Klez.E

Discussion in 'malware problems & news' started by controler, Apr 21, 2002.

Thread Status:
Not open for further replies.
  1. controler

    controler Guest

    Below is SPAM I received this morning for a "worm Detector"

    Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.
    Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.
    We developed this free immunity tool to defeat the malicious virus.
    You only need to run this tool once,and then Klez will never come into your PC.
    NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.
    If so,Ignore the warning,and select 'continue'.
    If you have any question,please mail to me. Jscomp0550@aol.com
     
  2. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Hi Controler,
    see my answer in the WormGuard threads please.
    Thanks! Please be careful if it is "source unknown"
     
  3. controler

    controler Guest

    I posted i the Klez forum also
    As I mentioned I DID receive those e-mails this morning. One did have the honey subject line.
    I thought it be a wise guy sending gay spam
    I ran Norton with latest updates and even went to nortons site and downloaded teir NEW beta definitions. Still nothing found on my puter.
    Is this anoother varient that I am infected with?
     
  4. spy1

    spy1 Registered Member

    Joined:
    Dec 29, 2002
    Posts:
    3,139
    Location:
    Clover, SC
    Well,  I certainly hope you didn't fall for that one - the attachment will infect you if you open it.

    Please don't post the same question on multiple forums here, okay? Thanks. Pete

    *I'm moving this one to the correct forum. Pete
     
  5. controler

    controler Guest

    Sorry for posting at wrong spot.

    I left the dudes e-mail address that was included later.
    Just letting everyone know there is either a new varient or a jerk targeting people from security forums.
    Just to let you know, I have built and used puters since the early 80's DOS days only.
    So I am not a newbi to them.
    However I will admit I never got into the programming side of things other than BASIC ;)

    Over?
     
  6. controler

    controler Guest

    Just ran a scan again and found nothing but I did just get another e-mail

    This one contained a body message.

    nakito@new.rr.com

    Body message "This is a funny website, you will like it"

    and of course there is no link to any site.
    Are we under a wide spread attack by the damn chinese?
     
  7. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    hmm

    rr.com is Roadrunner, the same (broadband American cable) that I use. However, the email address normally includes the city ie yourname@yourcity.rr.com
    But anyway if someone knows how to research that email addy we might be able to get some vicious SOB's broadband service taken away.
     
  8. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Sam Spade  >  Tools  >  Parse full headers
    and do your stuff
    I see a lot of spam these days and port sniffing from
    ......rr.com addresses.
     
Thread Status:
Not open for further replies.