possible virus

[muffster]

I have norton antivirus as well as the free edition of AVG.

recently I have been getting numerous emails that say they are
undeliverable, but I did not send these emails.
I had a notice a week ago about a backdoor Trojan virus and to run AVG ,
for some reason norton did not at first pick it up and when it did , it just
notified it was there but did not attempt to repair or quaranteen.
AVG identified the file but when I tried to run norton
it couldn't open file .

I ran AVG.

At this point I was not sure what to do so I deleted the file and emptied
the trash. I have not recieved anymore warnings about the backdoor trojan
virus, but keep getting these undeliverable messages returned that I never
sent out.

Is there some sort of virus on my computer and if so how do I remove it?

Keith

 

[David H. Lipman]

No, the virus is the email.

The Klez.H is notorious for sending "failed mail" messages that had infected attachments
containg the Klez.H
A tip off is an attachment that is >100KB large. Other infectors also use this methodology
to deliver their payload.

Dave



| I have norton antivirus as well as the free edition of AVG.
|
| recently I have been getting numerous emails that say they are
| undeliverable, but I did not send these emails.
| I had a notice a week ago about a backdoor Trojan virus and to run AVG ,
| for some reason norton did not at first pick it up and when it did , it just
| notified it was there but did not attempt to repair or quaranteen.
| AVG identified the file but when I tried to run norton
| it couldn't open file .
|
| I ran AVG.
|
| At this point I was not sure what to do so I deleted the file and emptied
| the trash. I have not recieved anymore warnings about the backdoor trojan
| virus, but keep getting these undeliverable messages returned that I never
| sent out.
|
| Is there some sort of virus on my computer and if so how do I remove it?
|
| Keith
|
|

 

[Nick FitzGerald]

No, the virus is the email.

The Klez.H is ...

Perhaps "was" is more apposite...

... notorious for sending "failed mail" messages that had infected attachments
containg the Klez.H

Swen and Dumaru are _MUCH_ more common now and Swen employs this "trick"
in a sizable proportion of its messages (both also use the "install this
critical security update from Microsoft" approach too...).

A tip off is an attachment that is >100KB large. ...

Hmmmm -- from memory, Klez.H is 90-something (92?) kilobytes. Now, whether
the attachment will shown as its "normal (decoded) filesize or as its
"embedded" size (encoded) within the Email message is an issue the designers
of Email clients have not universally agreed, so suggesting an attachment
size without at least moting this issue is of questionable value as a
disgnostic tool (not that filesizes, per se, are much use as diagnostics...).

... Other infectors also use this methodology
to deliver their payload.

Indeed...

 

[mzlindyone]

I have norton antivirus as well as the free edition of AVG.

recently I have been getting numerous emails that say they are
undeliverable, but I did not send these emails.
I had a notice a week ago about a backdoor Trojan virus and to run AVG ,
for some reason norton did not at first pick it up and when it did , it just
notified it was there but did not attempt to repair or quaranteen.
AVG identified the file but when I tried to run norton
it couldn't open file .

I ran AVG.

At this point I was not sure what to do so I deleted the file and emptied
the trash. I have not recieved anymore warnings about the backdoor trojan
virus, but keep getting these undeliverable messages returned that I never
sent out.

Is there some sort of virus on my computer and if so how do I remove it?

Keith

Keith, everyone seems to be assuming there is a virus (worm, trojan)
involved somehow in those returns, but that isn't necessarily so.
Could you please forward or post one of those messages - with complete
headers.

Carol

 

[muffster]

Carol,
I tried to forward the message to you but it came back as
undeliverable.. is the address below correct??

Keith

 

[mzlindyone]

I tried to forward the message to you but it came back as
undeliverable.. is the address below correct??

Keith, look at it closely. Just remove the "x" at the end.

Carol