Home Page | Owners Registry | Discussion Forums | ProwlerMall | Event Scrapbooks | About |
Click here to return to the Prowler Online Board Main Page Topic Closed |
ProwlerOnline, Plymouth/Chrysler Prowler Discussion Forum
General Prowler Discussion Important Post about VIRUSES
|
Bottom of Page | next newest topic | next oldest topic |
Author | Topic: Important Post about VIRUSES |
YellowFever unregistered Admin Use |
posted 08-07-2002 05:10 PM
All, I have received two emails today from ProwlerOnline members. One was a blank file (typical of a virus that propogates to other systems). The other was an email telling me to isntall this one piece that takes care of ONE specific virus. It went on to say that during installation, your current virus protector might tell you this is a virus BUT, TO IGNORE IT. People, I can't place enough emphasis on this, now chances are, the person that sent this has no knowledge they did and the virus makes it look like this person is legitimate and sending it to you as a friend. PLESAE BEWARE AND BE WARNED!!!!! ------------------ Driving a car is just transportation, |
YellowFever unregistered Admin Use |
posted 08-07-2002 07:05 PM
Sorry to post this here but, alot of people (not knowing) believe everything they read and might assume that an email from another member might be good advice (when it is not advice from that person at all). I'd hate for anyone to ruin their pc (and day) by installing something that could destroy their pc. Again, folks, do not install anything any anti-virus software that comes in the form of an email from ANYONE. ------------------ Driving a car is just transportation, |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 08-07-2002 07:20 PM
ALL- To help in the diagnostics, here's a few that I reeceeived that appear to be viruses - it looks rampant! (I'm sure the "senders" had nothing to do with it). FROM SUBJECT only1cj Aug 04 18:06 137k DFAdmin Spice girls' vocal concert Aug 06 10:28 163k karns Cellspacing Aug 06 10:30 129k mopardave Worm Klez.E immunity Aug 06 10:37 126k lroussel A new website Aug 06 20:44 162k regcom Cellpadding Aug 06 22:06 149k cyr0 Cellpadding Aug 06 22:08 141k albraga _____ Aug 07 09:29 172k - GRROWL P.S. - If any of the above actually sent me REAL Emails, please let me know to help troubleshoot this. Everything above came through as a LARGE block of random text with base64 encoding. |
Prowler POA Site Supporter Prowler Junkie From:Erhard, MN |
posted 08-07-2002 07:32 PM
I got one yesterday titled Worm Klez.E immunity from a dgshafer2000. Same type of thing. |
YellowFever unregistered Admin Use |
posted 08-07-2002 08:06 PM
quote:
DO NOT INSTALL OR RUN ANYTHING FROM THIS. DO NOT IGNORE THE FACT THAT YOUR OWN ANTI-VIRUS SOFTWARE IS TELLING YO THIS IS A VIRUS THAT YO ARE TRYING TO LOAD. |
YellowFever unregistered Admin Use |
posted 08-07-2002 08:09 PM
quote: So long as these are blank, they will be harmless. Just annoying. |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 08-07-2002 08:18 PM
YellowFever, Come, now, I wouldn't send you live viruses. I posted the directory entries - note that ranged from 126K to 172K, some contained .exe files, and they were detected as viruses by Norton. -GRROWL P.S. - Has anyone received any of these from me? (I only Email to POA members as replies to private Emails, never initiate-I post instead). I don't THINK I have any viruses that would be sending from me. Please let me know. |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 08-07-2002 08:20 PM
I'm so excited - I just received my star. AND IT'S YELLOW - THE BEST COLOR EVER! -GRROWL |
SuperKat POA Site Supporter Prowler Junkie From:Atlanta, Georgia, USA |
posted 08-07-2002 08:47 PM
Wow, my system did identify a virus and seemingly fixed it but it is supposed to check all outgoing mail as well as the incoming. So sorry I will update the definitions. Gordon |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 08-07-2002 09:00 PM
Gordon, It's possible that I received the virus from someone else, you happened to be in their directory, and the virus said it was from you. Possible? -GRROWL |
ed monahan POA Lifetime Site Supporter Prowler Junkie Personal ScrapBook From:Cincinnati, Oh, USA |
posted 08-07-2002 09:29 PM
The virus attaches itself to someone's email address book. You do not get the virus from the name on the email. I have been getting anywhere from 3 to 10 everyday. I delete everything with an attachment that is only addressed to me. If it is addressed to a group, it is probably okay to open. |
Laddie Roussel >POA Lifetime Site Supporter Prowler Junkie Personal ScrapBook From:Hester, LA. USA |
posted 08-07-2002 09:40 PM
Grrowl. Thanks, unaware I had sent virus. I did receive some of same emails you have listed.. Using Norton and I'm catching a lot of incoming... Haven't seen any outgoing.. I'll go rerun the update... ------------------ |
jkburns POA Site Supporter Prowler Junkie From:Mankato, Minnesota, USA |
posted 08-07-2002 09:54 PM
And I was beginning to think I was a popular guy! (lol) Seriously, I got several e-mails from fellow POA members, and after the first one was blank, I knew it was bad news. Now I delete without even opening. Besides, Ed would NEVER send me an e-mail! Kevin ------------------ |
ed monahan POA Lifetime Site Supporter Prowler Junkie Personal ScrapBook From:Cincinnati, Oh, USA |
posted 08-07-2002 10:01 PM
Kevin, check your in box. lol. |
Black Tie 161 POA Site Supporter Prowler Junkie From:MD, USA |
posted 08-08-2002 07:47 AM
Since I joind this board, I have gotten some crazy messages from members with the "Klez virus" attached. This is a virus that goes into your email address book, and SELF GENERATES email to others and makes it look like someone else sent it. This is a very vicious virus, and ALL of you should download an anti-virus software program, since this virus is very destructive and self-perpetuating. Home computers are much more vulnerable since there are less firewalls... Below is some info to help you....I strongly suggest you look into it if you have been getting wierd emails and God forbid if you had opened the attachments! Any of you using MS Explorer have a vulnerability that is exploited by this virus. If you EVER got any funny emails with shady attachments......even from people you know, you may have the virus. It is a vicious virus that infects your email and sends itself to people in your address book without your knowledge. I got a virus protection package from www.Mcafee.com that killed it....But I had to manually disable the virus through a series of emailed instructions because the virus actually prevents anti-virus software from being loaded! There are also free patches for Explorer at www.msn.com to close the virus loophole. If any of you got wierd emails, this may help explain..... I hope this helped awareness of this virus.....it is nasty! -Joe
Virus Name: Risk Assessment: Virus Information: Quick Links: Update VirusScan
--- Update 4/30/2002 --- --- Update 4/18/2002 --- This latest W32/Klez variant is already detected as W32/Klez.gen@MM by McAfee products using the 4182 DATs (23 January 2002) or greater. W32/Klez.h@MM has a number of similarities to previous W32/Klez variants, for example: W32/Klez.h@MM makes use of Incorrect MIME Header Can Cause IE to Execute E-mail Attachment vulnerability in Microsoft Internet Explorer (ver 5.01 or 5.5 without SP2). The worm may also copy itself into RAR archives, for example: The worm mails itself to email addresses in the Windows Address Book, plus addresses extracted from files on the victim machine. It arrives in an email message whose subject and body is composed from a pool of strings carried within the virus (the virus can also add other strings obtained from the local machine). For example: Subject: A very funny website The file attachment name is again generated randomly, and ends with a .exe, .scr, .pif, or .bat extension, for example: Thanks to the use of the exploit described above, simply opening or previewing the message in a vulnerable mail client can result in infection of the victim machine. W32/Klez.h@MM masquerades as a free immunity tool in at least one of the messages used. Below is the message sent by the virus itself. Subject: Worm Klez.E Immunity NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me. The worm may send a clean document in addition to an infected file. A document found on the hard disk, that contains one of the following extensions, is sent: .txt
Randomly/oddly named files on network shares, as described above. Method Of Infection: This virus can be considered a blended threat. It mass-mails itself to email addresses found on the local system, exploits a Microsoft vulnerability, spreads via network shares, infects executables on the local system, and drops an additional file infecting virus, W32/Elkern.cav.c.
Use current engine and DAT files for detection. Ensure that you are using the minimum DAT specified or higher. Klez can delete anti-virus software files. It may be necessary to reinstall VirusScan after cleaning a system. Additional Windows ME/XP removal considerations
W32/Klez.G@mm (Norman), W32/Klez.gen@MM, W32/Klez.I (Panda), W32/Klez.K-mm, WORM_KLEZ.G (Trend) |
onaprwl POA Site Supporter Prowler Junkie From:covington,louisiana,U.S.A. |
posted 08-08-2002 12:25 PM
Grrowl, I have recieved all the above you mentioned. I deleated them all. Sorry if I hurt anyones feelings trying to send me something but I'm not taking any chances. ------------------ |
All times are CT (US) Top of Page Previous Page | Return to General Prowler Discussion next newest topic | next oldest topic |
All material contained herein, Copyright 2000 - 2012 ProwlerOnline.com
E-Innovations, LP