The only reason I am adding one last post about this is because I have researched it and found it is the insidious Klez H. Klez H has all the usual crap plus an added nasty in that it not only sends out virus mailings from infected computers, but does so the entire time that computer is connected, and sends it under assumed names that it takes from the address book. I realized something was screwy when I got one apparently from IRTRAD-L, which isn’t likely to be sharing funny web sites, and from susnfx, who I’m sure is not into Japanese porn.
Since I got virus sendings under these 2 names, I assume that the infected computer belongs to someone in the on-line whistle community who would have both names in their inbox. I therefore encourage you all to update your virus software to scan for Klez H and then check your computers.
Y’know, I wish I knew, but I have been using Outlook and hadn’t thought of that. However, you reminded me that I should have included this link to the Symantec what-have-you:
I didn’t see anything about it in there, but they at least know more about it. The extent of what I know of it I already posted. I thought they’d stopped coming, see, figuring that whoever it was had found the nasty little bugger and had zapped it… when I got one again tonight, well, there you go.
It only seems to propagate from Outlook in that it reads the last victim’s Outlook mailboxes to get the names it uses as aliases. I use Eudora and, even though I receive the damned thing occasionally (all praise to McAfee), so far I don’t think I’ve been responsible for passing it on.
Its funny. 3-4 years ago when I was still active in The Biz, virus hoaxes were a far greater real problem than actual viruses. The virus/worm situation has gotten so bad now that I long for the good old days.
Makes me think of a sorta funny anecdote. About 7-8 years ago, I was attending training in peer support and debriefing techniques with a group of state police officers. While going out for lunch one day, we got to talking about plans for the evening and some of the out-of-town types were looking for advice on good places to find companionship. Aids being a big concern in those days, conversation sort of drifted to concerns/precautions/etc. Another guy then reminisced wistfully on the ‘old days’ when the worst thing you had to worry about was herpes.
On 2002-08-09 09:59, avanutria wrote:
I got one in yahoo from “The Earls” yesterday. I think it’s the first time I’ve been tagged but I know my name was sent out as a sender once.
Did you get an angry e-mail about it? I’m dreading that just a bit… I can send them the link I posted here, provided they don’t think I’m in denial.
So the viruses are quarantined, but where can I get an anti-forward program? One that keeps me from getting urban legends, “inspirational” stories, lame jokes, hoaxes and emotional extortion. That’s when it is implied, or stated outright, that if you do not forward their message to your entire mailing list, you don’t love your family or friends or whatever. This is especially rich when it is stated at the end of a hoax.
“Whistle and I’ll come to you, my lad.”
[ This Message was edited by: Dewhistle on 2002-08-09 13:25 ]
No, actually I got a very polite private message on the board here, notifying me that a suspicious, unopenable email was sent in my name and asking me to confirm whether I sent something or not.
I would advise anyone using Outlook or Outlook Express to turn off the preview pane and set their security to not allow attachments that could potentially be a virus to be saved or opened. The setting is in tools>options>security.
On 2002-08-09 09:51, Chuck_Clark wrote:
About 7-8 years ago, I was attending training in peer support and debriefing techniques with a group of state police officers. While going out for lunch one day, we got to talking about plans for the evening and some of the out-of-town types were looking for advice on good places to find companionship. Aids being a big concern in those days, conversation sort of drifted to concerns/precautions/etc. Another guy then reminisced wistfully on the ‘old days’ when the worst thing you had to worry about was herpes.
This was a group of police officers looking for a place to find “companionship”???
PS About this virus, does the email actually have to be opened to infect you? I always delete any suspicious email without reading it.
[ This Message was edited by: Cees on 2002-08-10 10:00 ]
Since I’m in the address book of, like 3500 people, I always have viruses emailed to me. But this Klez thing has been the worse. I’ll bet I get 6 or 7 copies per day. I don’t use Outlook, which I suppose helps, but it’s still a huge hassle. Currently I have both Norton AND McAfee running all the time. Plus, I route all my incoming email through the Norton antivirus mail servers first (this seems to have cut back on the flow considerably). I also run a screening tool called SPAMKiller which mostly knocks out SPAM, of course, but also catches some viruses. In spite of all of that, while I don’t think I’ve been infected with Klez (oh, I also scan for viruses every 24 hours) it has weirdly caused my system to crash several times.
On 2002-08-10 10:14, DaleWisely wrote:
…Currently I have both Norton AND McAfee running all the time. Plus, I route all my incoming email through the Norton antivirus mail servers first (this seems to have cut back on the flow considerably). I also run a screening tool called SPAMKiller which mostly knocks out SPAM, of course, but also catches some viruses. In spite of all of that, while I don’t think I’ve been infected with Klez (oh, I also scan for viruses every 24 hours) it has weirdly caused my system to crash several times.
Remove one of your virus checkers… they’re probably fighting each other for the same information. See if that helps eliminate the system crashes.
If you happen to use Eudora, I can offer one other suggestion to help with the virus situation.
Under Tools/Options/Incomming Mail, you can set Eudora to skip messages over, say, 40K in size (this is adjustable). What you get then is a message that says all of the message was not downloaded (the full message is left on the server), and you can click on an icon and download again if you want to get the entire message. Essentially this prevents messages with significanty-sized attachments from being initially downloaded and gives you the opportunity to ‘preview’. This has prevented a lot of messages which I suspect to contain viruses from ever being downloaded. You can just delete the partial message if you want, and you’re done with it.
I don’t know if Outlook supports such a feature or not, but it would be worth looking into.
PS About this virus, does the email actually have to be opened to infect you? I always delete any suspicious email without reading it.
It is a fact that you cannot get a virus from reading or opening an e-mail UNLESS your e-mail automatically opens attachments when the e-mail is opened. If attachments stay sealed until you specifically open them, you are safe to read all e-mail.
But if anyone knows any other exceptions to this, please chime in.
The problem with the current klez menace is that it disguises itself as an e-mail from a friend or relative, very frequently, and if it also has a plausible subject (such as “This is a funny website”) you may think your mom just sent you a link and open the attachment.
If you have updated virus protection, this shouldn’t be a problem at the moment. There are always new viruses, of course, that may not be in the updates yet, and that’s why you update frequently and use extreme caution opening e-mails.
Say, you’d think I knew computers, the way I talk.
Perhaps I was too suggestive. The cops involved were out-of-towners and were not in the market for ‘professional’ companionship, just a bar with decent music and at least a chance of meeting someone. These were the milder examples of the breed, all certified as peer support counselors and/or critical incident debriefers - not the typical cowboy with a badge.
