User Panel
User Panel
User Panel
|
Posted: 4/24/2002 6:27:53 PM EDT
[#1]
Can you provide any header information from the email?
|
|
|
|
Posted: 4/24/2002 6:28:37 PM EDT
[#2]
don't know about that one. I have gotten a SHIT load of virus sent to me in the last few days though. not through ar15 but from members private email accounts.
|
|
|
|
Posted: 4/24/2002 6:29:13 PM EDT
[#3]
I read some posts here today about a virus.
If it has an attachment, Delete it and run Virus scan on your computer pronto. |
|
|
|
Posted: 4/24/2002 6:34:42 PM EDT
[#4]
I recieved this email the other day, and all I can say is that I never sent an email like that to anyone. I think someone was using the email to forward a virus of some sort.
From: "Sniper Wolfe" To: CC: Date: Mon, 22 Apr 2002 19:48:41 +0000 Subject: Re: Worm Klez.E immunity -------------------------------------------------------------------------------- sounds to me....like you made this klez e virus and would send it to me in the form of a supposed anti-virus....not-gonna-fool-me! -Sniper Wolfe |
|
|
|
Posted: 4/24/2002 6:58:55 PM EDT
[#5]
Quoted: I recieved this email the other day, and all I can say is that I never sent an email like that to anyone. I think someone was using the email to forward a virus of some sort. From: "Sniper Wolfe" To: CC: Date: Mon, 22 Apr 2002 19:48:41 +0000 Subject: Re: Worm Klez.E immunity -------------------------------------------------------------------------------- sounds to me....like you made this klez e virus and would send it to me in the form of a supposed anti-virus....not-gonna-fool-me! -Sniper Wolfe I got something like this today. It was a returned from Postmaster as undeliverable and it was some virus thing with the senders address as mine. I don't know anything about viruses. I don't know what the hell was going on with that email. I hate that kinda shit.[pissed] CAPITALIST |
|
|
|
Posted: 4/24/2002 7:06:16 PM EDT
[#6]
Same here CAP & nut. Just hit
|
|
|
|
Posted: 4/24/2002 7:38:10 PM EDT
[#7]
Quoted: don't know about that one. I have gotten a SHIT load of virus sent to me in the last few days though. not through ar15 but from members private email accounts. Me too-with headers like-"my new humor game" and "Check out this Britaney Spears Video" I didn't find any virus attached but the files were way too huge for the four lines of text in them so they must have been something funky. I deleted 'em without e-mailing back, which was probably a mistake. |
|
|
|
Posted: 4/24/2002 8:03:21 PM EDT
[#8]
Guys, someone is messing with the Board members. I have the Klez virus. It is a freaking nightmare. It began with an e-mail from DScottHewitt with an attachment. Like an idiot I downloaded it. Big mistake. This was Mon. AM, and I have been going crazy since. It originated in Japan. I have been receiving warnings from AR15.com e-mail saying I have sent viruses to several people (ARlady tonight) even though I have not e-mailed anyone from here. I also keep receiving e-mails with attachments from me to me. A computer guru will hopefully fix it tomorrow, but in the meantime my account has been locked twice for violation of "terms of members' agreement." One of them I received was from "[email protected]" also. Don't download anything suspicious!! Someone is working this Board, as no one in my addy book has received anything--just ARFCOM members. Rotten bastard needs his heart cut out!! [pissed]
|
|
|
|
Posted: 4/24/2002 8:10:05 PM EDT
[#9]
I agree, I smell a rat here. The e-mails I got were from guys that I have never had any e-mail contact with so I can't figure why my e-mail address would be in their address books. Very strange.
|
|
|
|
Posted: 4/24/2002 8:11:36 PM EDT
[#10]
Quoted: Quoted: don't know about that one. I have gotten a SHIT load of virus sent to me in the last few days though. not through ar15 but from members private email accounts. Me too-with headers like-"my new humor game" and "Check out this Britaney Spears Video" I didn't find any virus attached but the files were way too huge for the four lines of text in them so they must have been something funky. I deleted 'em without e-mailing back, which was probably a mistake. Aimless, I got an e-mail from you tonight with the subject, "some questions", but no text in the message body. Did you send this? If so, you'll have to re-send your questions. Thanks, Jeff Ooops, nevermind. I didn't catch beekeeper's latest reply in time. |
|
|
|
Posted: 4/24/2002 8:13:59 PM EDT
[#11]
Quoted: Quoted: Quoted: don't know about that one. I have gotten a SHIT load of virus sent to me in the last few days though. not through ar15 but from members private email accounts. Me too-with headers like-"my new humor game" and "Check out this Britaney Spears Video" I didn't find any virus attached but the files were way too huge for the four lines of text in them so they must have been something funky. I deleted 'em without e-mailing back, which was probably a mistake. Aimless, I got an e-mail from you tonight with the subject, "some questions", but no text in the message body. Did you send this? If so, you'll have to re-send your questions. Thanks, Jeff No way, not from me!-what was the address it came from? Not only was it not from me, but I don't even have your address in any of my address books. I don't have ANYONE's address from here in any of my address books. I THINK one of the e-mails I got had a return address of [email protected] that was with a heading of "humor game" and was 115k or more in size. Is there anyway to fabricate a return address on an e-mail, because it's starting to look like that's what's going on. |
|
|
|
Posted: 4/24/2002 8:20:30 PM EDT
[#12]
I noticed you guys all have your email exposed for anyone here to see, maybe that has something to do with it, I don't publish mine.
|
|
|
|
Posted: 4/24/2002 8:22:30 PM EDT
[#13]
I just got another one from "BYU's" address. Someone is e-mailing us nonsense somehow using the addresses of other members.
Edited to add-I'm only speculating, of course, Either that or BYU wants me to be his honey |
|
|
|
Posted: 4/24/2002 8:23:06 PM EDT
[#14]
It has the same email address that is in your profile as the sender. I just looked at the full headers and it appears to have originated from an AOL account. The return path is
Somebody is screwing with us. [:(!] |
|
|
|
Posted: 4/24/2002 8:24:14 PM EDT
[#15]
Its the damn Taliban!!!!!!!!!!
|
|
|
|
Posted: 4/24/2002 8:26:54 PM EDT
[#16]
I wonder if this is something Goatboy needs to know about? All of the e-mails have an attachment that should NOT be d'loaded. Some have a Jap-accent message such as, "This is new game I make. You first to try. I hope you find fun in it."--or something similar. The ones I have received were also from guys I have never e-mailed and do not have their addy in my computer. Another one was [email protected]. I have had no dealings with him. Can this little Jap prick be tracked down and dropped off at the BRC? [pissed]
|
|
|
|
Posted: 4/24/2002 8:40:34 PM EDT
[#17]
I e-mailed Goatboy this thread address through one of my other "real" e-mail accounts.
Oh heres the two I just got- Date: Wed, 24 Apr 2002 18:56:50 -0400 (EDT) From: "asw34" To: [email protected] Subject: Honey +++++++++++++++++++++& ++++++++++++++++ Date: Wed, 24 Apr 2002 20:38:34 -0400 (EDT) From: "bmiller1020" To: [email protected] Subject: CELLPADDING I assume that bmiller is one of us, but don't recognize the name. |
|
|
|
Posted: 4/24/2002 8:47:47 PM EDT
[#18]
I got a very similar e-mail, also with nothing in the message area. The return e-mail was from a fellow member but not anyone I have ever contacted before.
[>:/]Very, very strange.[>:/] Sgtar15 |
|
|
|
Posted: 4/24/2002 8:50:05 PM EDT
[#19]
Damn, I feel left out. I haven't gotten anything yet. I must be more unpopular than I thought.[:D]
|
|
|
|
Posted: 4/24/2002 9:07:08 PM EDT
[#20]
It's really a virus/worm that you can read more information about here...[url]http://securityresponse.symantec.com/avcenter/venc/data/[email protected][/url]
Although it can be a bit confusing when first seen, what happens is that this worm searches the Windows address book, the ICQ database, and any local files (like your internet 'temp' files of pages you've visited) for email addresses. So if your email address is visible on the page somewhere, there's the potential for it to be 'hijacked' and make it look like you're sending the virus. (But if you look at the detailed mail header, you can tell that it never came from your computer) The 'subject' line, message bodies, and attachment file names are all random. The 'From' address is randomly-chosen from email addresses that the worm finds somewhere on the infected computer. The worm then sends an email message to these addresses with itself as an attachment. If you don't have an antivirus program, go get one and keep the virus definitions current. Unfortunately this worm disables most antivirus programs (so it either won't load at startup or it crashes when you try to run it), but it can be removed using the tool from Symantec at this address: [url]http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html[/url] Bottom line is 'if it looks suspicious, don't open it!'. (Although sometimes the virus will include some pretty damned interesting private files as a separate attachment! lol) -Observer |
|
|
|
Posted: 4/24/2002 9:24:30 PM EDT
[#21]
This is a worm that's been spreading like mad. Apparently a few ISPs have gotten hit (morons) and they've led to this thing getting out of hand.
The AR15.Com mail server (for team members) has been catching this thing like mad (I get about 25-100 a day!) so be thankful! ]=) We'll be looking at our servers and checking for any patches we've missed, but they should be solid and up to date. BTW - This virus masks itself and will randomly assign the "FROM" field so that it's harder to track. The headers are key because they help track the IP to a user. So half these you get are not from the person it looks like! |
|
|
|
Posted: 4/24/2002 9:25:26 PM EDT
[#22]
I've never received a virus to my AR15.com email account. They are always stopped by the anti-virus software that the account provider uses. On top of that, all my incoming and outgoing mail is scanned by Norton Anti-virus. With a little preventative maintenance and common sense, you should be safe from viruses.
USPC40 ------------------------------------------------- [b][blue]NRA Life Member[/blue][/b] - [url]www.nra.org[/url] [b][blue]GOA Life Member[/blue][/b] - [url]www.gunowners.org[/url] [b][blue]SAF Supporter[/blue][/b] - [url]www.saf.org[/url] [b][blue]SAS Supporter[/blue][/b] - [url]www.sas-aim.org[/url] [img]www.ar15.com/members/albums/USPC40/alabamaflag.gif[/img] |
|
|
|
Posted: 4/24/2002 9:28:38 PM EDT
[#23]
Last week, I got an e-mail from The_Beer_slayer that had his member GIF attached. Didin't think much about it., since most of the virius' won't bother my Mac.
|
|
|
|
Posted: 4/25/2002 2:16:59 PM EDT
[#24]
Good news, kinda, sorta, for me. I am back home with no virus. [b]Sans everything that was in my computer.[/b] The computer guru spent two hours trying to eradicate it, then another two hours wiping out everything and re-loading. I am back to normal, but still very angry with whoever gets their jollies doing things like this. I also now have a year of Norton's 2002 Virus Protection. I have closed the barn door now that the horses are all out and gone. [pissed]
|
|
|
|
Posted: 4/25/2002 2:43:09 PM EDT
[#25]
Got something too, guys...what's going on?
|
|
|
|
Posted: 4/25/2002 3:09:09 PM EDT
[#26]
Quoted: Guys, someone is messing with the Board members. I have the Klez virus. It is a freaking nightmare. It began with an e-mail from DScottHewitt with an attachment. Like an idiot I downloaded it. Big mistake. This was Mon. AM, and I have been going crazy since. It originated in Japan. I have been receiving warnings from AR15.com e-mail saying I have sent viruses to several people (ARlady tonight) even though I have not e-mailed anyone from here. I also keep receiving e-mails with attachments from me to me. A computer guru will hopefully fix it tomorrow, but in the meantime my account has been locked twice for violation of "terms of members' agreement." One of them I received was from "[email protected]" also. Don't download anything suspicious!! Someone is working this Board, as no one in my addy book has received anything--just ARFCOM members. Rotten bastard needs his heart cut out!! [pissed] Need I say it was NOT me who did this? BTW, was it the NRA mail, or another mail it was supposedly from, Beekeeper? Scott |
|
|
|
Posted: 4/25/2002 3:19:21 PM EDT
[#27]
Quoted: Need I say it was NOT me who did this? BTW, was it the NRA mail, or another mail it was supposedly from, Beekeeper? Scott Of course it was not you! I was just trying to give examples of what to watch out for. Umpteen members were sent e-mails with viruses attached from my account, in my name. Funny thing, as I was not expecting anything from you I just deleted it. Then I started feeling guilty, in case it was something important, and due to your credibility, I retrieved it and d'loaded it. As I said, big mistake. My account has been suspended twice and many ARFCOM members have received virus-attached e-mails from "me." These things are ugly. You might want to run a good virus scan to be safe, as it was from your account, with the name DScottHewitt@ something-or-other-I-don't-recall. Take care, certainly no sweat here. Now the one who started this . . . [b]that's[/b] another story. LOL |
|
|
|
Posted: 4/25/2002 3:19:30 PM EDT
[#28]
I found three suspicious mails at MyNRA e-mail:
One from "loria" with the subject line "Document.write(str)" and a size of 128kb One from "homegain" with the subject line "meeting notice" and a size of 156kb One from "WednesdayFun" with the subject line "Hi, DScottHewitt, welcome to my homet..." and a size of 145kb Someone is going hogwild? Scott P.S. Mike, I seriously did NOT send you a mail about a copywrite notice. I saw your reply. Does that mean it was sent through my mail, without my knowledge? |
|
|
|
Posted: 4/25/2002 3:31:52 PM EDT
[#29]
I also received this virus, (on my private account), from a member, it was stopped cold by my Norton anti-virus. My AR15 mail account also received one which was stopped by the AR server.....
|
|
|
|
Posted: 4/25/2002 3:34:21 PM EDT
[#30]
Everyone,
I NEVER use NRA mail to send mail, unless I am replying to a previous contact. If mail with my name shows up from MyNRA.com, just delete it. Scott |
|
|
|
Posted: 4/25/2002 3:35:58 PM EDT
[#31]
Quoted: P.S. Mike, I seriously did NOT send you a mail about a copywrite notice. I saw your reply. Does that mean it was sent through my mail, without my knowledge? Yes. |
|
|
|
Posted: 4/25/2002 3:38:43 PM EDT
[#32]
Quoted: Quoted: P.S. Mike, I seriously did NOT send you a mail about a copywrite notice. I saw your reply. Does that mean it was sent through my mail, without my knowledge? Yes. Little Japanese jerk. Anyone gets an address, let me know so I can visit him or her... Scott |
|
|
|
Posted: 4/25/2002 6:58:55 PM EDT
[#33]
I have also been flooded with these emails as well. I figured something was going around. They are getting very sneaky, trying to trick you into opening the attachments. And, I'm sorry to say, I have no sypathy for you guys who open these virus attachments. I mean, seriously! Don't open the damn attachments!
|
|
|
|
Posted: 4/26/2002 4:39:52 PM EDT
[#34]
Guys be sure to try and find out whether you have it or not. Download the tool from symantec or whomever and run it in safe mode if you have to. Klez or one of its variants has a time bomb in it that will wipe out your hard drive.
Not saying your AntiVirus isn't working but since it is able to make it not work right it would be worth making sure in my opinion. Don't have to worry for a while since I think the days the bomb is set is March 17 and November 17 but better safe than sorry I think. |
|
|
|
Posted: 4/26/2002 4:47:17 PM EDT
[#35]
My mom fowarded me an email a few days ago saying she couldn't get the attachment to open. I confirmed over the phone that she sent it. She received it supposedly from her brother. It was titled "..., welcome to my hometown" and had Wg.pif and Bootlog.txt attached. My Vidar (Virus Radar, sorta like Gaydar) went off immediately. I downloaded it as an inert text file instead of a .pif then read the code. It has some kinda mail code in it where it uses a variable for the From and To lines. It also appears to do something to your registry and explorer. Who knows what else it does ?
[img]http://noreno.no-ip.com:800/virus1.png[/img] [img]http://noreno.no-ip.com:800/virus2.png[/img] [img]http://noreno.no-ip.com:800/virus3.png[/img] [img]http://noreno.no-ip.com:800/viruscpp.png[/img] I also received this one: [img]http://noreno.no-ip.com:800/very_humor.png[/img] with these headers: rom [email protected] Thu, 25 Apr 2002 07:59:40 -0700 Received: from [199.224.64.56] by hotmail.com (3.2) with ESMTP id MHotMailBE916474002F4004310EC7E04038A15D0; Thu, 25 Apr 2002 07:58:00 -0700 Received: from Bayghaxvo (UNUSED-216-37-215-119.UNUSED.EPIX.NET [216.37.215.119]) by lima.epix.net (8.12.1/2002040201/PL) with SMTP id g3PEvUAV015477 for Date: Thu, 25 Apr 2002 10:57:30 -0400 (EDT) Message-Id: <[email protected]> From: wolf_den To: [email protected] Subject: A very humour game MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=PpV0IgIFWe2Y386iR82r799 |
|
|
|
Posted: 4/26/2002 4:52:17 PM EDT
[#36]
On a side note, I visited my AOL mailbox a few days ago to discover that it had a shitload of "Undeliverable" messages in it, for messages I never sent. Of course, this would be easy to confirm sicne I have not logged onto that account in about a month.
Perhaps, it is time to alert AOL. |
|
|
|
Posted: 4/26/2002 5:27:07 PM EDT
[#37]
I got the exact same thing, except without the attachments-maybe Yahoo's virus software killed them? Is this the "Klez" virus?
|
|
|
|
Posted: 4/26/2002 5:42:30 PM EDT
[#38]
You know, you can download the virus to your machine and in this case it's okay as long as your don't run the EXE file. Just delete the EXE and you should be cool.
|
|
|
|
Posted: 4/26/2002 6:48:02 PM EDT
[#39]
I received mail from [email protected]. The heading said something about a virus going around. It didn't have an attachment. I deleted it without opening anyway.
|
|
|
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
