Worm Klez.E immunity
Kurt Kessler
kessler2k at yahoo.com
Sat Oct 12 10:18:28 CDT 2002
I know, was just being funny. ;)
--- Gerald Combs <gerald at ethereal.com> wrote:
> On Fri, 11 Oct 2002, Kurt Kessler wrote:
>
> > Funny that someone from Microsoft would post to a
> > Linux users group. That and you would expect
> someone
> > working for Microsoft to have a background in the
> > English language. Oh, and what does Klez have to
> do
> > with Linux anyway? :p
>
> The mail almost certainly did not come from someone
> at Microsoft. It
> appears to be Klez.H; see
>
> http://www.f-secure.com/v-descs/klez_h.shtml
>
> and
>
>
>
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html
>
> for more details. It sends itself to everyone in
> the address book
> on an infected machine, faking the From: address.
> This particular
> message apparently came from someone at
> synergy-networks.com who had
> "mswsgulf at microsoft.com" in their address book:
>
> Received: from marauder.illiana.net
> (marauder.illiana.net
> [207.227.243.140]) by pow.zing.org (Postfix)
> with ESMTP id 71BAD54AD0 for
> <gerald at zing.org>; Fri, 11 Oct 2002 19:58:41
> -0500 (CDT)
> Received: from marauder.illiana.net
> (majordom at marauder [127.0.0.1]) by
> marauder.illiana.net (8.12.6/8.12.6) with ESMTP
> id g9BJkXHn012173 for
> <kclug-list at marauder.illiana.net>; Fri, 11 Oct
> 2002 14:46:33 -0500
> Received: (from majordom at localhost) by
> marauder.illiana.net
> (8.12.6/8.12.1/Submit) id g9BJkXgx012171 for
> kclug-list; Fri,
> 11 Oct 2002 14:46:33 -0500
> X-Authentication-Warning: marauder.illiana.net:
> majordom set sender to
> owner-kclug at marauder.illiana.net using -f
> Received: from synergy-networks.com
> (sn-serve09.synergy-networks.com
> [63.75.167.9]) by marauder.illiana.net
> (8.12.6/8.12.6) with ESMTP id
> g9BJkWHn012167 for <kclug at kclug.org>; Fri, 11
> Oct 2002 14:46:33 -0500
> Date: Fri, 11 Oct 2002 14:46:32 -0500
> Message-Id:
> <200210111946.g9BJkWHn012167 at marauder.illiana.net>
> Received: from Qso ([64.200.10.253]) by
> synergy-networks.com
> ([63.75.167.9]) with SMTP (MDaemon.PRO.v6.0.7.R)
> for <kclug at kclug.org>;
> Fri, 11 Oct 2002 20:50:44 -0400
>
>
>
>
> > --- mswsgulf <mswsgulf at microsoft.com> wrote:
> > >Klez.E is the most common world-wide spreading
> > worm.It's very dangerous by corrupting your files.
> > Because of its very smart stealth and
> anti-anti-virus
> > technic,most common AV software can't detect or
> clean
> > it.
> > We developed this free immunity tool to defeat the
> > malicious virus.
> > You only need to run this tool once,and then Klez
> will
> > never come into your PC.
> > NOTE: Because this tool acts as a fake Klez to
> fool
> > the real worm,some AV monitor maybe cry when you
> run
> > it.
> > If so,Ignore the warning,and select 'continue'.
> > If you have any question,please mail to me.
> >
> >
> > __________________________________________________
> > Do you Yahoo!?
> > Faith Hill - Exclusive Performances, Videos & More
> > http://faith.yahoo.com
> >
> >
> > KC Linux Users Group -- to unsubscribe send mail
> to majordomo at kclug.org
> > Enter without the quotes in body of message
> >
>
__________________________________________________
Do you Yahoo!?
Faith Hill - Exclusive Performances, Videos & More
http://faith.yahoo.com
More information about the Kclug
mailing list