I am no longer infected......
Aug. 10th, 2002 11:02 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
poltr1One of the mailing lists I was on had a discusson on the Klez virus and its mutations/variants, which has apparently reached epidemic proportions. This past week, I noticed that my ISP's postmaster returned two messages to me because they couldn't be delivered. Waitammint...I didn't send out these messages! And I don't even know these people! Then who sent them? Could it be that my system has been....[sound cue: Duhn-duhn-DUHNNNN!]....infected with Klez by just having the file on my system? I never run executable files sent to me by strangers. And my virus definitions file wasn't the newest; I had Symantec SystemWorks 2000 on the system and it was too old for it (or the virus definitions file) to be updated via LiveUpdate.
One of the people on the mailing list -- thanks, Zorya! -- included a URL in their message to
Symantec's information page on the Klez virus, which has a link to a free and downloadable tool to eradicate the Klez virus. So I went there, downloaded the tool, downloaded another tool from MW Software to verify the digital signature on the Klez removal tool, and ran it. Meanwhile, I made a trip to Sam's Club to pick up SystemWorks 2002 (which includes a current version of Norton AntiVirus). When I came back, the removal tool had identified and removed 51 instances of the Klez virus. Yikes! All of these were attached files in email messages I received and tried to quarantine by moving them into a folder called "Infected".
And so I uninstalled SystemWorks 2000 (per the SystemsWorks 2002 instructions), installed SystemWorks 2002, ran all the LiveUpdates available and/or necessary, and ran a virus scan on the entire computer while my wife and I went to dinner. We came back and found that C:\Windows\System\Kernel32.exe was infected and couldn't be repaired. Looks like I'll have to reinstall this file. Argh!
The good news is that I received three more copies of Klez in today's email.....and SystemWorks caught all of them. Hoo-ahh!
Despite my aversion to getting and running the latest and greatest versions of software, I will make an exception to antivirus software and definitions files. And Klez is one nasty bugger of a virus.
P.S. My copy of Netscape 6.2 still hasn't come in yet, and the credit card statement doesn't show any transaction for it. (But it showed one for 4.7.9, which I have received and installed. So far, it hasn't crashed once on me!)
One of the people on the mailing list -- thanks, Zorya! -- included a URL in their message to
Symantec's information page on the Klez virus, which has a link to a free and downloadable tool to eradicate the Klez virus. So I went there, downloaded the tool, downloaded another tool from MW Software to verify the digital signature on the Klez removal tool, and ran it. Meanwhile, I made a trip to Sam's Club to pick up SystemWorks 2002 (which includes a current version of Norton AntiVirus). When I came back, the removal tool had identified and removed 51 instances of the Klez virus. Yikes! All of these were attached files in email messages I received and tried to quarantine by moving them into a folder called "Infected".
And so I uninstalled SystemWorks 2000 (per the SystemsWorks 2002 instructions), installed SystemWorks 2002, ran all the LiveUpdates available and/or necessary, and ran a virus scan on the entire computer while my wife and I went to dinner. We came back and found that C:\Windows\System\Kernel32.exe was infected and couldn't be repaired. Looks like I'll have to reinstall this file. Argh!
The good news is that I received three more copies of Klez in today's email.....and SystemWorks caught all of them. Hoo-ahh!
Despite my aversion to getting and running the latest and greatest versions of software, I will make an exception to antivirus software and definitions files. And Klez is one nasty bugger of a virus.
P.S. My copy of Netscape 6.2 still hasn't come in yet, and the credit card statement doesn't show any transaction for it. (But it showed one for 4.7.9, which I have received and installed. So far, it hasn't crashed once on me!)
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2002-08-11 02:44 am (UTC)