Home   |  About us   |   FAQ   |  Feedback   |  Contact Us
 
Latest Issue   |    Back Issues   |    News    |    Trade Information   |    Trade Fairs   |    Awards   |    Useful Links   |    Feedback   |   Contact us
Latest Issue
Back Issues  >>
Year 2006
Year 2005
Year 2004
Year 2003
Year 2002
Year 2001
News
Trade Information
Trade Fairs
Awards
Useful Links
Feedback
Contact us
FAIDA (a Hindi word, meaning 'profit, gain') is an OPT-IN newsletter for manufacturers, exporters, importers, traders, service providers and all others looking for opportunities in Indian and overseas markets.
.
It contains information on buy offers from Indian and overseas buyers, agency and distribution opportunities, marketing tips and other market related information.
.
For free subscription - please enter your e-mail address below
.
We never disclose your e-mail address to anyone outside our organization. Here is our Privacy Policy
.
 Home  >> Back Issue of Faida >> You are Here
Year 2002

Beware of Klez - Newest e-mail virus

Detected only last week (April 17' 2002), Klez virus has taken notorious proportion in a very short span of time causing large scale destruction and mayhem in e-mail community. Symantec (Norton Anti-Virus) has been quick to upgrade the threat level from level 2 to level 3 within a week !

Like many of its predecessors, Klez virus comes as attachment in e-mail. However, unlike its predecessors, the e-mail disguises as a friendly tip or warning from someone YOU REGULARLY RECEIVE MAIL.

Not that apparent sender's computer is infected, but the virus is intelligent enough to pick up as sender such a mail address from infected computer's Inbox, Outbox, Address Book or ICQ that is unlikely to raise suspicion in receiver's mind.

We have received e-mails laced with Klez virus that seem to have originated from as varied and dependable sources as Worldbank, Yahoo, and even helpdesk@del1.vsnl.net.in !

So, if you receive e-mail from infobanc with file attachment - DELETE IT IMMEDIATELY ! We never send e-mail with file attachment without prior permission from receiver.

HOW TO DETECT THE VIRUS

Symantec (http://www.symantec.com) has given detail information on how to detect e-mails containing Klez virus. The e-mail will have one or two file attachments and a Subject line like following:

  • Undeliverable mail--"[Random word]" 
  • Returned mail--"[Random word]" (e.g. Returned mail--"honey" )
  • a [Random word] [Random word] game (e.g. A special excite game)
  • a [Random word] [Random word] tool (e.g. A very useful tool
  • a [Random word] [Random word] website (e.g. A very funny website)
  • a [Random word] [Random word] patch (e.g. A IE 6.0 patch)
  • [Random word] removal tools
  • how are you
  • let's be friends
  • darling
  • so cool a flash,enjoy it
  • your password
  • honey
  • some questions
  • please try again
  • welcome to my hometown
  • the Garden of Eden
  • introduction on ADSL
  • meeting notice
  • questionnaire
  • congratulations
  • sos!
  • japanese girl VS playboy
  • look,my beautiful girl friend
  • eager to see you
  • spice girls' vocal concert
  • japanese lass' sexy pictures

HOW THE VIRUS DAMAGES YOUR COMPUTER

According to Symantec, the virus can impart damages in following ways:

Payload:

This worm infects executables by creating a hidden copy of the original host file and then overwriting the original file with itself. The hidden copy is encrypted, but contains no viral data. The name of the hidden file is the same as the original file, but with a random extension.

Large scale e-mailing:

This worm searches the Windows address book, the ICQ database, and local files for email addresses. The worm sends an email message to these addresses with itself as an attachment.

Releases confidential info:

Worm randomly chooses a file from the machine to send along with the worm to recipients. So files with the extensions: ".mp8" or ".txt" or ".htm" or ".html" or ".wab" or ".asp" or ".doc" or ".rtf" or ".xls" or ".jpg" or ".cpp" or ".pas" or ".mpg" or ".mpeg" or ".bak" or ".mp3" or ".pdf" would be attached to e-mail messages along with the viral attachment.

DETECTION AND REMOVAL

For all its stealth technology and intelligence, fortunately detection of Klez virus and removal is not difficult. First of all, if you delete the e-mail without opening the file attachment -you are safe. In case you or your staff accidentally opens the attachment and the computer gets infected, detection and removal is comparatively easy. The virus binds itself to a random file in Windows/System directory. Symantec has given step by step instruction on how to detect its presence from Windows Registry file. In case you find your system infected, follow the removal instructions in www.symantec site.
Happy and Productive Surfing

Dr. Amit K Chatterjee

Related Links :
..

Author : Dr. Amit K. Chatterjee
(Amit worked in blue-chip Indian and MNCs for 15 years in various capacities like Research and Information Analysis, Market Development, MIS, R&D Information Systems etc. before starting his e-commerce venture in 1997. The views expressed in this columns are of his own.
Site Map | About Us | FAQ | Readers'  feedback | Exchange Link
Suggestion | Advertisement | Privacy Policy | Contact Us

Copyright © Faida.info. All Rights Reserved