| Home | About Us | Products | Support | Downloads | Resellers | Links |
|
|
|
||||||||
|
|
|||||||||
|
|||||||||
Several customers have contacted F-Secure and reported receiving a virus warning in e-mail from us - and that the warning contained an attachment infected with the Klez virus.
Of course, F-Secure has not been infected by Klez and has not sent out any viruses. Instead, what is happening is that the Klez virus is sending faked messages which look like they are coming from various anti-virus vendors.
Klez is a large family of viruses and it is capable of sending several different types of messages. Some examples include:
From: random-email-address
Subject: W32.Elkern removal toolsW32.Elkern is a dangerous virus
that can infect on Win98/Me/2000/XP.F-Secure give you the W32.Elkern
removal toolsFor more information,please visit http://www.F-Secure.com
Attachment: random file infected with Klez
or:
From: random-email-address
Subject: Worm Klez.E ImmunityKlez.
E is the most common world-wide spreading worm. It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can'tdetect or clean it.We developed this free immunity tool to defeat the malicious virus. You only need torun this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fakeKlez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me.
Attachment: random file infected with Klez
Delete such messages. Also note that typically the address of the
sender is random, and does not belong to the user of the infected
machine which really sent the messages (the real sender can often
be found by analysing the message headers).
The author of the Klez worms is not targetting just F-Secure; the
virus sends similar messages but uses other company names instead
of ours. These include Sophos, Symantec, Mcafee, Trendmicro and
Kaspersky.