EPOscan has taken action against an email that had your info@earhost.com
address on it.

Sender = info@earhost.com
Recipient(s) = ****@*********.***

The intended recipient(s) will receive a notification of this message.

For more information, please visit http://www3.nisa.net/virusinfo.nisa

All email accounts and domains hosted with Nisa receive free virus scanning of incoming email.
See http://www3.nisa.net/products/hosting.nisa for more information.

WARNING: EPOscan has detected a virus in your above email or attachment that
you have either attempted to send or have within your mailbox. As a result,
the message was not sent. Please contact your Internet Service Provider
immediately for assistance with removing the virus from your computer.
Contacting your ISP immediately is critical in order to protect your PC
from possible corruption by the virus.

Please note that some viruses may put your email address in the header without
you actually having the virus or even sending the offending message out.

The virus scanner revealed...

>>> Virus 'W32/Klez-G' found in file /var/tmp/061114323831470/unpacked/Tqoh.bat


I don't have the email info@earhost.com set up. Is it my machine that is infected or is it the machine the email is hosted on? Please help! :bawling: If it is my machine anyone have any idea how to get rid of it?

I got this message when I sent an email and I got this back because it got rejected for obvious reasons :rolleyes:

James, McAffee has a free removal tool, however there is a good chance you aren't infected. This virus likes to send itself out from *an* infected machine and grab *any* address out of the infected machine's address book and put it in the reply field. SO another person's machine could be infected, they had that address in their address book, and it happened to get pulled and stuck on the outgoing message.

The headers of the email would have helped you to determine if it actually came from your machine, however as I said, there is a good chance that it didn't and you have nothing to worry about. Check for the free tool and for info about the virus to determine if you have it in the first place.

Good news. I just did a scan, no virus on my machine. Thanks for the help Chicken :)

I have been receiving about 5 virus's a day via this forum. The "From" address, comes from a popular poster, and comes with legit topics, its really unusual. I will just have to delete :)

http://download.com.com/3000-2239-10104613.html?tag=lst-0-1 That will remove Klez if you have it.

Originally posted by Chicken
The headers of the email would have helped you to determine if it actually came from your machine, however as I said, there is a good chance that it didn't and you have nothing to worry about. Really I'd say there's more than a "good chance" that if your address in the "from" field it didn't come from your machine. I've looked at dozens of klez-loaded emails, and the address the email looked at first glance to have come from has never been one belonging to the person whose machine was the actual source.

Granted, there's that possibility, and there's likely a connection since that address had to have been available on the infected machine. But in general if your address is there, you should advise people you know or do business with, because one of them is likely to be the real source.

i've had anti-virus software on my PC since i've had one..I've NEVER had a virus...

Then one day I get an email virus warning from the software. I tell the person who sent it to me...he removes it...NOW i get the damn virus 5 times a day!! It is really annoying!

I've scanned my PC and I don't seem to have it but my antivirus quarantine area has about 20 of them hanging out in there....

I wonder if it'll ever die a painful death...

It's also always fun to go through log files and find it looking for places to root onto on my server...guess I should disable the logging of it..but blah...

Speaking of virri I think I'm infected with codered =[. Anyone know a tool to get rid of it?