Home General Chat
If you need urgent support, call 999 or go to your nearest A&E. To contact our Crisis Messenger (open 24/7) text THEMIX to 85258.
Options

exploit-MIME.gen virus......

Former MemberFormer Member Posts: 1,876,323 The Mix Honorary Guru
in General Chat
Right, well, I seem to have recieved an email with the above virus in it.....
firstly, I don't think its infected my system, as the mcafee program on hotmail found it, hopefully anyway.
Well, i guess ths is both a warning and a query.
It came in a file called NewTextDocument (from some complete random stranger!), so watch out.
And has anyone else come across it?
Thanks.

Comments

  • Options
    Former MemberFormer Member Posts: 1,876,323 The Mix Honorary Guru
    Did a bit of research...

    This generic detection covers email message files which exploit the Microsoft Incorrect MIME Header vulnerability. This vulnerability allows attached executable files to be run when a message is simply viewed. Several common viruses make use of this exploit, including W32/Badtrans@MM, W32/Nimda.gen@MM, and W32/Klez.gen@MM.

    You can also download a patch from Microsoft Technet at: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-020.asp

    Just be careful if you have Windows ME, if your system was infected you need to be sure that your system didn't save a system state at that time, and if you rolled back in the future you wouldn't reinfect yourself...

    http://vil.nai.com/vil/content/v_99273.htm
  • Options
    Former MemberFormer Member Posts: 1,876,323 The Mix Honorary Guru
    Cheers Justin. Someone from another site forum (the one it seems to be spreading itself round) said it may be the Klez virus. Heres what they reckon:
    Taken from the Addicted to Discworld forum:
    A third party has been infected with the "klez" virus. This is a virus that "spoofs" email addresses (ie pretends that it is sending messages from another email address), and spreads viruses to many other email addresses.

    Most likely, unbeknownst to themselves, someone else has contracted the klez virus on their computer, mala_kai@hotmail.com is on an email address list somewhere and is a valid, although currently inactive, email account.

    This means that the third party with the klez virus has been sending out other computer viruses, seemingly from your account. If you set your email headers to show "full headers", next time you see one of these, you will be able to check the 'return path' to see where the email really originated from.

    For more information on the klez virus check out Symantec's website:
    http://www.symantec.com/avcenter/venc/data/w32.klez.h@mm.html
    ail addresses.
    We seem to have found the origin (at least within our group), but what can I do now? How can I check it hasn't infected my computer? Will downloading the patch help detect it or just stop it from infecting my computer? Apologies for being virus illiterate!
  • Options
    Former MemberFormer Member Posts: 1,876,323 The Mix Honorary Guru
    what can I do now? How can I check it hasn't infected my computer?

    Make sure you do a full sweep of your system, have a read of this which I posted previously:

    http://www.thesite.org.uk/vbulletin/showthread.php?s=&threadid=28437

    Will downloading the patch help detect it or just stop it from infecting my computer?

    The patch will just stop it from infecting your system in the future, however if its a Microsoft patch they should also issue removal/cleaning instructions... you can get cleaning instructions also from Symantec/McAfee's website :)
  • Options
    Former MemberFormer Member Posts: 1,876,323 The Mix Honorary Guru
    Thanks again Justin. :)
Sign In or Register to comment.