Klez Virus/Trojan - watchy

Discussion in 'Archived Threads 2001-2004' started by Scott L, Mar 22, 2003.

  1. Scott L

    Scott L Producer

    Joined:
    Feb 29, 2000
    Messages:
    4,457
    Likes Received:
    1
    Trophy Points:
    0
    Remember me? The guy who boasted about never having to run anti-virus software beccause I thought I was immune? Well a couple days ago I picked up the Klez worm, just a file named kitty.scr (screensaver) that appeared on my 2nd HD one morning. Opened it up to check it out and BOOM my computer exploded. Actually just weird things started happening.

    I couldn't open the task manager (ctrl+alt+del) to check out what was running and everytime I donwloaded and installed a freeware anti-virus program the virus would shut it down right after I opened it (Yikes!). So I just ran a search and there's this program made specifically for getting rid of Klez which is free (but after I paid $35 for McAfee's online service whcih didn't work [​IMG]).

    So anyway I wake up today and what do ya know McAfee spots some other Klez, this time in the All Users/Documents folder. So how does it get there? Take your pick:

    - I have like 10 ports open on my router (with NAT btw) for gaming (stupid EA made us open up 6-8 ports to play C&C online). Would closing most of them stop geeks from messing with my puter?

    - I enabled the Guest account to share files with the other 3 computers on my home network.

    - Maybe Klez is still somewhere on my computer making copies of itself?

    - No firewall software running.

    Even though any network guy would punch me for doing some of these things I still don't see how a person can just write files to my HD if I have that option turned off (the other computer on my network can't do that). Is it because that All Users folder has some special properties to it that alllows for more guest privilges?

    Thanks for any help (and be gentle [​IMG]).

    EDIT: Ahh the problem was the box for "Allow Network Users to Change my Files" was checked on that folder, even though I never selected that option. Turned sharing totally off for that directory so I'll probably never see that damn Klez again... or will I???
     
  2. Kevin P

    Kevin P Screenwriter

    Joined:
    Jan 18, 1999
    Messages:
    1,439
    Likes Received:
    0
    Trophy Points:
    0
     
  3. Travis Olson

    Travis Olson Supporting Actor

    Joined:
    Oct 7, 2001
    Messages:
    937
    Likes Received:
    1
    Trophy Points:
    0
    Real Name:
    Travis Olson
    I heard something yesterday about Korean hackers launching a cyber attack with Klez. I wouldn't be surprised if your's is from that. I run Norton AV and it has saved me a few times so far.
     
  4. Francois Caron

    Francois Caron Cinematographer

    Joined:
    Jul 31, 1997
    Messages:
    2,149
    Likes Received:
    2
    Trophy Points:
    110
    Location:
    Ottawa, Ontario, Canada
    Real Name:
    François Caron
    I use the free AVG anti-virus from Grisoft. It doesn't scan all e-mails in its free version, but it does catch them when they try to execute on your computer.

    If you're using Outlook Express and REALLY want to prevent potential viral Javascripts and attachments from ruining your day, disable the preview pane in the View->Layout menu option. With the preview pane active, a viral Javascript can be launched before you've even had the chance to delete the e-mail in question.
     

Share This Page