V8Board Klez Virus?

Discussion in 'The Bench' started by flynbuick, Jan 22, 2003.

  1. flynbuick

    flynbuick Super Moderator Staff Member

    I am getting messages containing the Klez virus almost every day. We are protected and they are being dealt with with no problem. From an examination of the messages I think the source is a Board member. Is anyone else receiving these attempts to infect your computer? If so do any of you computer guys have any suggestions as to how to home in on the source?
     
  2. Marco

    Marco Well-Known Member

    I get them too Jim (I have scripting turned off in my mail program, in addition to McAfee which automatically updates)

    I'm not sure how to trace this.
     
  3. flynbuick

    flynbuick Super Moderator Staff Member

    Marco:

    I thought so. Can Mike Bucy have it traced from the server end?
     
  4. I've only seen this virus once in the last 4-6 months, just yesterday as a matter of fact. It came thru the Buick Performace Club email list though, not the V8 board, or the BPG board. My McAfee catches it every time if I venture a peek at the suspect email. I usually recognize the signs and just delete it though.
     
  5. Roberta

    Roberta Buick Berta

    I'm getting them also, sometimes alot in one day then none for awhile?
     
  6. Jim Weise

    Jim Weise 1000+HP

    This type of format will not send out a virus.. they come thru emails normally, and there was a whole lot of discussion recently on the Buick Performance mailing list about these. Viruses are sent hidden in messages, and are exicutable programs, and all your doing here is downloading a web page to view in your browser.

    We have anti-virus protection up the wahoo, which protects our providers server. We have had no problems so far.

    JW
     
  7. dcm422

    dcm422 Well-Known Member

    Roberta,
    Did you send me an email with attachment yesterday? I got one and deleted it cause it looked suspicious.

    Mark
     
  8. BillMah52

    BillMah52 Well-Known Member

    Some people who have Outlook may have the Klez as a resident of their E-mail program without knowing.
    It automatically attaches to everyone on their mailing list.
    This has been a problem with a few boards for some time.
     
  9. flynbuick

    flynbuick Super Moderator Staff Member

    Dr Weise:

    I suspect that it is someone on the Board who has communicated with other members by private email. As you know, Klez 32 takes words from the infected e-mail program and jumbles them up as it throws infected messages to everyone in that address book, so it is impossible to pin the virus to any one computer by looking at the sender, but words I have seen in infected message headings include"tripower" and "Txmusclecars". If other members have received an infected message with the same words or other car-related words in the heading it stands to reason that we have someone in common.

    Anyway, I just wanted to give everyone a heads up that they should make sure that their antivirus program is up to date and protecting them from this virus. I understand that if you get this virus on your computer iit is possible to fix but a pain in the ....
     
  10. Roberta

    Roberta Buick Berta

    NOPE! and I don't even have you in my address book!
     
  11. dcm422

    dcm422 Well-Known Member

    That's what I thougt. I can get the id if you want. Not too may people with your last name and "R" intial.
    That is why I thought it was fake.

    Mark
     
  12. Roberta

    Roberta Buick Berta

    What address did it come from? rvasilow@tir.com, has been dead since the end of MAY!
     
  13. Brad Conley

    Brad Conley Guest

    me too...

    I've been receiving these as of late, also. Norton (which updates daily...) has caught every one. I'd say about 15 in the past week. It does seem to be coming from someone on this board.

    Hummmm....:puzzled: :puzzled: :puzzled: :spank: :spank:
     
  14. Smartin

    Smartin Guest

    I haven't gotten anything from folks on the buick boards.

    I do get lots of viruses sent to me. but none that are suspicious of being from a member.
     
  15. Bill Bailey

    Bill Bailey Well-Known Member

    :ball:
    I had this virus sen't to me while I was real active on this board last month, can't say who either, but it was not caught by my old Norton anti virus. I had to purchase a new updated system over the internet, problem was when I installed the new system it was infected with the klez virus because I never uninstalled the original Norton system. I paid $69 to speak with the Norton tech people on two ocaisions. They talked me through the removal of the newly purchased Norton anti virus bought on the internet,and original Norton system removal, then they talked me through the removal of the klez virus, and then they reinstalled the new upgrades Norton anti virus with all the bells and whistled. I have e- mail protection on all incoming and outgoing e- mail now. The whole mess caused me to spend around a couple hundred before it was over. What a nightmare. I would love to find the creator of this virus and do burn outs with my 65 GS on his face. Take care friends.
    Bill Bailey
     
  16. Jim Weise

    Jim Weise 1000+HP

    Well,

    It is possible that someone is sending viruses to your email, thru the email features of the board.

    If that is a problem, I can turn those features off. The board is not generating them, but someone may be emailing thru the board.

    Question.. do you get the messages thru the board?.. that email is very distinctive. All email addresses are hidden, so they would have to be done thru the board, for V8 Buick to have anything to do with this problem.


    And yes, some folk need to find something to do, other than send out viruses.

    JW
     
  17. bobc455

    bobc455 Well-Known Member

    I get these viruses sent to me all the time. Thanks goodness I read my email in UNIX!

    Anyhow, I believe that whatever virus these people have somehow scans the web pages for email addresses, then sends the nasty emails from there. Technically I don't think that's a virus, but whatever program is doing this is pretty widespread.

    The virus typically is delivered to me in a program that is designed to look like a .wav audio file, but then is actually a visual basic script (.scr).

    I bet if I didn't put my email address at the end of every message, I would get a lot less of these viruses sent to me.

    -Bob Cunningham
    bobc@gnttype.org
     
  18. Brad Conley

    Brad Conley Guest

    Jim,

    No, I do not believe they are coming through the board, just that "someone" that has contacted us is sending the viruses...the common link is the board's members. I don't believe you need to turn off the email feature as it is not going through there.
    BC
     
  19. flynbuick

    flynbuick Super Moderator Staff Member

    I agree with Bill M.
    Based on what we have seen with other Klez outbreaks, my bet is that an active member has Klez resident in their Outlook program and doesn't know it. Since the virus just spews e-mails with junk sender and message info, they are so hard to track but we do have some clues - the person with the viral computer has communicated via e-mail with those of us who are getting the infected e-mails, their computer still has Roberta's old e-mail address, so the member has been involved in this group for at least 6 months and has previously communicated with Roberta and Mark via e-mail, and the machine starts spewing only when the member turns it on (which explains the intermittant nature of the messages - we were on-line almost all day yesterday, and got 3 infected e-mails within the same hour - someone turned on their computer right then). I am game for any plan that anyone can come up with to help identify the infected computer.
     
  20. BillMah52

    BillMah52 Well-Known Member

Share This Page