liqidtouch Posted June 2 Report Share Posted June 2 If your not sure what this says=ill shorten it for you-in otherwords- "webmaster@clubplanet.com" sent me something to my e-mailthis e-mail contained3 viruses-(3 incase i was able to delete the 1st ones)RAV AntiVirus for Win32 version: 1.0.2 (snapshot-20020429)The file (part0000:)->(IFRAME0000) which was attached to the message with subject: Language sent by webmaster@clubplanet.com to djliqidtouch@tellurian.com, was infected with virus: HTML/IFrame_Exploit*. For your protection, the infected attachment has been deleted.The file coult not be cleaned, so it was deleted.The infected file was successfully deleted by RAV AntiVirus.The file (part0001:sitting[2].bat) which was attached to the message with subject: Language sent by webmaster@clubplanet.com to djliqidtouch@tellurian.com, was infected with virus: Win32/Klez.H@mm. For your protection, the infected attachment has been deleted.The file coult not be cleaned, so it was deleted.The infected file was successfully deleted by RAV AntiVirus.Scan engine 8.11 for i386.Last update: Fri May 30 10:29:58 2003 Quote Link to comment Share on other sites More sharing options...
stiffler Posted June 2 Report Share Posted June 2 I never open that shit anyway, I just delete it right from my e-mail Quote Link to comment Share on other sites More sharing options...
liqidtouch Posted June 2 Author Report Share Posted June 2 Originally posted by stiffler Carpe' diem Hey stiffeyHa-koona Mutata my friend-how you been? good weekend? Quote Link to comment Share on other sites More sharing options...
aim4night Posted June 2 Report Share Posted June 2 the other week i had atrojan horse virus but my antivirus contained it before any dmage was done. my computer tech.(my guy) deleted the trojanhorse file for me.maybe i got it from clubplanet email. i wonder!! Quote Link to comment Share on other sites More sharing options...
ou812 Posted June 2 Report Share Posted June 2 so now clubitup.com is sending out KLEZ infected mails.clubplanet.com is sending out KLEZ infected mails.Someone is behind all this. Quote Link to comment Share on other sites More sharing options...
xrapturex Posted June 2 Report Share Posted June 2 Originally posted by ou812 so now clubitup.com is sending out KLEZ infected mails.clubplanet.com is sending out KLEZ infected mails.Someone is behind all this. Yeah thats what Im saying. Quote Link to comment Share on other sites More sharing options...
dbolboy Posted June 2 Report Share Posted June 2 Originally posted by ou812 so now clubitup.com is sending out KLEZ infected mails.clubplanet.com is sending out KLEZ infected mails.Someone is behind all this. what does KLEZ mean>? Quote Link to comment Share on other sites More sharing options...
ou812 Posted June 2 Report Share Posted June 2 Originally posted by dbolboy what does KLEZ mean>? Description:This memory-resident variant of the WORM_KLEZ.A mass-mailing worm uses SMTP to propagate via email. Its email messages arrive with randomly selected subjects chosen from a list. It also spoofs its emails such that email messages from this worm appear to have been sent by certain email accounts, including accounts that are not infected. Upon execution, it drops files and creates an entry in the AutoRun key of the system registry and then infects .EXE files. It encrypts (compresses) its target files and then modifies the file extension of these with a random name. It also sets the attributes of its encrypted files to Read-only, Hidden, System, and Archive. Thereafter, this worm copies itself to the original file name of the infected file. This worm makes sure that its file size is the same as that of the infected file. To do this, it pads garbage data at the end of the infected file. It does not perform its antivirus retaliation routine on machines running Windows NT 4.0 or lower. Windows NT 4.0 or lower do not have system functions or the Application Program Interface (API) that this worm uses to kill antivirus-related processes. To propagate copies of itself, this worm uses its own SMTP engine to send email containing its executable program. It has several ways of collecting its spoofed source email address and target email address. It randomly chooses its target users from a pool of email addresses and from the email address that appear in the From field of the email. Similar to the other KLEZ variants, this worm can change or spoof the original email address in the FROM: field. It obtains the email addresses that it places in the FROM: field from the infected user's address book. This causes a non-infected user's name to appear as the person who has sent this worm's malicious email. It does this to hide the real sender of the infected email. The actual email address of the sender is found in the Envelope From field. This email address is taken from the email address of the infected user’s SMTP account and this can be found in the following registry key:HKEY_CURRENT_USER\Software\Microsoft\Internet Account Manager\AccountsSince the Envelope From field cannot be found in the email body, the only way to get this information is by monitoring Transmission Control Protocol packets. The subject of the email it sends is composed in a complex manner.The subject may contain any of the following substrings: how are you let's be friends darling so cool a flash,enjoy it Your password honey some questions please try again welcome to my hometown the Garden of Eden introduction on ADSL meeting notice questionnaire congratulations sos! japanese girl VS playboy look,my beautiful girl friend eager to see you spice girls' vocal concert japanese lass' sexy pictures Worm Klez.E immunity Undelivarable mail-“%s†Returned mail-“%s†special *Where %s is a random string. The subject may also be any of the following:a %s %s game a %s %s tool a %s %s Web site a %s %s patch %s removal tools %s can be any of the following: new funny nice humour excite powful good special WinXP IE 6.0 W32.Elkern W32.Klez.E Symantec Mcafee F-Secure Sophos Trendmicro Kaspersky Quote Link to comment Share on other sites More sharing options...
liqidtouch Posted June 2 Author Report Share Posted June 2 Originally posted by ou812 Description:This memory-resident variant of the WORM_KLEZ.A mass-mailing worm uses SMTP to propagate via email. ............ sorry ou812i just wanted to shorten it for the ones that need it easier-ATTN to those needing something easier _()_this virus(program) gets into your CONTACTS list of your e-mailing program-if its in your home e-mail contacts- its goes out to anyone that you send mail to so now they have it as well(unless their comp sees and deletes it)EXAMPLE: XraptureX is sending mail from work and has it in her contacts their-its will propagate"weasel its way into and attach"to all the e-mailing programs in her office(careful Jill)you all should take GREAT care of your comps-if anyone needs some programs to Download that will clean your PC's (in home or office)get at mee-mail / aim / whatever-the guys at INTEL gave me some really good stuff:D Quote Link to comment Share on other sites More sharing options...
Guest insurancejob Posted June 2 Report Share Posted June 2 YEA YEA YEA KLEZ KLEZthey all goin down for the insurance job Quote Link to comment Share on other sites More sharing options...
eurolisa Posted June 3 Report Share Posted June 3 well i dont know if this related but all of sudden my parents computer crashed for no reason i sometimes get emails from club planet on that on under my dads email so if he opened it by mistake it could of been infected. i dont know i am not going to bring this up to him cause he will kill me and thank god dell is sending over someone to fix it free of charge. thought i share this Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.