Klez Virus


[Follow Ups] [Post Followup] [Dodge Power Wagon Forum]


Posted by Joe Cimoch on Monday, April 29, 2002 at 10:25AM :

Another day, another 20 or 30 W32.Klez.H@mm-infested emails.

I spent the better part of the weekend rebuilding my PC. It actually shut down my Virus scanner.

When Klez propagates, it takes a random email address from your Outlook/OE address book and inserting it as the From address before it blasts out its payload to the rest of your address book. So, when you receive an email from someone that is infected, it may appear to come from an entirely different person. In some cases, I've received email from myself, to myself, or so it appears. When I look at the headers, I can see that it has traveled through various outside SMTP servers indicating that I had nothing to do with the sending of the email to begin with.

With each passing day, I continue to receive more and more of these emails, and there's no sign of it slowing down anytime soon.

Please double-check the registry and directories that are used by Klez just to be sure... there seem to be a lot of you out there that have been hit with this thing.


http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html



Follow Ups:



Post a Followup

Name:
E-Mail:
Subject:
Message:
Optional Link
URL:
Title:
Optional Image Link
URL:


This board is powered by the Mr. Fong Device from Cyberarmy.com