Klez HELP ! (don't open if in any format) was Re: HEADERS?

From: Lawrence Walker <lgwalker_at_mts.net>
Date: Sat Aug 3 01:21:22 2002

 I've done the Vulcan neck pinch (love the terminology :^) ) many times to see
what was running that could be using all this memory. Ending tasks freed up
miniscule amounts of memory according to "tweak-all" and using the free
memory module in tweak-all brought me back to what should be expected,
considering the apps I was using.

> At 07:52 PM 8/2/02 -0500, Lawrence Walker wrote:
> > It seems that I did not escape Klez.
> When your system is running, use the vulcan neck pinch (Control-Alt-Del).
> Is there anything running with program name wink* (wink plus some
> random digits.)?
> Are there any files found when you do "dir/a c:\windows\system\wink*.exe" ? If
> not, you probably don't have Klez. Your posting here was made using Pegasus,
> which does not open the Klez virus when you open an e-mail message. You would
> have had to execute the attachment.
 One of the first things I did was check for files with "wink" in their title as
suggested in the various AV suggestions.

> When you run the Klez cleaner, did you run it from Safe Mode? That's
> the safest way to remove it; you can also follow the manual removal
> process at
> <http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h_at_mm.html>.
 I used the Mcaffee remover as per suggestions in the read me file that urged
you to do it this way, but not with the clrav.com file from Kaspersky.
> Note that Klez often comes shipped with the Elkern virus - that
> disables most antivirus software.
> >I have had a continuous memory drain
> >since stupidly opening the first msg. in HTML and memory resources drain
> >eventually freeze my computer. I come up clean with both the Symantic and
> >Kaspersky removal tools however. One of the spoofed messages with R.E.s
> >return path was from Allison warning about klez and recommending the
> >Kaspersky Klez removal tool. I'd never heard about Kaspersky before.
> >Makes
> >me seriously wonder about these AV companies. Create a problem and then
> >sell a solution.
> What evidence do you have that an antivirus company is responsible for
> creating the Klez problem? Or any other virus?
> -Rick
 It may be simply paranoia, but the fact that the spoofed file from AJP
{Allison) had a recommendation to use the Kaspersky Klez removal tool
makes me wonder why the beast would suggest it's own demise.

 Somewhere I can also remember an advisory that AV programs encourage
sloppy procedures and should be done without. Not to mention the size of
some of the latest programs. 81 Megs for the latest flavor ? Give me a break.

 This is either BS marketing or incredibly sloppy. wasteful programming.
 " Ah, the jerks will either grab the cheap ram available or get a multi-gig
new hard drive" "I want to have a good weekend so what do I care how the
dweebs handle it".

 Why I prefer older equipment. Or UYA with MS "computer advances"


Received on Sat Aug 03 2002 - 01:21:22 BST

This archive was generated by hypermail 2.3.0 : Fri Oct 10 2014 - 23:34:36 BST