On Tue, 7 May 2002 [EMAIL PROTECTED] wrote: > As the subject says I *might* have a copy of klez in The Bat. Norton > detected it as it came into my mailbox, but the message still has an > attachment in it, so not sure if its a replaced klez or the real > thing. Needless to say I'm reluctant to open the email.
> I know Bat shouldnt be suspectible to Klez, but if I have Outlook and > Outlook express also installed on the same pc (i'm looking to move > away from them to The_Bat) but I'm concerned that I could be > vunerable. > Any thoughts? To answer your subject.. simply no. TB! doesn't have the code processing ability to handle the <iframe> tag that causes the problem in Outlook/Outlook Express. Which is good for us ;) Norton normally would replace your infected attachment with a text document that with a name like "Norton Anti Virus alert.txt" (I don't remember the full name). That file is safe to open... it just contains the original file NAME, and what virus it was infected with. I do advise you before opening your inbox with Outlook/Outlook Express, delete that particular message off of your mail server if you've not done it already. And if you're feeling really nice... you could see if you can guess which friend is infected by tracing the headers backwards... and see if you know the person... if so... drop them a mail, and notify them. Note that the From: field is NOT a reliable source to work out who sent it. In some cases, the "Return-Path" tag is set, which is the first place to start... if that is not set, try guessing from the ISP. In the number of cases I've been sent it, I've been able to work out which few people have been infected by ISP alone (sad I know most of my friend's ISPs). Good luck :) -- Jonathan Angliss ([EMAIL PROTECTED]) ________________________________________________________ Current Ver: 1.60i FAQ : http://faq.thebat.dutaint.com Unsubscribe: mailto:[EMAIL PROTECTED] Archives : http://tbudl.thebat.dutaint.com Moderators : mailto:[EMAIL PROTECTED] TBTech List: mailto:[EMAIL PROTECTED] Bug Reports: https://bt.ritlabs.com
