|
|
 |
|
|
Pages: 1
And the plural of virus is...
(Click here to view the original thread with full colors/images)
Posted by: LT
Multiple!
I know quite a few of you who read this have already had your experiences with a virus or two, but have you ever sent yourself one?
I first began to notice an oddity in my inbox with some unexplained mail that made no sense from an oddball name with an attachment. Then I received an email from myself but from my address that was totally different from a year ago and cancelled at another ISP!
I must admit, I started to get uneasy.
Then I got a couple more from a good friend, one about a meeting announcement and another concerning a "powful tool" that was attached. Another one was something about ACCESSTAB. Another one was an attachment of the log in page from here at OTS asking for name and pass, sent to me as an attachment from Hawg1970, to which I reacted with a well articulated "HUH??!!?"
I got flat out suspicious.
Happily, www.pandasoftware.com searched through, isolated and fixed my problem so hopefully that will be the end of it. My question is, should I send out any notices to my email address book in case it got sent on from my computer unbeknown to me? Wouldn't it show in the Sent Items box? Or is the virus that does that more stealthy and sneaky and keeps that action totally hidden?
Amazing how many files are on a little old home computer.
- LT
Posted by: Shalome
What virus was THAT? An attachment from your browser cache? Weird.
Posted by: LT
I do not know. I checked at www.antivirus.com/vinfo/hoaxes/hoax.asp but did not see anything that really matched it. I decided it is one of those email infestations that I have heard about. I received another one this morning entitled ACCESSCODE or ACCESSKEY from somesource named "coatl" with a number, but I just deleted it. Always seems to come from some different name and has a trademark of being large enough to take a minute or more to load. I'll just run the scan from Panda again on my email.
Shal - ya want I should send you the isolation file from Panda? hehe
- LT
Posted by: Shalome
The "powful tool" attachment is a signature of the Klez.h virus. It's nasty, and you need to make sure you don't have it. For more info and removal instructions:
http://securityresponse.symantec.co....klez.h@mm.html
You or someone you know probably has that worm infection, which would explain you getting that e-mail from yourself at an old ISP. A friend of yours probably still has that address in their address book, and Klez picked it up and sent out an e-mail from that address. That's a nasty feature of that worm; it masks infection by not sending itself from the infected person, but from the people on the infected person's address book.
Posted by: LT
Hmmm. So: If I send out a general alert email to my addy book, I MAY get to the person infected - or maybe not if I, for instance, deleted them a while back. Still it is worth a try.
Possibly the Panda search and remove I did was enough, but I am still trying your source listed above Shal. Thanks.
Posted by: TheeMon
ok while your on this... i have been having file sizes change in my kazaa directory... tryed a norton virus scan-nothing tryed an online scanner-nothing looked up the kazaa virus and it makes the mouse go crazy n sht not mine had the website scan for that virus, nothing...
basicly the encrypted files in kazaa and kazaa light take up all the hdd space... i even deleted 2gigs of crap then they took al the space  lol
Posted by: LT
Thee, this was definitely the klez virus and I have 1. gotten rid of it, 2. updated my IE to 5.01 with the patch that keeps the Outlook Express from automatically opening any email attachment when you click on it. I really hope you have checked out the site I showed or the one Shal included! I read up on this one. If your Norton anti-virus has been updated to cover klez, then good 
Posted by: Hackenslacker
I get two or three copies of Klez every day.
Joy to me.
Just now I received an auto-reply from the "Gordon Food Services" about them replying to me email as quickly as possible. I got a message from same company stating they received a message from me containing a virus, and that i should either make sure I'm not infected or to ignore their message.
I used to think Klez was funny as hell, but now it's starting to really bother me, especially when I get mail from myself that I didn't send.
Posted by: -Memnoch-
Someone within our little group is infected and has not cleaned it or is simply unaware they have it.
It started sometime last week and has sent me quite a few different files with different names. Some of the names were OTS members. Others were not.
Seems I get about two or three attempts a day now.
Started for me around the 23rd of last month. This log is just the attempts at home. I check my mail at work and have about 20 attempts thereas well.
Date: 8/23/2002, Time: 23:27:34,
The email attachment align.scr is infected with the W32.Klez.H@mm virus.
Date: 8/24/2002, Time: 10:11:22,
The email attachment color.exe is infected with the W32.Klez.H@mm virus.
Date: 8/24/2002, Time: 20:54:30,
The email attachment snoopy.exe is infected with the W32.Klez.H@mm virus.
Date: 8/25/2002, Time: 6:10:18,
The email attachment SRC.exe is infected with the W32.Klez.H@mm virus.
Date: 8/25/2002, Time: 14:06:28,
The email attachment Ft.exe is infected with the W32.Klez.H@mm virus.
Date: 8/26/2002, Time: 7:43:40,
The email attachment width.scr is infected with the W32.Klez.H@mm virus.
Date: 8/28/2002, Time: 7:09:34,
The email attachment SRC.scr is infected with the W32.Klez.H@mm virus.
Date: 8/30/2002, Time: 8:07:30,
The email attachment forumdisplay[10].bat is infected with the W32.Klez.H@mm virus.
Date: 8/31/2002, Time: 10:51:14,
The email attachment border.pif is infected with the W32.Klez.H@mm virus.
Posted by: Ghetto Blasta
man, they really want you to get the virus!
|
|
|
|
|
