Member Login
Member Login
Member Login
CO, USA
|
Posted: 5/29/2002 5:47:08 PM EDT
Any other team members been getting a virus mailed to them? I have been getting one a week,WTH is going on?Thanks god the server catches it!
|
|
|
|
Posted: 5/29/2002 5:50:24 PM EDT
Nobody ever emails me anything [BD]
|
|
|
|
|
Posted: 5/29/2002 5:50:29 PM EDT
I've been getting it as well, WTF?
GIB [sniper] |
|
|
|
CO, USA
|
Posted: 5/29/2002 5:53:53 PM EDT
I wonder if its an Anti-gunner trying to stur up trouble,
Wrong crowd to start a fuss with IMHO[(:)] |
|
|
|
Posted: 5/29/2002 6:02:11 PM EDT
[Last Edit: 5/29/2002 6:23:22 PM EDT by Aimless]
No just the klez virus-I get about 4 a day-from the headers it looks like "lindan," or something like that, with an adelphi.net account is the latest infected account, I've gotten at least 3 from her/him in the past 2 days.
Here is one of them----- To: aimlesstc@yahoo.com via web14405.mail.yahoo.com; 28 May 2002 16:14:31 -0700 (PDT) Return-Path: Received: from smtprelay6.dc2.adelphia.net (64.8.50.38) by mta552.mail.yahoo.com with SMTP; 28 May 2002 16:14:29 -0700 (PDT) Received: from Fdhgkwza ([24.51.124.245]) by smtprelay6.dc2.adelphia.net (Netscape Messaging Server 4.15 smtprelay6 Dec 7 2001 09:58:59) with SMTP id GWUGJ600.NUT for From: "ARlady" To: aimlesstc@yahoo.com Subject: Eager to see you ________________________- Hopefully I'm not revealing anything here I shouldn't-anyway I e-mailed the person with this account and adelphia.net |
|
|
|
MI, USA
|
Posted: 5/29/2002 6:07:39 PM EDT
yeah, i've been getting 3 or 4 a week, they are all attachments and all different viruses, WTF??????????????????
|
|
|
|
Posted: 5/29/2002 6:08:40 PM EDT
It's the Klez virus. It fakes the return email, and finds emails from your browser cache
Do a web search and learn more. -Troy |
|
|
|
AZ, USA
|
Posted: 5/29/2002 6:15:08 PM EDT
Just deleted it.. The subject was "Magazines" interestingly enough.. ("BAT" file in an Email? I don't think so..)
Same adelphi addy that aimless mentioned.. Meplat- |
|
|
MI, USA
|
Posted: 5/29/2002 7:02:33 PM EDT
troy, is there any way we can find where it came from on the site???
does this sound like an intentional thing? |
|
|
AZ, USA
|
Posted: 5/29/2002 7:10:45 PM EDT
Hey! I finally got one from AR15. I am so jazzed.
From: Aimless@AR15 Subject: Complaints Virus: Suspicious I frame. I get this about 3 times a week from other places, but now I finally feel like one of the in crowd. Yahoo. |
|
|
TX, USA
|
Posted: 5/29/2002 7:12:23 PM EDT
I get 2-4 a day spoofed from the site. Latest was ten minutes ago "from" Cyrax777. Yes, yes I know he didn't send it. But something's amiss to get so many from this site and no other addresses.
|
|
|
|
Posted: 5/29/2002 7:18:06 PM EDT
While we are on the subject,I just got hammered HARD by one called Benjamin.
Its going around the file sharing circuit. Its supposed to be on Kazaa, but IMesh is loaded down with it now. You guys watch out! |
|
|
|
SC, USA
|
Posted: 5/29/2002 7:18:29 PM EDT
[Last Edit: 5/29/2002 7:19:49 PM EDT by Zardoz]
I just got a suspicious E-mail from "Webmaster@AR15.com," subject "Information." I opened the E-mail (dumbass that I am), and there was---nothing. I deleted the mail, but have I accidently infected my computer just by opening the mail?
|
|
|
WA, USA
|
Posted: 5/29/2002 7:23:09 PM EDT
Been getting three to four a day sent to my ICQ email account , earlier ones said they were from cyrax777 . Now I'm getting them from all over the place .
|
|
|
MN, USA
|
Posted: 5/29/2002 7:30:27 PM EDT
Me too.. Even I could have written a better piece of shit virus than the fag that wrote this one. Anyone want his server IP and his balls in a sack ? His codes suck!!!!!!!!!!!!
|
|
|
|
Posted: 5/29/2002 8:02:51 PM EDT
Originally Posted By quietshoez: troy, is there any way we can find where it came from on the site??? does this sound like an intentional thing? The person who is infected doesn't even have to be a member here. If they've browsed the site, any emails imbedded in any of the HTML for the web pages will be in their browser's cache, and Klez will go there (as well as in their Outlook address book) and grab all the email addresses. It will use one as the return address, and send the virus, with a randomly selected subject from the browser cache, to everyone on the list. So to figure out where it REALLY comes from, you have to be able to see ALL of the headers on your email. Then you've got to get that person to clean up their system. -Troy |
|
|
|
MN, USA
|
Posted: 5/29/2002 8:06:59 PM EDT
Here we go, entered U.S via Cupertino,CA 95014 from Taiwan, then did a reverse NODE NAME to an address 195.c210-58-184 checking IP now.
|
|
|
|
Posted: 5/29/2002 8:07:23 PM EDT
[Last Edit: 5/29/2002 8:07:51 PM EDT by A2cat-man]
Just put one in quarantine. Take that you nasty klez virus!!!!
|
|
|
|
VA, USA
|
Posted: 5/29/2002 8:11:24 PM EDT
I get a sender "postmaster" that is constantly sending me "mail undeliverable re: HKishamo." It is really freakin' irritating. Do have the virus and am just getting a blocked address? Since I've never opened an email that has anything in it (although they say the message is like 100+ K, the page is just blank other than the address and the mail subject) I don't think I have the virus.
|
|
|
|
Posted: 5/29/2002 8:15:44 PM EDT
[Last Edit: 5/29/2002 9:06:12 PM EDT by Troy]
First, if you aren't running an antivirus program, you probably should receive 40 lashes. Install Norton AV 2002 immediately!
But, for those of you cheap bastards who refuse to be responsible for your machine, at LEAST go here and get the FREE Klez cleaner: [url]securityresponse.symantec.com[/url] -Troy |
|
|
|
|
Posted: 5/29/2002 8:17:07 PM EDT
WEB VD.
"been to the clinic lately?" |
|
|
|
MN, USA
|
Posted: 5/29/2002 8:31:41 PM EDT
From russia with love (ites;ro=3;rc=2000;pn=;to=;2009;po) This is the fag who started the trouble!!!!!!!!!!!!!!!Some one was lookig for Warez programs in Kalifornia at a Russian site and Bingo infected us all. I will find the user next.
|
|
|
MN, USA
|
Posted: 5/29/2002 9:00:29 PM EDT
This is REALLY going to take a while. Reversing DNS #s 167,485,285
|
|
|
AZ, USA
|
Posted: 5/29/2002 9:19:20 PM EDT
[Last Edit: 5/29/2002 9:23:06 PM EDT by cyrax777]
oh thank god it was the cache that had my e-mail in it im not even a team member so if it said @ar15.com or was it @hotmail? just ran macafee says im clean thank god
|
|
|
|
Posted: 5/30/2002 11:32:12 PM EDT
Originally Posted By Troy: It's the Klez virus. It fakes the return email, and finds emails from your browser cache Do a web search and learn more. -Troy That's what I figured cuz I had it show up in my box from [b]YOU[/b]!!!! [:D] My firewall and Hotmail's antivirus software just delete the attachment anyway. |
|
|
|
WV, USA
|
Posted: 5/31/2002 11:58:46 AM EDT
I,ve been gettin them too..
|
|
|
CO, USA
|
Posted: 5/31/2002 12:07:10 PM EDT
[Last Edit: 5/31/2002 12:07:51 PM EDT by M4_Aiming_at_U]
Now im getting this crap sent to my AOL addy. I pay 30 bucks a month for aol and yet the AOL timewarner bastards cant have anykind of virus scan for my aol mail? AT least Ar15.com has that!
|
|
|
IN, USA
|
Posted: 5/31/2002 2:30:03 PM EDT
IS this being targetet at AR15com users or just coincidence? Im not a member but it seems kind of odd that so many of us are getting hit like this.
Is this doen by a bot or is someone handpicing members? What a little toad. Could it even be a black op by the gun grabbers? I think I hear helos outside! Seriously, I have NEVER had one before and this level of infestation seems kind of odd. Hell I dont even get much spam. |
|
|
TX, USA
|
Posted: 5/31/2002 2:37:09 PM EDT
I just got one for someone named hank. I have noticed that this virus changes the subject line and they are between 120kb to 135kb. Again, I am thankful that hotmail gets to it before I ever opened them.
|
|
|
|
Posted: 5/31/2002 2:43:44 PM EDT
Originally Posted By Ernie: IS this being targetet at AR15com users or just coincidence? Im not a member but it seems kind of odd that so many of us are getting hit like this. Is this doen by a bot or is someone handpicing members? What a little toad. Could it even be a black op by the gun grabbers? I think I hear helos outside! Seriously, I have NEVER had one before and this level of infestation seems kind of odd. Hell I dont even get much spam. No, it's not an anti-gun plot. All it took was ONE member here to have gotten it. Once that happens, it starts getting spread. The one member could have gotten it from anywhere. Once it starts to spread, all the people with no anti-virus software that run the attachment get infected, and THEY start sending it out. Klez is just particularly nasty. Most of the other email viruses just search the Windows Address Book (Outlook Express address book) and use it. This one (Klez) searches all local files for email addresses, and gloms them all up. It then sends itself to whatever email addresses it has found. Just update your virus defs, and you'll be fine. -Gloftoe |
|
|
|
|
Posted: 5/31/2002 2:58:17 PM EDT
I feel special. On Tues I got one 'from' Ed Sr...!
|
|
|
|
|
Posted: 5/31/2002 3:46:00 PM EDT
Yeh Dark I got one from Troy@ar15/com this morning,Norton nuked the message but still had header from troy.
I knew it wasn't really from troy,so double nuked it just to make sure. Stop This Now Troy, Bob [:D} |
|
|
|
MO, USA
|
Posted: 5/31/2002 4:15:08 PM EDT
I'm gettin' 1-4 a day.
Several with AR15 users names. So far anti virus has gotten them. If I get an email with no text in the message I delete them. Today I got one with some text"Sophos" or something like that,but deleted it anyway. I still think there is a good chance its anti gunners,but who knows. It seems to be running rampent. One thing a Bro told me is to set up your first address in your'addresses' is with a phoney addy. I used aaa----@ aol.com. Then figuring maybe these guys would get smart I ran another fake using aaaaa----@----. He told me if the worm or virus doesn't get through on your first address it dies and can't infect any others on your address list. Hope this makes sense and also hope its true. |
|
|
CO, USA
|
Posted: 5/31/2002 4:15:12 PM EDT
[Last Edit: 5/31/2002 6:50:10 PM EDT by M4_Aiming_at_U]
[red][b]Yup definitly the "Klez" I just got this one a few minutes ago!:[/b][/red]
Prev | Next | Reply | Reply All | Forward | Delete | Print | Move to folder...MiscSalesSentTopic Files From: "System Administrator " To: CC: Date: Fri, 31 May 2002 20:00:35 -0400 Subject: WARNING: YOU WERE SENT A VIRUS -------------------------------------------------------------------------------- We Saved You Again !! ****************************************************************** The Anti-Virus software on AR15.com has reported that you were sent a virus from lindah64@adelphia.net, with the subject "Information". The E-mail containing the virus has been quarantined to prevent further damage. ****************************************************************** Virus Name: : W32/Klez.H@mm Attachment: Unknown File Message ID: <200205312000250.SM00355@smtprelay9.dc2.adelphia.net> Number of Recipients: 1 Queue Name: D0ea109f402a84729.SMD Hostname of Sender: adelphia.net (c) 2002 WEB-Comm Technologies Corp. http://www.web-comm.com support@web-comm.com (c) 2002 Network Security Group Inc. http://www.NetworkSecurityGroup.com |
|
|
MN, USA
|
Posted: 5/31/2002 6:46:52 PM EDT
As of today the W32.Klez.H@mm virus accounts to 17% of all the viruses reported to Symantec in the past 24hrs. It has been updated by McAfee to a Medium Risk Virus. Here are it's aliases W32/Klez.G@mm (Norman), W32/Klez.gen@MM, W32/Klez.I (Panda), W32/Klez.K-mm, WORM_KLEZ.G (Trend). BTW this virus has been known since 4/17/02. W32/Klez.h@MM makes use of Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability in Microsoft Internet Explorer (ver 5.01 or 5.5 without SP2).We need to update, goto windows update and check for updates,.
I will check to see if there are any other updates available. |
|
|
|
Posted: 5/31/2002 7:48:31 PM EDT
I have been getting 4 or 5 a week and apparently my computer is sending them out too, as I got a couple of 'undeliverable' e-mails where it apparently attempted to send to some ar15.com members. I thought Norton was quarantining this virus as I got each one, but somehow it got in anyway. I am going to run a scan tonight.
|
|
|
|
|
Posted: 5/31/2002 7:59:52 PM EDT
I'm getting something like 4-5 a day from this same account-lindah64@adelphia.net. I even wasted my time e-mailing her/him and the host. Oh well Yahoo and the AR server catch it, at least I'm getting some mail...
|
|
|
|
|
Posted: 5/31/2002 8:07:51 PM EDT
Originally Posted By Troy: First, if you aren't running an antivirus program, you probably should receive 40 lashes. Install Norton AV 2002 immediately! But, for those of you cheap bastards who refuse to be responsible for your machine, at LEAST go here and get the FREE Klez cleaner: [url]securityresponse.symantec.com[/url] -Troy They both say I'm clean. Is this a really stealth virus? |
|
|
|
AR15.COM is the world’s largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2020 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
