >
    >


    Lloyd it would help a great deal if you quoted a bit of the posts you were
    replying to.
    Thor, Jun 26, 2004
    #16
  17. Pablo

    Lloyd Jones Guest

    >Lloyd it would help a great deal if you quoted a bit of the posts you were
    >replying to.


    Will do in future. :)

    LJ
    Lloyd Jones, Jun 26, 2004
    #17
  18. Pablo

    Unknown Guest

    "Thor" <> wrote in message
    news:...
    >
    > "Unknown" <> wrote in message
    > news:05WCc.375$...
    > >
    > > "Lloyd Jones" <> wrote in message
    > > news:cbfnq5$64k$...
    > > > The link I posted will get rid of that virus or it can sometimes be a

    > > worm,
    > > > but it will get rid 100%.
    > > >
    > > > LJ
    > > >
    > > >

    > >
    > > The link you posted is to Symantec tools which are useless. 1 program

    per
    > > infection run once at a time OR you can get Stinger, as I said and do 41

    > of
    > > them and variants all at once in one pass. What makes more sense?

    Running
    > > multiple Symantec tools one at a time to get rid of more than one

    > infection
    > > or just one program once?

    >
    > If you know what the infection is and are certain that it is the only


    That is just plain bad advice. If you have gotten ONE infection, chances are
    you have MORE than one.

    > infection, then the symantec tools are fine. If you know what *multiple*


    Nope, they are a waste of time. Stinger does 41 in one pass. Symantec crud
    does one infection per program and only allowed to run one program at a
    time. Complete waste of time.
    Unknown, Jun 26, 2004
    #18
  19. Pablo

    Unknown Guest

    "Lloyd Jones" <> wrote in message
    news:cbjge2$pn6$...
    > Don't be so stupid!
    >
    > LJ
    >
    >


    Yep, you shouldn't be so stupid. You should quote something so we know to
    whom you are replying.
    Unknown, Jun 26, 2004
    #19
  20. Pablo

    Unknown Guest

    "Lloyd Jones" <> wrote in message
    news:cbjgf2$v9b$...
    > Btw, that was meant to go under unknown's post.
    >
    > LJ
    >
    >


    Right - well you ARE being stupid, then, if you cant see that running one
    program to take in 41 possibilities is better than 41 programs, 1 at a time.
    Unknown, Jun 26, 2004
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Guest

    KLEZ 32

    Guest, Aug 7, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    732
  2. Phil B

    Virus, Virus, Virus.....

    Phil B, Sep 22, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    516
    DaveW
    Sep 22, 2003
  3. DS

    Virus in virus?

    DS, Feb 8, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    476
  4. Dangermouse

    virus or not virus

    Dangermouse, Oct 12, 2005, in forum: Computer Support
    Replies:
    5
    Views:
    510
    ellis_jay
    Oct 13, 2005
  5. Peter Maurice Cram

    Norton virus protection shutsdown - virus?

    Peter Maurice Cram, Sep 11, 2004, in forum: Computer Information
    Replies:
    2
    Views:
    603
    WebWalker
    Sep 12, 2004
Loading...

Share This Page