Warning

 

Close

Confirm Action

Are you sure you wish to do this?

Confirm Cancel
BCM
User Panel

Posted: 5/19/2002 7:55:13 PM EDT
Someone with e-mail addy [email protected] has been trying to send me a virus for over a week now, sometimes several times a day. The virus being sent is W32/Klez.H@mm. If it's you and you see this, please clean your PC and/or take me off your address book.

Luckily, the AR15.com e-mail system is well protected, and I know not to open that file anyway. It's becoming a nuisance having to delete the messages though.
Link Posted: 5/21/2002 8:58:47 AM EDT
[#1]
I'm still getting copies of Klez daily from this stupid fuck.  Hey David Reynolds in Indiana - get a clue, moron!!!
Link Posted: 5/21/2002 9:04:57 AM EDT
[#2]
One of the "neater" features of the Klez virus is that it uses SOMEONE ELSE'S mail address for the infected outgoing emails. As you might expect, it simply finds an address in the owners list of contacts, and goes to town.

Klez virus would be a dead issue, for the most part, if everyone would update their copy of Internet Explorer to 6.0 with all the latest patches.
Link Posted: 5/21/2002 9:06:15 AM EDT
[#3]
Link Posted: 5/21/2002 9:08:29 AM EDT
[#4]
Link Posted: 5/21/2002 9:10:54 AM EDT
[#5]
Don't blame anyone for sending you these virus infected files by e-mail.

It's not likely their fault at all.

It's just the nature of this virus!

Eric The(Yeah,I'mGettingThem,Too!)Hun[>]:)]
Link Posted: 5/21/2002 9:28:07 AM EDT
[#6]
From [url]http://vil.nai.com/vil/content/v_99367.htm[/url]

This W32/Klez variant has the ability to spoof the email FROM: field. The senders address used by the virus may be one that was found on the infected user's system. Thus, it may appear that you have received this virus from one person when it was actually sent from a different user's system. Viewing the entire email header will display the actual senders address.

This worm makes use of "Incorrect MIME Header Can Cause IE to Execute E-mail Attachment" vulnerability in Microsoft Internet Explorer (ver 5.01 or 5.5 without SP2).

Link Posted: 5/21/2002 9:30:23 AM EDT
[#7]
Quoted:
Don't blame anyone for sending you these virus infected files by e-mail.

It's not likely their fault at all.

It's just the nature of this virus!

Eric The(Yeah,I'mGettingThem,Too!)Hun[>]:)]
View Quote


Actually, I believe it is their fault.

Look at David - he's got an infected machine sitting on a cable modem with no firewall or anti-virus that's been spitting out Klez virus for weeks now.  To me that's just plain irresponsible.

Comcast is not taking action to complaints on their abuse account, so everyone needs to call 1-800-COMCAST (1-800-266-2278) and put in a complaint about [email protected] so they'll get him cleaned up.
Link Posted: 5/21/2002 9:36:54 AM EDT
[#8]
Steel Rat, is [email protected] really sending you the virus, or is the virus just spoofing his email in the From field?  Have you checked the email headers to make sure?
Link Posted: 5/21/2002 9:42:12 AM EDT
[#9]
Quoted:
I'm still getting copies of Klez daily from this stupid fuck.  Hey David Reynolds in Indiana - get a clue, moron!!!
View Quote



[b]Kristopher[/b], it's not nice to post other peoples personal info on the net.

Please refrain.  This is not a flame.

Link Posted: 5/21/2002 10:06:41 AM EDT
[#10]
Link Posted: 5/21/2002 11:09:41 AM EDT
[#11]
Quoted:
Steel Rat, is [email protected] really sending you the virus, or is the virus just spoofing his email in the From field?  Have you checked the email headers to make sure?
View Quote


Yes, [email protected] is the sender.  No, I didn't get that out of the From: line because that's easily forged.  It came from the Received: lines in the header.  (So far no worm is capable of spoofing IP addresses.  Yet.)

Quoted:
[b]Kristopher[/b], it's not nice to post other peoples personal info on the net.

Please refrain.  This is not a flame.

View Quote


My friends call me Kris.  [;)]

I agree - I don't think it's appropriate to "out" people in forums to be vindictive.  But I'd like to point out that unlike many people, I actually use my real email address (not a Hotmail account or aliases) on AR15.com because I'm a big believer in taking personal responsibility for the stuff that I post.

The reason I posted David's info - all of which is in the headers of the unwanted, unsolicited, virus-laden messages he's sending me as a result of my using my real email address on this board - is because he's sent me a couple dozen copies of Klez over that last few weeks, and refuses to reply to any of the emails I've sent him.

I can't really killfile him because the header is different every time.  Norton catches and quarantines it, so I'm not infected.  But if I'm getting that many copies of Klez from this guy, no telling who else on this board is getting their system hammered by this ignorant dickhead.
Link Posted: 5/21/2002 11:14:51 AM EDT
[#12]
Link Posted: 5/21/2002 11:51:15 AM EDT
[#13]
Quoted:
Don't blame anyone for sending you these virus infected files by e-mail.

It's not likely their fault at all.

It's just the nature of this virus!

Eric The(Yeah,I'mGettingThem,Too!)Hun[>]:)]
View Quote


My ISP filter stopped the W32/Klez virus sent from "[email protected]

HEY!!! THAT'S my ISP!

My own postmaster is trying to poisen me?  [>:/]hehehe  [:D]
Link Posted: 5/21/2002 12:06:33 PM EDT
[#14]
Link Posted: 5/27/2002 1:30:23 PM EDT
[#15]
GUS

I am getting the same virus from [b]you[/b] quite frequently.

Check your system!
Link Posted: 5/28/2002 1:55:59 AM EDT
[#16]
Minus the domain, I got all this:

bmagista  
treerats2  
lafleur9  
budanddj  
bardwell  
jimlost  
mdj116  
staff  
bardwell  
bwada  
sportinggoods  
jscoggin1  
kmeisear15  
jedavis  
svopilot  

Bardwell did arrive twice.
Link Posted: 5/28/2002 3:01:41 AM EDT
[#17]
Quoted:
GUS

I am getting the same virus from [b]you[/b] quite frequently.

Check your system!
View Quote




DOH!!!!   I ran my anti-vitrus after I saw this and there it was: Klexfix. It should be gone now. Please let me know if you keep getting it from me.
Close Join Our Mail List to Stay Up To Date! Win a FREE Membership!

Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!

You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.


By signing up you agree to our User Agreement. *Must have a registered ARFCOM account to win.
Top Top