Virus Alert *TL*

Re: Virus Alert

Vinnie -

This has been going on for a month or so - some geek is sending e-mails with no text and a W32Klez.h@mm virus-infected 40-50K .zip file attachment with proxy sender addresses (which are NOT the real senders); I get two or three every day. As long as you don't open the attached .zip file, they're harmless, and if your Norton (or whatever AV program you use) defintions are up to date, it will stop it even if you inadvertently open the attachment. I'd love to get my hands on one of these guys...

I got 2, 1 from you John, and 1 from ME!

John,
as you already know, I got one with your name on it. I also got one with my own name on it. They came into my "bulk mail" folder so I was immediately suspicious. I did blow them away without opening them.

I use web based email and do not have an address book on my PC so many of these viruses have no way to replicate on my computer. Some viruses don't use the address book but at least I don't need to worry about those other types. There are also emails with hidden attachments to worry about. The "badtrans" virus comes to mind. I realy would like to find the dirty little perps and help bring them a little justice.

-Mark.

Re: I got 2, 1 from you John, and 1 from ME!

I got one from Joe Lucia's email id, and he knew nothing about it...my Norton went crazy! Fortunately didn't open it...Craig

Re: Virus Alert Important Information. *TL*

NCRS.ORG does not send out Virus Files in e-mail.

From the Website of Trend Micro. Makers of PC-cillin antivirus software.

Worm.Klez.H

All KLEZ variants, except WORM_KLEZ.B, are mass-mailing worms. They mail themselves to specified addresses by sending SMTP commands to an SMTP server. The worm exploits a vulnerability that opens an executable attachment even in Microsoft Outlook's preview pane. More information about this vulnerability is available at Microsoft Security Bulletin and a security update is available at Microsoft's Security Update.

Variants .G, .H, and .I obtain email addresses to place in the FROM: field from the infected user's address book. This causes a non-infected user to appear as the person who has sent this worm's malicious email. It does this to hide the real sender of the infected email.

As you can see since the virus can grab addresses out of other people's address books to put in the FROM: field. This means you can get the virus from anyone's address. I have received it from Microsoft on several occassions. No address can be trusted to actually be from where it claims to be. If your e-mail program will let you look at the RAW header information, you can find the true domain that a message was sent from. This isn't much help, but will assure you that ncrs.org, or microsoft.com or some other trusted source is not sending out virus messages.

The most important thing of all is to have a good virus checker program installed and updated on a daily basis. Just because your computer came with Norton or Macafee installed does not mean that it has ever been updated. Check their web site to be sure that you have the latest pattern files installed.

For a Free virus scan of your system you can go to http://housecall.antivirus.com This is Trend Micro's website. I have used their PC-cillin for the last four or five years and I am very pleased with it.

Re: Virus Alert Important Information.

I use Norton AV, and up until about 15 months ago, I did the on-line definition file update about once every ten days, then I got hit by the old Sircam virus one day, which really tore up my system, registry and all; the Norton file to stop it was posted three or four days before that, but I hadn't updated since a week before it was up on their site. BIG lesson learned - ever since, I do the Norton automatic on-line update every morning when I boot up, as you never know when a really critical update may be available for a new, "hot" virus.

I started getting a new one a few days ago - it has text this time, with a subject header of "Klez Virus Protection"; the text explains that the attachment will install a protective file and removal tool for any Klez virus, and not to worry during the installation if my AV program goes crazy, as it's triggered intentionally during the installation, and I should click on "Ignore" when the warning appears. Yeah, right.

Re: Virus Alert Important Information.

John,

I've been getting that alleged "fix" e-mail for several weeks now. Looks you're behind the curve.

Patrick

Re: Virus Alert Important Information.

This will start some stuff. But you know, if you ran MAC computers you wouldn't have to deal with this at all!

Re: Virus Alert Important Information.

I had the Klev virus with all of these symptoms.
I found a fix.
I think it was on Nortons website.
It is called Fixklev.exe
I downloaded it and the instructions to remove the infected files.
It worked.
Larry

Are Macs really safer?

I've always thought so, with my theory being that a virus writer wouldn't waste time with the computer so few people have. Should I (a Mac user) be more worried than I am? And is the Mac system itself harder to make a virus for?

Re: Are Macs really safer?

This might promt some schumck to make it happen. But 7 years of 150 hours a month on the web and NO virus EVER! MAC inoculated (spelling?) and LOT easier to get along with. And yes I own both platforms. The commercials aren't lying. Just switch it won't hurt a bit.

Re: Are Macs really safer?

Then I'm going to keep my mouth shut. As a fellow Mac user, I don't want to tempt some loser to target us, either!

Re: Are Macs really safer?

I don't know why anyone would punish themselves with WINDOZE.

Re: Are Macs really safer?

What good is a system that takes care of everything for you? I would miss editing my registry, running partitionmagic pro to resize and distrubute data on my 4 hard drives with multiple logical drives/partitions on each...etc etc....oh yeah, I work for IBM.....Craig

Re: Are Macs really safer?

LOL

I feel sorry for IBM. They are stuck with windoze. The hardware is ok.