Vintage Mustang Forums banner
1 - 6 of 6 Posts

·
Registered
Joined
·
1,728 Posts
Discussion Starter · #1 ·
Ok, some of you may have been receiving email from [email protected]with attachments. Apparantly, someone who has my email address in his/her address book is infected with the <[email protected]> virus and this damn thing is emailing itself to everybody using my return address!

I believe it is someone on this forum (or involved with mustangs) because the bounces seem to involve addresses that are mustang related. These addresses are not usually in my address book.

What I ask:
Please first of all, scan your computer (all files, not just programs) for this virus.

Second: Please Remove my email address from your computer (all of you). If this continues, I will cancel the account, and you will not be able to reach me there anyway.

Third: Beware of any emails from me that have any sort of attachment, delete them, unless you are certain of your Anti-virus software, and are expecting some sort of attachment.

Please read below for more information from Symantec regarding this worm.

Thank you for your prompt attention to this matter. If you are certain that your system is virus-free, you may recreate my address entry. Remember- If this can happen to me, it can happen to you.

Paul Wallace

From: http://securityresponse.symantec.com/avcenter/venc/data/[email protected]
Email spoofing
Some variants of this worm use a technique known as "spoofing." If so, the worm randomly selects an address that it finds on an infected computer. It uses this address as the "From" address that it uses when it performs its mass-mailing routine. Numerous cases have been reported in which users of uninfected computers received complaints that they sent an infected message to someone else.

For example, Linda Anderson is using a computer that is infected with <[email protected]>Linda is not using an antivirus program or does not have current virus definitions. When <[email protected] >its emailing routine, it finds the email address of Harold Logan. It inserts Harold's email address into the "From" portion of an infected message that it then sends to Janet Bishop. Janet then contacts Harold and complains that he sent her an infected message, but when Harold scans his computer, Norton AntiVirus does not find anything--as would be expected--because his computer is not infected.

If you are using a current version of Norton AntiVirus and you have the most recent virus definitions, and a full system scan with Norton AntiVirus set to scan all files does not find anything, you can be confident that your computer is not infected with this worm
 

·
Registered
Joined
·
2,242 Posts
I've had the same situation for several months now.
At least 3-5 daily. Topics Mustang related, no message but attachments. If I don't know the name, it is immediately deleted.
I have also received IMs, PMs, and emails from individuals I do not know accusing me of infecting them.
Norton says I'm clean. I scan almost every day.
J.
 

·
Registered
Joined
·
4,926 Posts
I had this kez worm/virus sent to me at work. Came from my sister, from her ex, and went through her entire address book. Got my Dad's computer so badly that he had to take it in and get the hard drive reformated and the software reinstalled. It's a nasty one. The spoofing makes it hard to block. good luck.
 

·
Registered
Joined
·
2,217 Posts
........ to use a Mac! .......... *G*.

Here's what Norton says:

This is a Windows-specific worm/virus and cannot infect a Macintosh. Since this is a worm/virus that can be email based, a Macintosh user could pass the worm/virus on through an infected email, by forwarding it to a Windows user.

W32.Klez is a mass-mailing email worm which exploits a vulnerability in Windows versions of Microsoft Outlook and Outlook Express. The Macintosh versions of Microsoft Outlook Express do not have this vulnerability.

NOTE: If someone with a PC is infected with Klez and has your email address on their computer, Klez can grab your email address and use it as the sender when it emails the virus to the rest of the collected addresses. This is called spoofing, and makes it appear as if you have the virus when you really do not.

I like to open these windows viruses and read the code, veiw the pictures, generaly see what these idiots did making them. Generaly it's just a re-direct of several things in the sub code. "Hmmm, that's interesting" then DELETE. (by-by, no problem here on my Mac's........... *G*). Never do I forward them, ever.
 

·
Registered
Joined
·
1,728 Posts
Discussion Starter · #6 ·
True, but anybody who has a PC with your email address in their address book can send out emails as though they came from you. MAC, Linux, Solaris, SCO-UNIX, whatever. Just because I run a PC doesn't mean I am forwarding this virus (knowingly or unknowingly).

Like I said, if you are running Outlook or Outlook Express, and have my email address in your address book, PLEASE DELETE IT (until you are sure you are practicing Safe email).

paul
 
1 - 6 of 6 Posts
Top