Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

W32.Klez worm, Do my Anti Virus detect this ?


  • Please log in to reply
18 replies to this topic

#1 Jove

Jove

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 13 April 2013 - 01:52 PM

How do I know if my usual Virus scanners will detect the  W32.Klez worm ?

 

I have been having some emails returned undeliverable, . .

 

these were sent to three different recipients, in three different parts of the world, . . 

 

so I am trying to find out what is going on ?

 

 


When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


BC AdBot (Login to Remove)

 


#2 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 13 April 2013 - 06:38 PM

The last 3 said this;
 
Remote host said: 
554 Blocked -
 
Remote host said:
All messages from will be permanently deferred; Retrying will NOT succeed
 
Remote host said:
All messages from  will be permanently deferred; Retrying will NOT succeed.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#3 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 13 April 2013 - 06:56 PM

I reconfigured my account setting according to my ISP, . . there is a slight possibility that there was a space after a "dot" etc., if so maybe there is a tampering malicious involved.?

anyway I am retrying some emails.


Edited by Jove, 13 April 2013 - 06:57 PM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#4 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 13 April 2013 - 07:06 PM

Please tell me about receipts and secure receipts, can I or shall I use both to check if my mail is going to the recipient ?

 

I am using Outlook Express 6


When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:40 AM

Posted 14 April 2013 - 02:19 AM

Hi -

Download Security Check by Screen317 from HERE
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If a security program requests permission to access the Internet, allow it to do so.

Thank You -



#6 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 14 April 2013 - 04:09 AM

Ok thanks, . . but what are we doing ? is this for the W32.Klez worm or something else ?

 

 

 

 

 

.


Edited by Jove, 14 April 2013 - 04:35 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#7 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 14 April 2013 - 04:41 AM

 Results of screen317's Security Check version 0.99.62  
 Windows XP Service Pack 3 x86   
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
 AVG Free 9.0    
 ESET Online Scanner v3   
 COMODO Firewall Pro    
`````````Anti-malware/Other Utilities Check:`````````
 Ad-Aware 
 MVPS Hosts File  
 Out of date HijackThis  installed!
 SpywareBlaster 4.1    
 Spybot - Search & Destroy 
 SUPERAntiSpyware Free Edition   
 Secunia PSI    
 Malwarebytes Anti-Malware version 1.70.0.1100  
 HijackThis 2.0.2    
 Java™ 6 Update 32  
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player 11.2.202.235  
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox 17.0.1 Firefox out of Date!
 Google Chrome 26.0.1410.43  
 Google Chrome 26.0.1410.64  
````````Process Check: objlist.exe by Laurent````````
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
 AVG avgwdsvc.exe 
 AVG avgtray.exe 
 AVG avgrsx.exe 
 AVG avgnsx.exe 
 AVG avgemc.exe 
 Comodo Firewall cmdagent.exe 
 Comodo Firewall CPF.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Edited by Jove, 14 April 2013 - 04:44 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#8 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 14 April 2013 - 04:51 AM

 I have definition for SSD Thank you.

 Internet Explorer 7 Out of date! I do not use this 
 Windows Security Center service is not running! This report may not be accurate! I do not use this
 Out of date HijackThis  installed! Hmmmm ?
 Java version out of Date! Something seems to keep me from up dateing this !
 Adobe Flash Player 10 Flash Player out of Date! Hmmmmm ?

 Adobe Reader 9 Adobe Reader out of Date! Something seems to keep me from up dateing this !

 Mozilla Firefox 17.0.1 Firefox out of Date! No longer use this 

 Ad-Aware AAWService.exe is disabled! I do not run this and seldom use it ?

 Ad-Aware AAWTray.exe is disabled! I do not run this and seldom use it ?

 Total Fragmentation on Drive C:: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!) What is SSD ?

 

Have; 

Adobe Flashplayer 10 Active x

Adobe Flash Player 11 Plug in
Adobe Reader 9.2
 

Do you find anything that maybe a problem relating to my email situation, 

Over time there has been a few suspicious pieces of mail that have made it to me through my spam filter.

Edited by Jove, 14 April 2013 - 10:40 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#9 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 14 April 2013 - 11:16 AM

I now find a return email that reached my recipient is in my spam folder, . . I have mailed this person same address for years,

 

Is it possible someone in my ISP is messing with me ?

 

I decided to utilize receipt request but would like to know what, "Secure Receipts" are, I am guessing 

that is a client based product ?


Edited by Jove, 14 April 2013 - 11:19 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:40 AM

Posted 14 April 2013 - 04:21 PM

Hello -

First there are a few things you need to fix or recognise as not being correct on your computer -

 

Internet Explorer 7 Out of date!
Malwarebytes Anti-Malware version 1.70.0.1100 
Java™ 6 Update 32  - Java version out of Date!
Mozilla Firefox 17.0.1 Firefox out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Ad-Aware AAWService.exe is disabled!

Total Fragmentation on Drive C:: 15% - Defragment your hard drive soon! (you will not have SSD) -

 

These were the basic type of things I was looking for ..............


Do you have Windows Updates set to download automatically ? Your I.E. browser should be I.E.8 minimum. This would have been updated quite a while back. Even if F/fox or Chrome is your main "browser", understand that you still run a "Microsoft / Windows System"


Your Malwarebytes Anti-Malware Should be updated. It is now Version 1.75
If you wish to run Java, then your Java is way outdated. It is now Version7 Update17
You run AVG Free 9.0, but you run COMODO Firewall Pro - Is the Comodo a Free Trial of the Pro version ??
If you had a Pro Antivirus, most of them now have their own firewall / shields included, like avast ! has -

I can only help you to update all of these programs (if you like) - But if you wish to have a Full Malware inspection, this is not the correct area of the forum. For that you must post in the Malware Logs area of the forum and have an Expert tell you if there are any remains of that infection left, and tell you what steps need to be taken to fix your system -

So your system needs corrections for it to run as it was designed to, or you will have problems - This is what happens when you do not correctly service your computer - Would you run your car for 3 years without servicing it ??

 

Thank You -

EDIT for Extra - -

Please note - Old Version of AVG Free Edition 9.0.698 - Release Date - 26 October, 2009 (3 years ago )

The current release of AVG has been out for over 6 months, and yours is over 3 years old.

Do my Anti Virus detect this ? Do you keep everything updated to catch things ----------


Edited by noknojon, 14 April 2013 - 04:34 PM.


#11 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 14 April 2013 - 05:58 PM

Yeah Man sorry my mind has really been out of town.

I did not see AVG needing to be updated on that previous scan, It updates automatically

I was under the impression that if it updated that is the maximum protection for that program >?

 

AVG Version  9.0.932
Virus Data Version   2641.1.1/5744
Release Date             Sunday April 14,2013
Link Scanner Version     1619
 
Program name AVG Anti-Virus Free
 
I have seen AVG go into action once or twice since I have had it over the years, that seems to be decent, .  COMODO to be honest I just check approve its always poping up, there does not seem to be any response when you do ask COMODO or after sending something to them, . . although I have the free version.
 
The government keeps me broke and poor I don't know why, I wouldn't do that to them.

 

You are right about Automatic Updates, I turned them off for some reason and, Man, I forgot to turn it back on. BTW, how'd you know that ?

 

I no longer use Internet Explorer or Firefox, I installed chrome, because, this PC max RAM is 512, and it gets slow.

Are you advising I update these ?

The Adobe and Java I will update at night but with my dialup, . .  hmmmm, I hope it will work for the 8 to 10 hours I can give that,

I'll try one at a time, . .

 

Are you suggesting maybe a HJT log submission ?


Edited by Jove, 14 April 2013 - 06:28 PM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:40 PM

Posted 14 April 2013 - 08:21 PM

FYI, AVG does detect that Worm

http://home.mcafee.com/virusinfo/virusprofile.aspx?key=2620027#none


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:05:40 AM

Posted 14 April 2013 - 11:24 PM

Thanks to boopme for that extra ,,,,,,,,,,,,
>> "I no longer use Internet Explorer or Firefox, I installed chrome, because, this PC max RAM is 512, and it gets slow." <<
Any 512RAM (half GIG) computer will now be very slow, as these were the first XP units made -


Please read what I wrote above regarding the fact that you do have a Microsoft / Windows System.

This is easy to pick up as you still only have I.E. 7 installed, and this was updated ages ago in normal updates -

For this reason, you need to keep the computer fully updated with ALL M/soft updates that are offered. You should learn how to remove all unwanted programs, update all installed programs, as usually a computer of this size is only used for basic work these days.

You should have Windows Updates listed at the top of your Programs list, or just Google Windows Updates from the live link in my signature

You can also install Java off line, and install it from your desktop if you have problems with this and others.


If you do not use Firefox, then why not uninstall it, also Internet Explorer is always useful for many programs (update it).

Mozilla Firefox 17.0.1 Firefox out of Date!, so remove it from ADD / REMOVE in control panel.(wasted space)


If you think the system is too "small" then try to install another stick of RAM (which is cheap), if you can.

If you wish to keep AVG, you always need to check their site, and install the latest version of that program.
http://www.avgfree.com.au/download_avg_anti-virus_free_edition.cfm (latest AVG free download) and details.


Programs like diskcheck and Defrag should be run, and Ad-Aware should removed, with all other un-needed programs that need removal on a half GIG system, with only your required programs updated and kept -
Spybot - Search & Destroy has very little use these days, and has been passed by your own Antivirus.

 

A post to HJT (Malware Removal) is not required, just removal of un-needed programs, and updating all needed programs.

 

Thank You -

EDIT -

I would only use this for basic computing, and not for banking and other financial transactions -


Edited by noknojon, 14 April 2013 - 11:27 PM.


#14 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 16 April 2013 - 07:01 AM

Thanks to boopme for that extra ,,,,,,,,,,,,
>> "I no longer use Internet Explorer or Firefox, I installed chrome, because, this PC max RAM is 512, and it gets slow." <<
Any 512RAM (half GIG) computer will now be very slow, as these were the first XP units made -


Please read what I wrote above regarding the fact that you do have a Microsoft / Windows System.

This is easy to pick up as you still only have I.E. 7 installed, and this was updated ages ago in normal updates -

 

Thank you for your help, . .

 

OK, . . I am working on it and have my, "W.U.D.'s",  back on and Java updated, . .

However as I go along here, I am curious to know what you mean, (high lighted in blue above),

"This is easy to pick up"  ?

 

Also, I am on the AVG 2013 download page, . . . what about the previously installed version ????


Edited by Jove, 16 April 2013 - 07:16 AM.

When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert


#15 Jove

Jove
  • Topic Starter

  • Members
  • 2,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Very South Jersey
  • Local time:03:40 PM

Posted 16 April 2013 - 07:20 AM

FYI, AVG does detect that Worm

http://home.mcafee.com/virusinfo/virusprofile.aspx?key=2620027#none

 

Please tell me, . . .Is this my only choice ? 


When you don't have to worry about your computer anymore, you can start
living again !

vrwqzc.gif
Success is a result, not a goal. . . . Flaubert





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users