
Posted: 6/1/2002 10:37:05 AM EST
In the past 24 hours I've recieved over 300 e mail messages. About 10% are "returns" of messages I sent to other AR15 site members which I never sent, The other 90% are messages from a screening outfit, telling me that I'm infected. What the heck do I do now?
|
|
|
I assume you have the latest Nortons installed and the latest definitions as well, right? Then do a complete scan on your computer to see if you are infected.
The virus takes random email addresses it finds in the infected computer and puts them in the "from" line in the email message so that it looks like someone else is sending them.
|
|
NOBAMA, you keep the change.
|
Sounds like Klez-this is the removal tool [url=]http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html[/url]
You must have opened an infected e-mail/attachment.
One of the 5 infected e-mails I got in the last 3 hours is from a worldnet account so I guess that's you.
Whoops goofed up the link-it's fixed now.
|
|
|
Aimless,
That's just it. I NEVER open any attachment, unless it's from my brother, and he's called me to tell me he was sending something. That's why I don't understand this.
Oh well, thanks for the reference. I'll give it a try.
|
|
|
Got me-not one of my limited fields of knowledge-I just know of the link. Best of luck-sucks to get one of these.
|
|
|
I've been hit a few times myself. But, most of it goes to either my Hotmail account, or Norton gets it.
It never ceases to amaze me how many people don't have antivirus protection...or if they do, the don't configure it to automatically update their definitions. It's not like virus' are something new! Even those who should know better are either too cheap or too mentally challenged.
Maybe we could get the politicians to make it illegal to own a PC without virus software. Then they could fine individuals who don't have it...a new source of revenue!
|
|
|
I've gotten about 20 that say they are from you.
|
|
|
Originally Posted By shamayim:
Aimless,
That's just it. I NEVER open any attachment, unless it's from my brother, and he's called me to tell me he was sending something. That's why I don't understand this.
Oh well, thanks for the reference. I'll give it a try. View Quote |
|
Texas -
Bigger than France. "The trouble with our liberal friends is not that they're ignorant, it's just that they know so much that isn't so." --RWR, 1964 |
go to www.grisoft.com and download the free virus protection software, its the best on the market, and its free.
|
|
|
Originally Posted By bunghole:
I've gotten about 20 that say they are from you. View Quote |
|
|
Originally Posted By Aimless:
Sounds like Klez-this is the removal tool [url=]http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html[/url]
You must have opened an infected e-mail/attachment.
One of the 5 infected e-mails I got in the last 3 hours is from a worldnet account so I guess that's you. View Quote
From :
ip_atty View Quote |
|
|
No neilfj, from shamayim.
|
|
|
I am being hit virtually every day by variants of the W32.Klez.xxx virus. A couple of weeks ago it hit me for the first time. At that incident, I'm not sure my virus scanner effectively deleted the virus since it was an older version of McAfee. I immediately disconnected my system from the Internet and went through a detailed and tedious cleansing process using DOS.
This virus is a nasty worm that travels around using e-mail and the address books in your computers to resend itself out to everyone listed in your computer address book in Outlook and Outlook Express. I understand that unlike some viruses, you do NOT have to open an attachment for this virus to infect your computer! If the virus arrives in your inbox and you don't have a up-to-date anti-virus program running...you’re screwed!
A detailed description on the McAfee site indicates that certain versions of the Klez series viruses contain TIME BOMBs...sub-viruses that go off on certain dates during the year and wreak havoc with your hard drive by overwriting files so this virus has the potential to be very destructive if not removed. I know of a couple of folks who failed to detect and clean this bug and they did lose their hard drives. Additionally, you may have been hit by mail delivery from someone whom you know...but the message in fact did not come from the person in the "From" box. Here is a bit of info on how the little critter works, from out friends at Symantec:
"Some variants of this worm use a technique known as "spoofing." If so, the worm randomly selects an address that it finds on an infected computer. It uses this address as the "From" address that it uses when it performs its mass-mailing routine. Numerous cases have been reported in which users of uninfected computers received complaints that they sent an infected message to someone else.
For example, Linda Anderson is using a computer that is infected with W32.Klez.E@mm; Linda is not using an antivirus program or does not have current virus definitions. When W32.Klez.gen@mm performs its emailing routine, it finds the email address of Harold Logan. It inserts Harold's email address into the "From" portion of an infected message that it then sends to Janet Bishop. Janet then contacts Harold and complains that he sent her an infected message, but when Harold scans his computer, Norton AntiVirus does not find anything--as would be expected--because his computer is not infected."
I am using Norton Antivirus to scan every mail message, both incoming and outgoing. Norton appears to be very effective in stopping this virus.
Go to the Norton website: http://www.symantec.com/ and select the "Search Virus Encyclopedia" hyperlink. Select the "W" option and follow the directions to the explanation of this annoying virus. There are even directions on how to delete this bug if you are infected.
GOOD LUCK!!!
|
|
Political Correctness is a doctrine, fostered by a delusional, illogical, liberal minority and rabidly promoted by an unscrupulous mainstream media, which holds forth the proposition that it is entirely possible to pick up a turd by the clean end.---Anon
|
OK---Finally, after three go arounds, the symantec program tells me that the virus is out of my system. Very interesting--neilfj points out that I'm the "real person" who sent him an infected email. My only contact w/him has been thru a note I put on this board sympathising with what he and others up in Massachusetts have to go thru re gun ownership.
My assumption is that the virus has infected this site, and that anyone using it is likely to get it (including this note). Anyway I'm going to withhold posting on the site for awhile, until I'm sure we've got this thing whipped.
To anyone who has had a problem w/ stuff that supposedly came from me, my apologies. Honest guys, I had no idea what was going on.
|
|
|
Originally Posted By shamayim:
OK---Finally, after three go arounds, the symantec program tells me that the virus is out of my system. Very interesting--neilfj points out that I'm the "real person" who sent him an infected email. My only contact w/him has been thru a note I put on this board sympathising with what he and others up in Massachusetts have to go thru re gun ownership.
My assumption is that the virus has infected this site, and that anyone using it is likely to get it (including this note). Anyway I'm going to withhold posting on the site for awhile, until I'm sure we've got this thing whipped.
To anyone who has had a problem w/ stuff that supposedly came from me, my apologies. Honest guys, I had no idea what was going on. View Quote |
|
|
AR15.COM is the world’s largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2019 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.