Be Careful- Please read

[Archive]

Posted By: Tbob

Some knucklehead sent me an email today from "kolbermann@foxnet.com" with no message, just a zip file to download. This is not Keith. Obviously some sicko with too much time on his hands. The scarey thing is that this person had to know 1) that I am a vintage card collector and 2) he probably is also, or why else the "kolbermann" monicker?
Be careful, don't open any files from people you don't know or that look suspicious.

[Archive]

Posted By: jeff

at first they were big attachments (50k+) from emails I didn't know.

But the last few have been from names like vintagecardinvestments@ (i forget what)...

Tbob, maybe you and I have some common enemies!

[Archive]

Posted By: Kevin Cummings

All it takes is one email contact in common. Many pranksters are capable of infiltrating your email address book with an attachment (like the Melissa macro virus) and creating a self-perpetuating chain of emails.

You should be perfectly safe if you just delete the email without opening it.

[Archive]

Posted By: John Wojak

I agree, it may be a virus and not a prankster. There are many viruses which will cause a computer to send out emails to all those people in the email address book withhout the sender's knowledge.

[Archive]

Posted By: jverri01

Bob, et. al:

Actually - right now a wave of viruses that originated from the NIMDA 32 virus are spreading like crazy, globally. They are one of like 9 variations of a virus (actually a worm, but being called a virus) known as Klez. It has also been called Klez32, Klez32@, Klez.a, Klez.h, etc., etc.

What it is: an email message that arrives in your box. The subject is something like "hope you enjoy this", or "RE:". The worm uses a security breech in Outlook to access your hard drive. YOU DO NOT HAVE TO OPEN THE MESSAGE TO BE INFECTED BY IT. Simply RECEIVING IT IS ENOUGH.

What it does: It immediately takes hold of your address book. It randomly begins sending messages to people you have emailed, or received email messages from. YOU WILL NOT KNOW IT IS SENDING THE MESSAGES. many times, it will select a RANDOM file from your hard drive and attach it to the message. It creates a "community" of infected machines, that continue to grow in population. You will receive daily emails from addresses you have emailed previously, many with additional viruses attached.

If untreated, this virus is EXTREMELY harmful. It begins by damaging your file/directory structure, and can go as far as corrupting the operating system.

The trouble I am seeing:

NEW variations of this worm are proliferating right now. MOST Anti-Virus software claims to be able to disinfect the KLEZ virus. THIS IS NOT TRUE. Many of the new patterns (updates to anti-virus software) do NOT include the tools to disinfect newer flavors of KLEZ.

KLEZ buries itself in your REGISTRY, so, the damage it can do is far-reaching.

I have received several messages lately that my software has quarantined because of infection.

You do NOT have to be using Outlook for your system to be infected. EVEN if you have DISABLED Outlook - you can STILL be infected.

More information on the LATEST variation:
http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=WORM_KLEZ.H

[Archive]

Posted By: TBob

" I may be paranoid but that doesn't mean soemone ISN'T following me." The sender of the email "Kolbermann@foxnet.com (or net) I forget which is jost too frigging coincidental. This HAS to be a vintage card collector/dealer...

[Archive]

Posted By: Tom

email is kolbermann@foxsportsnet.com I believe....he's bought stuff from me before. If he has a virus, it might be pushing that stuff to you without his knowledge.

[Archive]

Posted By: Jaime Leiderman

http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html

Haven't tried it yet, but will do so this morning.

[Archive]

Posted By: scott

If you have any, run Jimmy's Semantics suggestion. Be sure to first print off the instructions, including parts on starting in "safe" mode and disabling restore functions. It's all very easy except for "safe" mode (for xp anyway) - you have to start pressing PF8 pretty quickly after turning on the machine.

[Archive]

Posted By: jverri01

I have two machines here that were not "fixed" using the Symantec tool.

Again - the "h" variation of Klez may be too new for this utility.

Follow the link I provided - it lists details about certain files you can look for in your registry to help you determine if the machine is infected.

J

[Archive]

Posted By: David Vargha

I don't think mine is, but I certainly do get plenty of e-mails with attachments from unknown as well as known individuals. Can I check my file directory without having to go through the arduous process of downloading the fix and disabling and reloading NAV?

[Archive]

Posted By: David Vargha

Mea culpa.

[Archive]

Posted By: TBob

Do like I do whenever I see card in a PRO holder-"just say no."
The tip off is an anonymous sender with no text in the email, just a zipped file or exe file.