Results 1 to 9 of 9

Thread: Klez virus

  1. #1

    Unhappy Klez virus

    EPOscan has taken action against an email that had your [email protected]
    address on it.

    Sender = [email protected]
    Recipient(s) = ****@*********.***

    The intended recipient(s) will receive a notification of this message.

    For more information, please visit

    All email accounts and domains hosted with Nisa receive free virus scanning of incoming email.
    See for more information.

    WARNING: EPOscan has detected a virus in your above email or attachment that
    you have either attempted to send or have within your mailbox. As a result,
    the message was not sent. Please contact your Internet Service Provider
    immediately for assistance with removing the virus from your computer.
    Contacting your ISP immediately is critical in order to protect your PC
    from possible corruption by the virus.

    Please note that some viruses may put your email address in the header without
    you actually having the virus or even sending the offending message out.

    The virus scanner revealed...

    >>> Virus 'W32/Klez-G' found in file /var/tmp/061114323831470/unpacked/Tqoh.bat
    I don't have the email [email protected] set up. Is it my machine that is infected or is it the machine the email is hosted on? Please help! If it is my machine anyone have any idea how to get rid of it?

  2. #2
    I got this message when I sent an email and I got this back because it got rejected for obvious reasons

  3. #3
    Join Date
    Jun 2000
    Southern California
    James, McAffee has a free removal tool, however there is a good chance you aren't infected. This virus likes to send itself out from *an* infected machine and grab *any* address out of the infected machine's address book and put it in the reply field. SO another person's machine could be infected, they had that address in their address book, and it happened to get pulled and stuck on the outgoing message.

    The headers of the email would have helped you to determine if it actually came from your machine, however as I said, there is a good chance that it didn't and you have nothing to worry about. Check for the free tool and for info about the virus to determine if you have it in the first place. - Where professionals discuss web hosting.


  4. #4
    Good news. I just did a scan, no virus on my machine. Thanks for the help Chicken

  5. #5
    Join Date
    Mar 2002
    Philadelphia, PA
    I have been receiving about 5 virus's a day via this forum. The "From" address, comes from a popular poster, and comes with legit topics, its really unusual. I will just have to delete
    Linux junkie |

  6. #6
    Join Date
    Nov 2001
    1,991 That will remove Klez if you have it.

  7. #7
    Join Date
    Aug 2000
    Originally posted by Chicken
    The headers of the email would have helped you to determine if it actually came from your machine, however as I said, there is a good chance that it didn't and you have nothing to worry about.
    Really I'd say there's more than a "good chance" that if your address in the "from" field it didn't come from your machine. I've looked at dozens of klez-loaded emails, and the address the email looked at first glance to have come from has never been one belonging to the person whose machine was the actual source.

    Granted, there's that possibility, and there's likely a connection since that address had to have been available on the infected machine. But in general if your address is there, you should advise people you know or do business with, because one of them is likely to be the real source.
    Specializing in SEO and PPC management.

  8. #8
    i've had anti-virus software on my PC since i've had one..I've NEVER had a virus...

    Then one day I get an email virus warning from the software. I tell the person who sent it to me...he removes it...NOW i get the damn virus 5 times a day!! It is really annoying!

    I've scanned my PC and I don't seem to have it but my antivirus quarantine area has about 20 of them hanging out in there....

    I wonder if it'll ever die a painful death...

    It's also always fun to go through log files and find it looking for places to root onto on my server...guess I should disable the logging of it..but blah...

  9. #9
    Join Date
    Feb 2002
    Boston MA
    Speaking of virri I think I'm infected with codered =[. Anyone know a tool to get rid of it?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts