Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
Member Login
Posted: 4/24/2002 6:24:16 PM EDT
from: webmaster@ar15.com subject: Sos! the message is blank. anyone else get one, or know whats goin on.
Link Posted: 4/24/2002 6:27:53 PM EDT
Can you provide any header information from the email?
Link Posted: 4/24/2002 6:28:37 PM EDT
Link Posted: 4/24/2002 6:29:13 PM EDT
Link Posted: 4/24/2002 6:34:42 PM EDT
Link Posted: 4/24/2002 6:58:55 PM EDT
Originally Posted By VA-gunnut: I recieved this email the other day, and all I can say is that I never sent an email like that to anyone. I think someone was using the email to forward a virus of some sort. From: "Sniper Wolfe" Save Address | Headers To: CC: Date: Mon, 22 Apr 2002 19:48:41 +0000 Subject: Re: Worm Klez.E immunity -------------------------------------------------------------------------------- sounds to me....like you made this klez e virus and would send it to me in the form of a supposed anti-virus....not-gonna-fool-me! -Sniper Wolfe
View Quote
I got something like this today. It was a returned from Postmaster as undeliverable and it was some virus thing with the senders address as mine. I don't know anything about viruses. I don't know what the hell was going on with that email. I hate that kinda shit.[pissed] CAPITALIST
Link Posted: 4/24/2002 7:06:16 PM EDT
Same here CAP & nut. Just hit .
Link Posted: 4/24/2002 7:38:10 PM EDT
Link Posted: 4/24/2002 8:03:21 PM EDT
Link Posted: 4/24/2002 8:10:05 PM EDT
Link Posted: 4/24/2002 8:11:36 PM EDT
[Last Edit: 4/24/2002 8:13:57 PM EDT by Yankee1911]
Originally Posted By Aimless:
Originally Posted By The_Beer_Slayer: don't know about that one. I have gotten a SHIT load of virus sent to me in the last few days though. not through ar15 but from members private email accounts.
View Quote
Me too-with headers like-"my new humor game" and "Check out this Britaney Spears Video" I didn't find any virus attached but the files were way too huge for the four lines of text in them so they must have been something funky. I deleted 'em without e-mailing back, which was probably a mistake.
View Quote
Aimless, I got an e-mail from you tonight with the subject, "some questions", but no text in the message body. Did you send this? If so, you'll have to re-send your questions. Thanks, Jeff Ooops, nevermind. I didn't catch beekeeper's latest reply in time.
Link Posted: 4/24/2002 8:13:59 PM EDT
[Last Edit: 4/24/2002 8:17:43 PM EDT by Aimless]
Link Posted: 4/24/2002 8:20:30 PM EDT
Link Posted: 4/24/2002 8:22:30 PM EDT
[Last Edit: 4/24/2002 8:28:39 PM EDT by Aimless]
Link Posted: 4/24/2002 8:23:06 PM EDT
It has the same email address that is in your profile as the sender. I just looked at the full headers and it appears to have originated from an AOL account. The return path is . Somebody is screwing with us. [:(!]
Link Posted: 4/24/2002 8:24:14 PM EDT
Its the damn Taliban!!!!!!!!!!
Link Posted: 4/24/2002 8:26:54 PM EDT
Link Posted: 4/24/2002 8:40:34 PM EDT
[Last Edit: 4/24/2002 8:47:00 PM EDT by Aimless]
Link Posted: 4/24/2002 8:47:47 PM EDT
I got a very similar e-mail, also with nothing in the message area. The return e-mail was from a fellow member but not anyone I have ever contacted before. [>:/]Very, very strange.[>:/] Sgtar15
Link Posted: 4/24/2002 8:50:05 PM EDT
Damn, I feel left out. I haven't gotten anything yet. I must be more unpopular than I thought.[:D]
Link Posted: 4/24/2002 9:07:08 PM EDT
It's really a virus/worm that you can read more information about here...[url]http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html[/url] Although it can be a bit confusing when first seen, what happens is that this worm searches the Windows address book, the ICQ database, and any local files (like your internet 'temp' files of pages you've visited) for email addresses. So if your email address is visible on the page somewhere, there's the potential for it to be 'hijacked' and make it look like you're sending the virus. (But if you look at the detailed mail header, you can tell that it never came from your computer) The 'subject' line, message bodies, and attachment file names are all random. The 'From' address is randomly-chosen from email addresses that the worm finds somewhere on the infected computer. The worm then sends an email message to these addresses with itself as an attachment. If you don't have an antivirus program, go get one and keep the virus definitions current. Unfortunately this worm disables most antivirus programs (so it either won't load at startup or it crashes when you try to run it), but it can be removed using the tool from Symantec at this address: [url]http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html[/url] Bottom line is 'if it looks suspicious, don't open it!'. (Although sometimes the virus will include some pretty damned interesting private files as a separate attachment! lol) -Observer
Link Posted: 4/24/2002 9:24:30 PM EDT
[Last Edit: 4/24/2002 9:27:48 PM EDT by GoatBoy]
Link Posted: 4/24/2002 9:25:26 PM EDT
I've never received a virus to my AR15.com email account. They are always stopped by the anti-virus software that the account provider uses. On top of that, all my incoming and outgoing mail is scanned by Norton Anti-virus. With a little preventative maintenance and common sense, you should be safe from viruses. USPC40 ------------------------------------------------- [b][blue]NRA Life Member[/blue][/b] - [url]www.nra.org[/url] [b][blue]GOA Life Member[/blue][/b] - [url]www.gunowners.org[/url] [b][blue]SAF Supporter[/blue][/b] - [url]www.saf.org[/url] [b][blue]SAS Supporter[/blue][/b] - [url]www.sas-aim.org[/url] [img]www.ar15.com/members/albums/USPC40/alabamaflag.gif[/img]
Link Posted: 4/24/2002 9:28:38 PM EDT
Last week, I got an e-mail from The_Beer_slayer that had his member GIF attached. Didin't think much about it., since most of the virius' won't bother my Mac.
Link Posted: 4/25/2002 2:16:59 PM EDT
Link Posted: 4/25/2002 2:43:09 PM EDT
Got something too, guys...what's going on?
Link Posted: 4/25/2002 3:09:09 PM EDT
Originally Posted By thebeekeeper1: Guys, someone is messing with the Board members. I have the Klez virus. It is a freaking nightmare. It began with an e-mail from DScottHewitt with an attachment. Like an idiot I downloaded it. Big mistake. This was Mon. AM, and I have been going crazy since. It originated in Japan. I have been receiving warnings from AR15.com e-mail saying I have sent viruses to several people (ARlady tonight) even though I have not e-mailed anyone from here. I also keep receiving e-mails with attachments from me to me. A computer guru will hopefully fix it tomorrow, but in the meantime my account has been locked twice for violation of "terms of members' agreement." One of them I received was from "webmaster@ar15.com" also. Don't download anything suspicious!! Someone is working this Board, as no one in my addy book has received anything--just ARFCOM members. Rotten bastard needs his heart cut out!! [pissed]
View Quote
Need I say it was NOT me who did this? BTW, was it the NRA mail, or another mail it was supposedly from, Beekeeper? Scott
Link Posted: 4/25/2002 3:19:21 PM EDT
Link Posted: 4/25/2002 3:19:30 PM EDT
I found three suspicious mails at MyNRA e-mail: One from "loria" with the subject line "Document.write(str)" and a size of 128kb One from "homegain" with the subject line "meeting notice" and a size of 156kb One from "WednesdayFun" with the subject line "Hi, DScottHewitt, welcome to my homet..." and a size of 145kb Someone is going hogwild? Scott P.S. Mike, I seriously did NOT send you a mail about a copywrite notice. I saw your reply. Does that mean it was sent through my mail, without my knowledge?
Link Posted: 4/25/2002 3:31:52 PM EDT
I also received this virus, (on my private account), from a member, it was stopped cold by my Norton anti-virus. My AR15 mail account also received one which was stopped by the AR server.....
Link Posted: 4/25/2002 3:34:21 PM EDT
Everyone, I NEVER use NRA mail to send mail, unless I am replying to a previous contact. If mail with my name shows up from MyNRA.com, just delete it. Scott
Link Posted: 4/25/2002 3:35:58 PM EDT
Link Posted: 4/25/2002 3:38:43 PM EDT
Originally Posted By thebeekeeper1:
Originally Posted By DScottHewitt: P.S. Mike, I seriously did NOT send you a mail about a copywrite notice. I saw your reply. Does that mean it was sent through my mail, without my knowledge?
View Quote
Yes.
View Quote
Little Japanese jerk. Anyone gets an address, let me know so I can visit him or her... Scott
Link Posted: 4/25/2002 6:58:55 PM EDT
I have also been flooded with these emails as well. I figured something was going around. They are getting very sneaky, trying to trick you into opening the attachments. And, I'm sorry to say, I have no sypathy for you guys who open these virus attachments. I mean, seriously! Don't open the damn attachments!
Link Posted: 4/26/2002 4:39:52 PM EDT
Guys be sure to try and find out whether you have it or not. Download the tool from symantec or whomever and run it in safe mode if you have to. Klez or one of its variants has a time bomb in it that will wipe out your hard drive. Not saying your AntiVirus isn't working but since it is able to make it not work right it would be worth making sure in my opinion. Don't have to worry for a while since I think the days the bomb is set is March 17 and November 17 but better safe than sorry I think.
Link Posted: 4/26/2002 4:47:17 PM EDT
[Last Edit: 4/26/2002 4:53:36 PM EDT by cc48510]
My mom fowarded me an email a few days ago saying she couldn't get the attachment to open. I confirmed over the phone that she sent it. She received it supposedly from her brother. It was titled "..., welcome to my hometown" and had Wg.pif and Bootlog.txt attached. My Vidar (Virus Radar, sorta like Gaydar) went off immediately. I downloaded it as an inert text file instead of a .pif then read the code. It has some kinda mail code in it where it uses a variable for the From and To lines. It also appears to do something to your registry and explorer. Who knows what else it does ? [img]http://noreno.no-ip.com:800/virus1.png[/img] [img]http://noreno.no-ip.com:800/virus2.png[/img] [img]http://noreno.no-ip.com:800/virus3.png[/img] [img]http://noreno.no-ip.com:800/viruscpp.png[/img] I also received this one: [img]http://noreno.no-ip.com:800/very_humor.png[/img] with these headers: rom aaronk@epix.net Thu, 25 Apr 2002 07:59:40 -0700 Received: from [199.224.64.56] by hotmail.com (3.2) with ESMTP id MHotMailBE916474002F4004310EC7E04038A15D0; Thu, 25 Apr 2002 07:58:00 -0700 Received: from Bayghaxvo (UNUSED-216-37-215-119.UNUSED.EPIX.NET [216.37.215.119]) by lima.epix.net (8.12.1/2002040201/PL) with SMTP id g3PEvUAV015477 for ; Thu, 25 Apr 2002 10:57:32 -0400 (EDT) Date: Thu, 25 Apr 2002 10:57:30 -0400 (EDT) Message-Id: <200204251457.g3PEvUAV015477@lima.epix.net> From: wolf_den To: cc48510@hotmail.com Subject: A very humour game MIME-Version: 1.0 Content-Type: multipart/alternative; boundary=PpV0IgIFWe2Y386iR82r799
Link Posted: 4/26/2002 4:52:17 PM EDT
On a side note, I visited my AOL mailbox a few days ago to discover that it had a shitload of "Undeliverable" messages in it, for messages I never sent. Of course, this would be easy to confirm sicne I have not logged onto that account in about a month. Perhaps, it is time to alert AOL.
Link Posted: 4/26/2002 5:27:07 PM EDT
Link Posted: 4/26/2002 5:42:30 PM EDT
You know, you can download the virus to your machine and in this case it's okay as long as your don't run the EXE file. Just delete the EXE and you should be cool.
Link Posted: 4/26/2002 6:48:02 PM EDT
I received mail from root@ar15.com. The heading said something about a virus going around. It didn't have an attachment. I deleted it without opening anyway.
Top Top