Unfortunately you are wrong. The klez CANNOT propogate on a mac. the
scr file is a script file which does not execute on a mac. Klez uses a
weakness in outlook and windows messaging on PC as in intel windows
boxes.
Your message is confusing since you refer to both mac and Pc machines.
An up to date norton which is scanning email does not send a copy out!
On you mac you may have a saved attachment which is the scr file. Your
no name text file is not anything to do with klez. Klez files have
names and are not hidden.
I have to wonder what these files were (probably some temp file
created by the outlook or another program) but NO virus sends files
this size otherwise it would cause the message to reject on almost
every email server on the net (message size limits are usually in the
3-6MB size) and what good would that be!
I might sugget a trip to Symantecs antivirus page for the Mac if you
want to read more....
Neil
On Friday, October 11, 2002, at 05:47 AM, Woo Lee wrote:
>
>
> ------------------
>> ??? What's all this? I take it Klez is some sort of virus?
>
> Yup, a 'mass-mailing' worm.
> ------------------
>> And what is a ".scr" file (I've never seen one.)?
>
> ".scr"=3D 'script file' and ".pif"=3D Program Information File' are
> sent =
> to execute on MS' Outlook and Outlook Express.
> ------------------
>> Are you really saying that there's now
>> a virus that can infect a Mac via e-mail? And if so, what OS?
>>
>> - Eric.
>
> What happened is Virex missed these worms(on my Win.98SE Norton =
> quarantined W32.Klez.H_at_mm virus, but it still sent a copy out) since
> the =
> virus scanner was up-to-date and configured to scan email. As I =
> opened(clicked) the email, it setup a hidden text file, had to use
> 'Unhide =
> tools' to find the text files. Using the finder to get info. on the =
> unknown file, there was no name, just a 'text' file, 107-147 MB. size.
> =
> Using the desktop Virex drop-scan, the scanner froze, had to force
> quit. =
> The dialog box said 'scanning unknown file'. The files on the Mac are
> =
> fine, but those 'text files' were hiding on the Mac and sending copies
> on =
> the second and fourth Friday of the month. At least I was able to
> unhide =
> and delete the 'text files'.
> D'oh, Daniel's computer sent me a 67KB. file with '.exe.pif'
> extensions, =
> at least I checked with my Newt. first, :-)
> ------------------
>
> !ooW
> Pres. of Los Angeles Newton Users Group.
>
>
> --
> Read the List FAQ/Etiquette: http://www.newtontalk.net/faq.html
> Read the Newton FAQ: http://www.chuma.org/newton/faq/
> This is the NewtonTalk mailing list - http://www.newtontalk.net/
>
-- Read the List FAQ/Etiquette: http://www.newtontalk.net/faq.html Read the Newton FAQ: http://www.chuma.org/newton/faq/ This is the NewtonTalk mailing list - http://www.newtontalk.net/
This archive was generated by hypermail 2.1.2 : Thu Oct 31 2002 - 12:02:32 EST