PLEASE VIRUS GEEKS HELP ME !!!

[Wduaqnug]

My outlook has been infected by some virus. I keep getting returned e-mails with two files attached one file named: ATT00351.dat and that number in each e-mail is different second file in each mail is different humor game, japanese sexy pics etc....


I tried downloading klez removal tool, its not finding anything!

I tried to complete scan with latest AVG and Mcafee 7.0 not finding anything!
tried to put a password to send e-mails no help

 

[Adul]

mmm
well open up task manager and see what is running first.

also try thecleaner from moosoft. they are very good at getting trojans

 

[Wduaqnug]

any software to clean outlook

 

[kamiam]

Originally posted by: Wduaqnug
any software to clean outlook

see thepost above yours for the answer:Q
aDUL IZCOOL

 

[ReiAyanami]

thank microsoft for making the world a better place. no seriously!

 

[bcmind]

Originally posted by: Wduaqnug
My outlook has been infected by some virus. I keep getting returned e-mails with two files attached one file named: ATT00351.dat and that number in each e-mail is different second file in each mail is different humor game, japanese sexy pics etc....


I tried downloading klez removal tool, its not finding anything!

I tried to complete scan with latest AVG and Mcafee 7.0 not finding anything!
tried to put a password to send e-mails no help

i think i'm having the same problem. But i'm not sure if it's virus or not.. maybe spam mail with title "return mail"?

i just delete it and, of cuz, won't open it...

 

[Wduaqnug]

nothing detecting it even theclean

 

[Wduaqnug]

up

 

[n0cmonkey]

Format, install, restore from backups.

 

[Harvey]

First, uninstall Windows Scripting Host. If it happens to be a VBS virus, that will prevent any VBS script from working. Around 95% of all Windoze users will never encounter a need for it. If you do, you'll just get an error message that Windows cannot find WSCRIPT.EXE. Your choices would then be to re-install it, or, better yet, find another application that does the same job without using WSH.

WSH is a virus magnet. You can find step by step instructions for Win95, 98, 2K and NT, here.

D/l Ad-Aware and its latest Ref File, and scan for spyware.

Good luck.

 

[Wduaqnug]

i have no idea how to recover everything without that infected crap, there gotta be software to detect this

 

[n0cmonkey]

Originally posted by: Wduaqnug
i have no idea how to recover everything without that infected crap, there gotta be software to detect this

You did backup your data right?

 

[Wduaqnug]

up

 

[OZEE]

You're right - it's klez. And yes, you're probably getting notes from people saying you're sending out klez.

BUT -- Klez spoofs the address in the "FROM:" field. It grabs an address out of your address book and shoves it into the from: field, so somebody else gets blamed of spreading klez.

The good news is that you may not have klez -- that needs to be confirmed by a complete scan with a reputable, up-to-date virus scanner, which you have done.

The bad news is that someone you know does have klez - but it's tough figuring out who.

No reason to reformat/reinstall as has been suggested, but it IS a good idea to make sure you're installing any new windows patches

 

[Harvey]

You can sometimes figure out the real sender of Klez by looking in the complete header for the address listed as Return-Path:. When Klez first hit, I received over a dozen with different spoofed senders names on the From: line. All were listed from a specific computer at one of my client's offices.

 

[Smilin]

Yep, that's how we track down the lil bastard.

Klez doesn't substitute the source SMTP server.

 

[Wduaqnug]

its not KLEZ cause it didnt attack my address book it sends e-mail addresses on its own some crazy different addresses, i upgradedto xp scanned entire computer with 5 different antiviruses save me from this crap

 

[Wduaqnug]

its always two files with different names and extensions as well, damn this virus gotta be good

 

[Wduaqnug]

up

 

[OZEE]

Read my previous post^^^^


YOU DON'T HAVE THE VIRUS!!!

Somebody you know has Klez. It has spoofed YOUR address out of their address book, and sent the virus out looking like it came from you. IT DIDN'T! If you've scanned with 5 different AV packages and it keeps coming up clean, YOU DON'T HAVE KLEZ! YOU'RE CLEAN!!!

Now, the trick is finding out who really has it ... but it isn't you!

If you want to learn more about klez, look on McAfee, Trend AV or even Google


From Trend's Website

Variants .G, .H, and .I obtain email addresses to place in the FROM: field from the infected user's address book. This causes a non-infected user to appear as the person who has sent this worm's malicious email. It does this to hide the real sender of the infected email.

Dood -- don't worry about it... it ain't you!

 

[OZEE]

Sorry -- double post.... darn dial-up lag...

 

[Wduaqnug]

the problem is that its me who sending it and verizon server returns them, i checked the header it comes form my verizon e-mail and its not klez cause it attacks address book but this virus sends e-mails to users on its own list

 

[Wduaqnug]

up

 

[Aeremis]

Originally posted by: Wduaqnug
I tried downloading klez removal tool, its not finding anything!

I just have to say... if you downloaded this program you just got the virus. This virus has various topics, "Win 32 KLEZ removal tool" being one of them. I'd advise purchasing nortan or mcaffee. Goto either one of their websites and it will give you tips on removing the virus.

Yes the emails you recieve back are prolly coming from friends or friends of friends of friends etc. that have the virus itself. If you recognize any emails being your friend with some weird topic, plz take the courtesy to tell them they probably have a virus.

IF you can't clean things up with Norton or mcaffee (Make sure you take the steps they say because the KLEZ virus and its variants are known to unload/try to unload any virus scans from memory/HDD) then I'd advise reformatting.

hope this helps

 

[Wduaqnug]

NO NO and NO virus automatically sent from outlook, i did scan with several antivirus and all of them come back with no virus found