Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Elkern/Klez

Status
Not open for further replies.
Ipsofacto

Ipsofacto

Technical User
Feb 7, 2003
1
US
I have been battling this for some time now. I've used Norton, AVG and Trend. Originally, the machine had files that showed Elkern and Klez. All are gone. All virus programs have done full scans and find nothing. Yet, there is email automatically being sent from my address, bouncing back to me. The subject headings are the usual mish mash of things like Japanese girls etc. Mailer-daemon bounces them back to me. Computer otherwise seems to be ok, but I would like to stop the email stuff. Suggestions for what to look for in registry or other locations? thanks

I.F.
 
Sort by date Sort by votes
Run through the info that KimberTech provided just to be sure - it won't hurt anything. But you may not be infected. Klez spoofs the from address with an address from the infected computer's address book. Here's an excerpt from the link KimberTech provided:

Recipient e-mail addresses are collected from the Windows Address Book as well as from ICQ user databases. The worm uses it's own SMTP routines so it can send e-mail without an e-mail client.

Important Note: The e-mails sent by Klez.E worm often have faked sender's address. The worm randomly picks sender's address from web pages, ICQ databases or Windows Address Books. This means that if you get Klez.E worm in e-mail, it's quite likely that it was NOT sent to you by the person listed in the 'From' field of e-mail message (sender's address).

It's quite likely that someone you know is infected and sending using your e-mail address, which is getting bounced (back to you) for whatever reason.
 
Upvote 0 Downvote
It also may just be the backlash from the intial infestation. My machine had a virus one time, I knew it right away, ran a scan and clean, but still received emails six months later as the messages finally "bounced" back from the receiving end... Terry
**************************
* General Disclaimor - Please read *
**************************
Please make sure your post is in the CORRECT forum, has a descriptive title, gives as much detail to the problem as possible, and has examples of expected results. This will enable me and others to help you faster...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

eabrook2
  • Locked
  • Question
Klez and Bugbear virus
Replies
1
Views
19
AVChap
AVChap
LadySlinger
  • Locked
  • Question
Klez Stole Email Address! 1
Replies
2
Views
24
LadySlinger
LadySlinger
tempo21
  • Locked
  • Question
system32.exe infected with Klez
Replies
14
Views
76
KimberTech
KimberTech
johnnymc
  • Locked
  • Question
Cant seem to shake the Klez!!! 1
Replies
3
Views
31
1Bullet
1Bullet
bettyb
  • Locked
  • Question
Klez Virus
Replies
3
Views
26
bettyb
bettyb

Part and Inventory Search

Sponsor

Back
Top