I'm getting 5 and 6 alerts of klez infected e-mails a day! Help..

This has been going on for the last month. My Norton anit-virus is alerting and quarentening them, but I want to stop getting them.

I've Googled to find out what W32 Klez.H@mm is and all I've found out is that klez attacks come in waves, but I can't find out how one can block the klez e-mails from coming into my mail progrm in the first place.

Also, very few people have the e-mail address that I'm getting these viruses sent to....and I've changed my e-mail password with Earthlink twice so how can I still be getting these.

Why would I be getting five and six of these a day, and in 7 years of using a computer, receiving e-mails I've never gotten any virus alerts or infections. Just this last month is when this Klez thing started.

Can someone give me advice on how to block klez. ? Shouldn't Earthlink be removing Klez. instead of allowing it to go though to my mail?

Is anyone else having this problem lately?

And you will never have another virus or popup.

I've now gotten 25 of these Klez viruses today alone. Probably a hundred in the last month.....but I'm trying to get to the bottom of it....

My computer runs fine.....I've chechecked with Earthlink, my ISP, and the only question I have is that most of the e-mails in question are coming from Mindspring/Earthlink.......but there isn't a spot on their website I've found, yet, which allows you to complain about viruses.

However....the fact that I'm getting quarentines which say: "Daemon@ hell mindspring.net or Mail Delivery Sub system Mailer [email protected] [email protected] on and on all different but all quarentined by my Norton says something "odd is up" here.

I'm hoping for one of our DU "internet savvy programming types" to help me out here. Yeah.....I know....it's a freebie my asking for advice.....

But, is anyone else having this problem. I've been so lucky NEVER to have had this problem in 7 years before........so YOU might be next! What's with me getting a 2 year old Klez virus when Norton and MacAfee are really reporting more problesm with newer Trogjan Horses and other things than a Klez Mutation....

Why now? and Why ME??

www.symantec.com and you'll get info on what to do.

infected with the virus. I just keep getting e-mails trying to infect it. Norton site doesn't tell me how to block them or why I'm getting the e-mails. I'm protected..I just wondered if there is a way to stop them. And why I'm getting them all of a suddent in the first place.

According to Norton the last "klez W32" attack was in April of last year. It's not listed among their current virus alerts......so why am I getting an old "klez W32" instead of the newer ones.

I was hoping someone who knew more could help with this. A computer Geek........

I'm pretty clueless about this stuff, but savy enough that I keep my Norton Up-to-Date......so I don't know why I'm getting these damned e-mails I keep having to deal with......

A few weeks ago I too was getting them several times a day on both home and work computers, and even w/auto updates Norton didn't catch them, and McAfee did. I only went to Norton when my computer guy who built my new machine said it was better. I said I'd been using a McAfee suite for years w/no problems. I went back to McAfee.

to the Norton I had with my first computer......I like that they constantly update me....and my computer works better than with CAfee! But, I guess we all have our favorites. I don't seem to have Klez virus in my harddrive or files but it's the e-mail problem. It's working and quarentines them all......but there are so many..out of nowhere...it's overwhelming.

and a horrible annoyance. Every e-mail has to be judged on "Do I know this person....do I understand what this e-mail is about.." and luckily on this e-mail I don't have lots of folks to worry about who are contacting me...but 25 virus alerts and quarintines in one day! That has to be some BIG problem!

having problems with getting the updates and found the scheduling difficult to use. That was two years ago.

These programs must go back and forth in user friendliness and effectiveness! At least my Norton is catching them.....it's just so many to deal with.

is infected. That means anybody you've ever sent email to from this account. Here's the poop from McAfee: http://vil.nai.com/vil/content/v_99367.htm
As pointed out elsewhere, you can get the same info from Norton/Symantec.

I'm also on Earthlink and forward all my junk mail to [email protected] so they can add the sender to Spaminator. Does this work? I dunno, but it makes me feel better. Klez spoofs the sender address, so presumably you're getting a different address every time; I don't think Spaminator can handle this. Also in this case you'd need to give them heads up that the attachment is infected or they might be understandably cross.

about "Junkmail@earthlink." If I send the offending klez infected e-mails to them after I've quarentined them do they then check them over? Sorry, I had a hard time understanding what you meant.

It does seem that someone has my address and everytime they send a mail to someone I get the klez warning. But, I have no idea how I would track down who has it. And, to make matter worse my husband just got a call from a business client who says he got a mesaesage from my husband with a klez warning. My husband hasn't contacted this client in over six months.....and he used his computer at work with a different address when he last contacted this client way back. But the client said the e-mail address given was our home computer and the client immediately knew not to open particularly with the virus alert.

SHow could my husbands work computer on a T-1 line with a totally different address send a message to someone with our completely different home e-mail address?

This is quite scarey and I will check out both links you gave and see if I can do something through earthlink which is my service provider. But, my husband isn't on earthlink at all so he will contact his IT tech.


I'm hoping I can get some more info on the best way to handle this. If I could understand how klez works and how I got it.....it wouldn't be so upsetting and I maybe could find a way to fix it.

Thanks! ON EDIT: The MacAffee site was much more helpful in explaining it all than my Norton. However, I will check back though my Norton and see if I can get more help in figuring out how to solve this. For a computer clueless person reading what one has to do on MacAfee is so overwhelming.......I will probably have to get professional help! UGH.

who's infected. I sympathise, cause I'm in the same situation regarding the Bugbear virus. I keep getting suspicious attachments that turn out to be infected with various iterations of Bugbear. As I said before, all it means is that somebody somewhere who has either sent email to me or received it from me has an infected machine. That could be a friend, an acquaintance, a DUer, a total stranger who got a kick out of one of my websites, or somebody who got a forward of one of my emails. (One of the few unfortunate side effects of being funny is that a lot of your emails wind up getting forwarded all over hither and yon.)

Therefore, there's no way to know who the person is who is infected, and no way to contact them. I emailed everybody in my address book and asked them to update and run their antivirus software, but received little response and have gotten Bugbear-infected attachments subsequently. However, mine are more like one a week rather than seven a day. I can see why you'd be concerned.

Junkmail@earthlink may just be a robot. You might have better success emailing [email protected] and asking them how to proceed. They were the ones who suggested I forward my spam to the other address, but then that's just regular spam, not virus-infected stuff. They're pretty helpful, eventually.

Sorry I'm not more help; I'm another technopeasant, basically. It sounds to me like your husband's machine might be the one to be infected. Hopefully when his IT person looks at it the problem will be solved. Best of luck regardless.

Says his Norton is totally up-to-date and doesn't think therefore it's his computer. He said there's not much he can do except quarentine and delete or change your e-mail address.

I'm up to 15 of them which have come in just today alone. All with different messages, but all with an alert of Klez. Driving me crazy!

Changing one's e-mail address when you are a business or even if it's personal is not something anyone looks forward to doing...... but we might have to.

that changing the email address may be the only solution. 15 seems like a huge number to get in one day from one computer, no matter how badly infected. Is there any company or organization that you have frequent email contact with? It sounds like somebody's entire network might be infected, and I'm sure your husband's IT guy already checked theirs. Not a brilliant suggestion, I realize, but the best one I can come up with. Hopefully this kick will bring you more technically-inclined DUers with better ideas.

e-mail address I'm having problems with.

However........we are on a "List Serve" (that's what they call it) for a vacation place where people post comments about the area and what rentals are available and local news....and there have been complaints that the server has passed along viruses, but it's been sort of "heresay." That's the only site besides DU I'm on......that has a password e-mail..and DU doesn't have my Earthlink password they have an AOL that I keep for a minimum. I never give out the site that's being attacked. I also don't use IM or any other chat stuff.

too strange..........but thanks for all the advice....you've kept me going today while I've fought off these attacks! LOL's :-)'s

There is a clean-up patch specifically for the klez virus. You can download one of several variations from most antivirus sites. However, it's a nasty bugger, and it likes to delete important files randomly-- I disinfected a couple machines, and thought they were okay. I HAD cleaned the virus from both machines, but there were so many files that had been infected or deleted on both machines I had to finally wipe and reinstall everything, even after the actual virus had been killed.

Back up your important files now, and when they're on separate media scan them again to be sure. Be prepared to start over. Don't assume that because it looks like the infected emails are incoming, you are not infected. You probably ARE. That's how it sometimes appears.

ON EDIT: Go here to obtain the patch, and important information. http://www.symantec.com.br/avcenter/venc/data/w32.klez.gen@mm.html

please. My "up-to-date" Norton 2002 says I'm clean.......I'm not having trouble with anything else on my computer.......my Excel/ and other Microsoft Word files are all fine...I can surf the net with no problem.....I'm not getting tons of error messages. I have Microsoft ME with 4 Browsers. My computer is only a little over 2 years old......I use Netscape 4:07 (too old and creaky for hackers/virus folks, I would think) and I also have Netscape 7:0 which I use to surf sometimes but I dont' have my e-mail enabled on it.

(I use AOL for travel (forward my Netscape/Earthlink Mail to AOL) and keep a small account and have an older version of IE (which I NEVER use....but keep for emergencies)

I'm so eclectic and weird with my "dial up and various browsers" I thought no one would ever bother with me to be the vi tim of a virus attack! I'm so conservative!! AND Super Cautious keeping my Norton totally "up-to-date!

:-(

or a linux box, either. But I live in constant paranoia with my Windows 2000 setup. Once every 3 or 4 months, I backup everything important to removable media, then reinstall the OS from scratch, making sure to format the drives a few times each. Takes the better part of a Saturday or Sunday, but staves off the worst of the peecee paranoia in me. Also does away with the inevitable "lag" Windows systems suffer over time.

If I was in your shoes, I'd do a clean reinstall. But like I said, I'm paranoid and often have free weekend days to waste on this activity.

infected. Today I had to deal with 15 virus alerts which I had to quarentine......I don't know....

Maybe it's not unusual to have this happen. I've just been lucky all these years...until the last month.... Until I know for sure....it's me that's infected (no signs of that on my daily internet browse or searching) I don't want to have to go to do drastic measures...like downloading and going into my "back ups."

But, if it comes to that I'll do it.......but not unless I am dragged kicking and screaming......but a hard drive crash is no picnic either! Thanks!

About a year ago I killed back an infection only to have it return even with having my computer on virtual quarantine status.

You could have it! It may be sending the e-mails to yourself.

Download a specific KLEZ killer and run it. At the very least, it will do no harm.

my files if I run it? Did you have any problems?

Thanks! It 's nice to have a new liberal website to check out.

disable attachments for a while. See if that helps.

And yes, alert your ISP too.

panic mode and allowed me to check some things I wouldn't have known about.

Update: Today I haven't gotten a single Klez warning. Yesterday, I counted by last night that I had quaretined 35 infected e-mails!

Today my incoming e-mails seem to be back to normal with no alerts. Weird......... So, what I'm going to do is check through the e-mails that I received yesterday that didn't have a problem because they might be the ones that caused the klez e-mails to be sent to me. From what many of you said they could be coming from another person's infected e-mail who then sends me attachments. If I can segment those out then I can maybe identify who the culprit is. And, maybe, if I start to get them again I will have that person identified. I've gotten enough helpful advice from you all that I know what to do if it comes to an emergency!
Thanks all! :-)'s