URGENT Virus Warning for BB members

Discussion in 'News & Announcements' started by bb_baptist, May 31, 2002.

  1. bb_baptist

    bb_baptist
    Expand Collapse
    Administrator
    Administrator

    Joined:
    Jun 22, 2000
    Messages:
    7,227
    Likes Received:
    0
    To all BB members,

    I received this Private Message from a BB member today. Please take a few minutes to read it.

    We did NOT send any emails this past week. The email shown below contains an attachment with a virus!

    If you received a similar email, please
    DELETE IT immediately. DO NOT OPEN THE ATTACHMENT.

    You may also send me a Private Message with the return path.

    I will do everything in my power to track down the individual(s) behind this virus attack.

    BB Webmaster


    ----

    Webmaster, when I checked my mail today, there was an email from the BB with an attachment. My antivirus program detected a virus, the following is the info from the email. In all honesty, I don't understand most of the Internet jargon, so maybe you can make heads or tails of it.

    Subj: How are you
    Date: 5/30/02 12:34:43 AM Central Daylight Time
    From: [email protected]
    To: member's email
    File: size.zip (52162 bytes) DL Time (48000 bps): < 1 minute

    Return-Path: <[email protected]>
    Received: from rly-st10.mail.aol.com (rly-st10.mail.aol.com [172.20.105.4]) by air-xb05.mail.aol.com (v86.11) with ESMTP id MAILINXB51-0530013443; Thu, 30 May 2002 01:34:43 -0400
    Received: from rly-xg04.mx.aol.com (rly-xg04.mail.aol.com [172.20.115.201])
    by rly-st10.mail.aol.com (8.8.8/8.8.8/AOL-5.0.0)
    with ESMTP id BAA16932 for <member's email>;
    Thu, 30 May 2002 01:23:43 -0400 (EDT)
    Received: from pimout1-int.prodigy.net (pimout1-ext.prodigy.net [207.115.63.77]) by rly-xg04.mx.aol.com (v86.11) with ESMTP id MAILRELAYINXG44-0530011616; Thu, 30 May 2002 01:16:16 -0400
    Received: from Xwwlptsbg (dialup-64.154.98.165.Dial1.Cincinnati1.Level3.net [64.154.98.165])
    by pimout1-int.prodigy.net (8.11.0/8.11.0) with SMTP id g4U5Fwq244358
    for <member's email>; Thu, 30 May 2002 01:15:58 -0400
    Date: Thu, 30 May 2002 01:15:58 -0400
    Message-Id: <[email protected]>
    From: baptistboard <[email protected]>
    To: member's email
    Subject: How are you
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    boundary=A4382tIf4281

    I hope this helps, I shouldn't have tried to download this but I know the BB so I thought it was safe. At this time, I believe I was able to get rid of the virus, I hope so anyway. I'll run another scan later today, just to make sure.
     
  2. Gina B

    Gina B
    Expand Collapse
    Active Member

    Joined:
    Dec 30, 2000
    Messages:
    16,944
    Likes Received:
    1
    It's possible it may be the Klez virus, it's running around like crazy lately it seems. You have to check the return path to see where it really is from, because it sends itself out as being from anyone in the address books of the people whose computers it's gone through.
    The free removal tool is here: www.bitdefender.com
    You can get a free AVG virus scanner here: www.grisoft.com
    Gina
     
  3. DocCas

    DocCas
    Expand Collapse
    Retired Staff

    Joined:
    Jul 24, 2000
    Messages:
    4,103
    Likes Received:
    0
    The virus is a common one that has been going around for several weeks. It is called the Klez virus and it enters your system, reads your email address book, then picks a file at random and sends it to everyone in your address book. It attaches itself to the file and thus infects the receivers system too. It is dangerous because it makes it appear the email is coming from someone you know. Every person on the internet should have good virus scan software that updates automatically every day! To learn more about the Klez virus go to http://www.virusbtn.com/news/latest_news/wired24may.xml

    To download a good anti virus program go to http://www.grisoft.com/html/us_downl.htm
     
  4. Gina B

    Gina B
    Expand Collapse
    Active Member

    Joined:
    Dec 30, 2000
    Messages:
    16,944
    Likes Received:
    1
    Hmm Doc Cas. This cancels my whole view on the "great minds think alike" adage.
    [​IMG] Gina
     
  5. SueLyn

    SueLyn
    Expand Collapse
    New Member

    Joined:
    Aug 23, 2001
    Messages:
    617
    Likes Received:
    0
    Doc and Gina, I was the one infected with the virus, and I know what kind of virus you are talking about. But, the BB is not in my address book, I always send PM's to anyone on the BB. In fact, I only have 2 addresses in my book, because I only use this screen name for the BB. The 2 in my address book are my husband, my brother, so this little bug did not invade my address book and then pretend to be sending it from a friend. If no one else got one, then maybe someone on the board or who was once on the board, didn't like what I had to say about something. :eek: Who knows? [​IMG] I was able to get rid of the virus very easily, it was quarantined and deleted as soon as it was found.
    Sue [​IMG]
     
  6. Son of Consolation

    Son of Consolation
    Expand Collapse
    Banned

    Joined:
    Mar 26, 2002
    Messages:
    3,000
    Likes Received:
    0
    Sue, did you really delete the virus? I was told by computer experts that when a virus is being quaranteened by your guardian system you shouldn't delete it because the same will remain dormant on the hard drive until a favorable moment. Now, I am not a computer expert but that is what I was told when they purged my computer of a virus last year. [​IMG]

    [ May 31, 2002, 05:06 PM: Message edited by: Barnabas ]
     
  7. SueLyn

    SueLyn
    Expand Collapse
    New Member

    Joined:
    Aug 23, 2001
    Messages:
    617
    Likes Received:
    0
    Barnabas, I guess, in that case, I don't know? :confused: I only know that it is no longer showing up when I run scans. Maybe I should go and check out the sites that Doc and Gina posted, to just make sure. ;) It certainly can't hurt.
    Sue
     
  8. SueLyn

    SueLyn
    Expand Collapse
    New Member

    Joined:
    Aug 23, 2001
    Messages:
    617
    Likes Received:
    0
    Doc and Gina were right! It is or was the Klez virus. I went back and checked my virus program to see what virus it was: [email protected] I'm so sorry Doc and Gina.
    Thanks, Sue
     
  9. Gina B

    Gina B
    Expand Collapse
    Active Member

    Joined:
    Dec 30, 2000
    Messages:
    16,944
    Likes Received:
    1
    Just had this sent, file attached.

    Return-Path: <[email protected]>
    Received: from rly-st08.mail.aol.com (rly-st08.mail.aol.com [172.20.75.165]) by air-yb03.mail.aol.com (v86.11) with ESMTP id MAILINYB34-0605003350; Wed, 05 Jun 2002 00:33:50 2000
    Received: from rly-xd02.mx.aol.com (rly-xd02.mail.aol.com [172.20.105.167])
    by rly-st08.mail.aol.com (8.8.8/8.8.8/AOL-5.0.0)
    with ESMTP id AAA18005 for <[email protected]>;
    Wed, 5 Jun 2002 00:28:20 -0400 (EDT)
    Received: from pimout3-int.prodigy.net (pimout3-ext.prodigy.net [207.115.63.102]) by rly-xd02.mx.aol.com (v86_r1.12) with ESMTP id MAILRELAYINXD24-0605002738; Wed, 05 Jun 2002 00:27:38 -0400
    Received: from Vgzbszfw (dialup-65.58.209.50.Dial1.Cincinnati1.Level3.net [65.58.209.50])
    by pimout3-int.prodigy.net (8.11.0/8.11.0) with SMTP id g554R3n91700
    for <[email protected]>; Wed, 5 Jun 2002 00:27:03 -0400
    Date: Wed, 5 Jun 2002 00:27:03 -0400
    Message-Id: <[email protected]>
    From: baptistboard <[email protected]>
    To: [email protected]
    Subject: News Internet Services
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    boundary=J76bG1UCKK00bC4b5Kt7d861
     
  10. ResIpsaLoquitur

    ResIpsaLoquitur
    Expand Collapse
    New Member

    Joined:
    Apr 10, 2002
    Messages:
    115
    Likes Received:
    0
    This Klez virus hit my computer at work but thankfully, my McAfee virus program caught it in time.I am beginning to think that the anti-virus programmers are sending us the viruses so that we will have to buy their programs that will protect our computers from the virus.Just my viewpoint.....!
     

Share This Page

Loading...