Email virus is lurking among this board...

[MBAtarga]

I just wanted to note that I have received 2 virus emails recently of concern. The first - from the Pelican server itself - I got this msg:

Recipient of the infected attachment: Wayne at Pelican Parts\Inbox
Subject of the message: Questionnaire
One or more attachments were quarantined.
Attachment HREF.scr was Quarantined for the following reasons:
Virus W32.Klez.H@mm was found.

The problem is, I didn't send any email/questionnaire to Pelican. I don't understand why a virus was "detected" from me.

The second email - just received - had a subject line of:
Hi! Japanese Girl VS Playboy. I recognized the sender listed as a regular poster on this board.

It's obvious that a virus out there has accomplished the means to get to email addresses used by folks on this board. I would recommend the use of virus detection software to all...

[Early_S_Man]

Yes, I got two from "wayne@pelicanparts.com" today through MSN Messenger to my Hotmail ID which is listed in my profile here ...

Also got multiple messages from "Island911" to MSN Messenger over the past couple of weeks that were 127K in size.

I will now de-install MSN Messenger! Permanently!

[pwd72s]

Thanks for the heads up guys...I'm thankful I have McAfee...worth the annual fee, IMHO...

[David McLaughlin]

With the Klez Virus, it doesn't always come from the person it is addressed from. In other words, Someone may have Waynes email address in their address book and the virus picked that address to use as it's sender.

[k9handler]

Klez started in tha Kazaa enviornment...so any Kazaa users run a full virus scan as soon as possible.

[JSDSKI]

the fix for klez is available as a free download at Symantec's site (makers of Norton Anti Virus) you run it from your desktop while your Windows system runs in "Safe" mode. There is also an explanation of how it works and spreads - one way is thru Outlook Express email address books. Outlook is exceptionally vulnerable to that type of virus because of the way Outlook connects to other Microsoft programs.

It is highly unlikely that the virus came from Wayne or Pelican because of the AV software they are using - much more likely it came from someone (who probably has never used Pelican) who knows someone who knows someone who uses the forum and has their email address....

[surflvr911sc]

I received a message at my AOL account from Early_S_Man 's hotmail account with an attachment that sounded like a meeting announcement. Norton found it and I deleted it and ask Early_S_Man if he could explain it. I didn't recognize the file extension, and can't remember what it was, but my point, I guess, is that it can come in different forms and sources. Unless it's a different virus all together, which I doubt since Early_S_Man knew something wrong was up.

['77]

Many viruses also harvest e-mail addresses from cached web pages on an infected machine, so it is possible that many Pelican users e-mail addresses are in the browser's cache from various surfing (linking to personal sites and car picture galleries or from the Pelican site itself). I've received at least 25 virus messages in the past 2 days alone from all over the place, including a few from Pelican folks. Get those MS browser security patches in addition to running AV protection.

[Early_S_Man]

I neglected to mention in my email back to Ryan from the AOL email system that the email he got couldn't have come from my computer because I don't use MS Outlook or Outlook Express, and have never used the Hotmail ID or account to originate email. I don't believe the AOL mail system is subject to the same security problems as Outlook, and for that I am thankful!

This 'mimicing' the originating email addressing of others is a new wrinkle, but with the securuty holes in the Outlook variants ... I guess almost anything is possible. I guess that by looking at the email headers Symmantec or McAfee could track down the true originating source.

[surflvr911sc]

I should have looked further into the email I received from you Warren. Even if we couldn't do anything about, it would have at least given us more to talk about. I have been pretty lucky to date when it comes to viruses and it really surprised me, so I deleted it and ran a complete scan as soon as possible. Hope we're done with those. Thanks for getting back to me so fast.

[targa911man]

Ihaven't gotten any klez warnings, but in the past two days Norton Internet Security has intercepted 3 Backdoor/SubSeven attempted intrusions while I've been browsing this board.

[old_skul]

I got one from Wayne as well. I run Norton AV, so it's no big deal, but I don't think it spoofs the "from" address. I think it's got different spreading methods maybe and sending an email to everyone in your address book is method #1.

And who would have known that Warren was an AOL h@x0r?!