Home Page | Owners Registry | Discussion Forums | ProwlerMall | Event Scrapbooks | About |
Click here to return to the Prowler Online Board Main Page Topic Closed |
ProwlerOnline, Plymouth/Chrysler Prowler Discussion Forum
General Prowler Discussion READ THIS NOW! VIRUS TRIGGERS TODAY! (Page 1)
|
Bottom of Page This topic is 2 pages long: 1 2 |
next newest topic | next oldest topic |
Author | Topic: READ THIS NOW! VIRUS TRIGGERS TODAY! |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 09-06-2002 04:27 PM
I posted this elsewhere, but now that I see that this is hitting POA members today, EVERYONE NEEDS TO BE VERY CAREFUL - a virus is set to trigger TODAY! The following article is written in plain English and makes two important points: 1. The listed sender is not the sender. +++++++++++++++++++++++++++++++++++++++ http://zdnet.com.com/2100-1105-956740.html Klez set to return--but may backfire By Robert Lemos A minor variant of the Klez virus is set to go into action Friday, erasing a host of files on infected hard drives. But the attack may also wipe out the attacker.
The Klez.E variant runs a distant second to its far more prevalent Klez.H cousin, making up only 3 percent of the junk e-mail associated with the Klez virus. Klez.H accounts for the other 97 percent. +++++++++++++++++++++++++++++++++++++++++ -GRROWL |
YellowFever unregistered Admin Use |
posted 09-06-2002 05:39 PM
Long, but if you have the virus, here is the way to fix it from McAfee: Delete Infected Files Boot into Safe Mode Backup the Registry Edit the Registry • HKEY_LOCAL_MACHINE • Wink***.exe Update or install VirusScan Online, restart the computer in Safe Mode and run a virus scan on the system. Delete any files infected with Klez. The Klez worm takes advantage of a security vulnerability in Microsoft Internet Explorer. We recommend you apply the patch for this vulnerability. |
ed monahan POA Lifetime Site Supporter Prowler Junkie Personal ScrapBook From:Cincinnati, Oh, USA |
posted 09-07-2002 12:08 AM
I got the virus tonight. I opened a file from "Beware" about the prowler toon (I know it did not come from you, Rich. I didn't then) I also got some cartoons from Butchcee. One or the other had the virus attached. I hope I did not pass it on. I know you guys did not send it to me I am just explaining how I got it again. Apparently if you have gotten Klez in the past it eliminates your McAfee even though it shows you are still protected. |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 09-07-2002 07:59 AM
That's OK, Ed. I got one from you yesterday. In fact, that's what prompted this post. It was something about "humour", so I figured it wasn't really from you. -GRROWL |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 09-07-2002 08:22 AM
As I posted before, the giveaway (without opening the Email) is the file size - all of the infected Emails I have received have ranged from 129K to 172K. Here's the new ones from this morning: viperdaytona Hello,steve,meeting notice omar_bowt Prowler Toons prowling I have erased these unread; if anyone really sent them, let me know (in a short message without attachments). And, just for the #$^%&* of it, here's the one's I posted last time: jkerner PLUGINSPAGE Aug 04 13:26 143k only1cj Aug 04 18:06 137k DFAdmin Spice girls' vocal concert Aug 06 10:28 163k karns Cellspacing Aug 06 10:30 129k mopardave Worm Klez.E immunity Aug 06 10:37 126k lroussel A new website Aug 06 20:44 162k regcom Cellpadding Aug 06 22:06 149k cyr0 Cellpadding Aug 06 22:08 141k albraga _____ Aug 07 09:29 172k I have become very suspicious of anything in the 125K and up size - I don't believe that I ever received an Email below this size that contained a virus. Then again, Norton is now set for maximum scanning and catches them anyway. -GRROWL |
WildCat POA Site Supporter Prowler Junkie Personal ScrapBook From:North Louisville, Indiana, USA |
posted 09-07-2002 09:51 AM
I'm very HAPPY : with Norton....I have been getting several e mails with the virus this past week. At least 3 a day ------------------ |
prowlerFreek POA Site Supporter Prowler Junkie From:Spotsylvania, VA |
posted 09-07-2002 10:18 AM
i got something today from someone named Prowlertime@aol.com but im not sure what it is.. .could be a virus.. but who knows! anyone on here send me anything?? ------------------ |
butchcee POA Site Supporter Prowler Junkie From:Lake Ariel, Pa. |
posted 09-07-2002 10:28 AM
I wish everyone would check their puter for virus's. Most of my klenz junk seems to originate from a POA member. Give us a break! ------------------ |
sam771 unregistered Admin Use |
posted 09-07-2002 11:19 AM
Buchcee, I don't thing any one from POA sent you any virus. There are someone out there scan anyone E-Mail then attached a virus, they might scan and got your address then sent it to you by used other POA member address. Mike K and his staff shpould know about this. I belive POA site get hit over 100 times a day. The best way to protect your E-Mail jut set up an extra two or three more your E-Mail address use one E-Mail for your friend and someone you know and other use it for registered your product online or contact other site included Yahoo, e-Bay and other wide open to the public. My old E-Mail address sam@comhut.com got hit by virus 20 40 times a day and they used my address sent over 20.000 virus to everyone they can find until I have to shut down server reload and never put my address back on. |
just jack POA Site Supporter Prowler Junkie From:Oakmont, PA |
posted 09-07-2002 05:12 PM
Well count me in! I to got the virus. I don't think it came from here. I remember the e mail. Sh~t. I double checked with 2 different programs to make sure it was removed. SYMANTEC, has a specific patch for this perticular virus. As does WWW.BITDEFENDER.COM Both are free. JJ. |
just jack POA Site Supporter Prowler Junkie From:Oakmont, PA |
posted 09-07-2002 05:14 PM
I should also add that WWW.SYMANTEC.COM is Norton. They have a patch just for this virus. JJ. |
YellowFever unregistered Admin Use |
posted 09-07-2002 06:10 PM
quote: It is very easy to spoof email and IP addresses. Again, part of the trick with any email virus is to throw you off track and look in the WRONG direction. Here is a scenario, Prowler member "A" sends a humorous email to 5-10 POA members and 5-10 other people, one of them forwards that to 4-5 friends, and so on. The person with the virus may even know what a Prowler is let alone be a member of the POA. The virus then captures the 300-400 email addresses from all the forwarding and viola'. Make sense? |
CWatsonJr POA Site Supporter Prowler Junkie Personal ScrapBook From:Pollock Pines, CA, USA |
posted 09-07-2002 07:34 PM
I put a couple of different headers in the topic at: http://www.prowleronline.com/ubb/Forum1/HTML/007215.html So if anyone knows someone with a cv.net email address, that would be a good place to start. ------------------ |
cnote6 POA Site Supporter Prowler Junkie Personal ScrapBook From:Dallas, TX |
posted 09-07-2002 10:16 PM
I get 4 to 6 a day |
butchcee POA Site Supporter Prowler Junkie From:Lake Ariel, Pa. |
posted 09-08-2002 03:33 AM
well, it's getting old no matter where it's coming from. I thought it would attach to someone's addy book and send from there. A good way to check would be to remove all POA members from your addy book and see if the problem goes away-right?, or dont I get it? ------------------ |
GRROWL POA Site Supporter Prowler Junkie From:Herndon, VA |
posted 09-08-2002 07:36 AM
butchee, to help your theory, let's look at this: 1) I don't use Outlook nor do I use any address books. Has anyone ever gotten a virus that supposedly came from me? 2) I received a virus that seemed to have come from POA itself (I know it didn't, it's just redirection). Here's the info: DFAdmin Spice girls' vocal concert Aug 06 10:28 163k Would this originate from a POA address list, or a member's address list, or is the virus using the POA member list as a source of mailings? You're now beyond my knowledge, I'm just trying to offer datapoints to others who may be able to do something with them. -GRROWL |
CWatsonJr POA Site Supporter Prowler Junkie Personal ScrapBook From:Pollock Pines, CA, USA |
posted 09-08-2002 10:19 AM
Al is right. If the address books were dumped then the virus would not have any source of email addresses to mail to/from. It doesn't pull them from your in our out box, just your address book. To help you along, consider this. I have been told that a virus email came from me, when in fact I was not infected. The reason - I was in the infected persons address book and the virus spoofed the email address to look like it came from me. If you look at those headers I posted, on the surface it looks like they came from two different people, but if you look at the top, you will see the originator is the same on both emails. The virus on the infected persons computer went through their address book and sent emails spoofing the return address. Hope that helps This message has been edited by CWatsonJr on 09-08-2002 at 10:20 AM |
butchcee POA Site Supporter Prowler Junkie From:Lake Ariel, Pa. |
posted 09-08-2002 10:43 AM
OK Guys and Gals. I'll delete all POA'ers from my book and hopefully all you will do the same and lets see if we can clear this up. No Jokes for a while ------------------ |
Todd Cameron unregistered Admin Use |
posted 09-08-2002 03:47 PM
I think the virus is inside the server on POA, I've gotten to many virus's from members I never knew existed and none from anyone in my address book. Other's have "gotten" things from me who I did not know existed. Also.. I get this virus 2-5 times a day from other people outside the POA... and another dave lynch person sends me an average of 50-100 different virus's a day! |
Mike Krehel POA Site Supporter The World's Quickest Prowler (11.65 sec) and Administrating Kat Personal ScrapBook From:United States |
posted 09-08-2002 04:09 PM
Sorry Todd, I can assure you that there is no virus on or in the POA server. Our server runs Linux, not Windows, is constantly updated with the latest patches and monitored for any suspicious activity including the mail server. If you look at the headers in the Klez mailings, you can clearly see that they are being relayed off other computers and servers. The POA names are coming from infected members PC's address books. Everyone should make sure they are running the latest version of anti-virus software. |
CJ POA Lifetime Site Supporter Prowler Junkie Personal ScrapBook From:Rochester Hills, MI USA |
posted 09-08-2002 04:17 PM
I've been getting a lot of these emails also. However, I can always tell when they are bogus. The name of the sender on the email is totally different that what that person's really is. The subject doesn't usually make any sense, either. I can recognize them right away and just delete. Like Mike said, I believe they go through the address books and pick up enough information to make it look legitimate..........but really isn't. |
Todd Cameron unregistered Personal ScrapBook Admin Use |
posted 09-08-2002 04:44 PM
well, thats good to know Mike! running a scan again on Norton, but my Norton has never picked this up, but I bet I have it though |
ed monahan POA Lifetime Site Supporter Prowler Junkie Personal ScrapBook From:Cincinnati, Oh, USA |
posted 09-08-2002 10:08 PM
I removed every address in my book, all 500 of them. I didn't know I knew that many people. |
GenoTex POA Site Supporter Prowler Junkie Personal ScrapBook From:Oakfield, WI, USA |
posted 09-09-2002 12:59 AM
ed... i got an email from you... and several other prowler names...ALL had same subject "language".... in light of these recent posts deleted it.... was it a 'real' email or one of these perhaps? |
ed monahan POA Lifetime Site Supporter Prowler Junkie Personal ScrapBook From:Cincinnati, Oh, USA |
posted 09-09-2002 01:04 AM
GenoTex, I did not send you an email. It was a virus, I presume. I got the virus again the other night but I removed it by following MeanGene's directions. |
This topic is 2 pages long: 1 2 All times are CT (US) Top of Page Previous Page | Return to General Prowler Discussion next newest topic | next oldest topic |
All material contained herein, Copyright 2000 - 2012 ProwlerOnline.com
E-Innovations, LP