|
See below. At 11:45 AM 9/1/02 -0500, you wrote:
Has anyone received the following mass mailing (attached in entirety below)? This all but convinces me that the security companies, and Symantec in particular, are simply fearmongers. This mail does nobody any good except Synmantec.
I am not so sure it is a mass mailing and not a response from AV from detecting a virus in an Email. It looks like an virus was sent out and worded to fool the normal computer user into installing it. And then AV software detects it when it tries to send itself to another user with AV and that AV software tries to let the sender know they have a virus. But like the email says it takes any old address, because people who write viruses found out if the AV warns the real send they will shut the computer down and get rid of the virus (at least I hope they would). And having the AV send the message itself is not such a bad ideal with always on connections. And if I wrote the AV I might put a plug in for my own software to a user I think may of sent a virus.
I received a message (below) from joepluta@plutabrothers.com with a file 2.30.26.zip attached. Don't know if this came from you, but this type of e-mail and file usually contains a virus. If you don't know that your computer has been sending this message, then you have a problem.
If I had got an email with a virus I would want to warn the sender that they sent me a virus.
W32.Klez.gen@mm is a mass-mailing worm that searches the Windows address book for email addresses and sends messages to all recipients that it finds. The worm uses its own SMTP engine to send the messages. The worm will select an address in the address book and use that as the sender, instead of the actual sending computer, which makes detection that much harder.
It says it may not of come from you, but the best dumb software can do is reply to who it thinks sent it. And having the AV send the notice could let the use know now while they are using their computer. I leave my system on almost all of the time and the AV could send the notice hours before I would.
midrange.com
This threat is detected by the latest Virus Definitions.All computer users
should employ safe computing practices, including:
* Keeping your Virus Definitions updated.
* Installing Norton AntiVirus program updates, when available.
* Deleting suspicious looking emails.
A plug for the software that detected the sent email, lets face it who would not put a plug in for their software. And the last option is if you are not going to get AV here is the best you can do, delete suspicious looking emails
You may also scan your PC for threats now, by using the free online Symantec Security Check. Hope you're not infected, because dealing with a computer virus is no fun! But, in case you are and you weren't aware, I'm sending this to you. Here is the original message:
It should say who sent it to you.
In a message dated 8/31/2002 10:03:09 AM Eastern Daylight Time, joepluta@plutabrothers.com writes: File:2.30.26.zip (42924 bytes) DL Time (44000 bps): < 1 minute Sent from the Internet Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me. "
This looks like text a virus may send out to fool someone into installing the virus even if your AV tells you not to the email says your AV will complain but install it anyway. If may AV caught the fake virus (I think it is the real virus) it should catch the real virus and not need installing the fake virus. What AV vendor would send a mass mailing say "most common AV software can't detect or clean it." And they say if your AV complains about this cure ignore it. What I like to do is search the Internet for some key words out of the email, and find out out about it. And look it is a "trojan horse" who would of thought that. ;) http://www.snopes.com/computer/virus/immunity.htm You would need to look at the header of the email to see where it came from . Start from the bottom and work your way up. Here is a copy of the header from your email: Return-Path: <midrange-nontech-admin@midrange.com> Received: from linux.midrange.com ([207.224.38.113] verified) by mall400.com (CommuniGate Pro SMTP 3.4.8) with ESMTP id 562302 for jross-ml@netshare400.com; Sun, 01 Sep 2002 11:30:17 -0500 Received: from blog.midrange.com (localhost [127.0.0.1]) by linux.midrange.com (8.11.6/8.11.6) with ESMTP id g81GV6O18544; Sun, 1 Sep 2002 11:31:06 -0500 Received: from pbdlx1.java400.net (sdsl-64-32-211-101.dsl.chi.megapath.net [64.32.211.101]) by linux.midrange.com (8.11.6/8.11.6) with ESMTP id g81GUTO18440 for <midrange-nontech@midrange.com>; Sun, 1 Sep 2002 11:30:29 -0500 Received: from pbdws1 ([10.1.1.20]) by pbdlx1.java400.net (8.11.0/8.11.0) with SMTP id g81GjL605753 for <midrange-nontech@midrange.com>; Sun, 1 Sep 2002 11:45:21 -0500 John Ross
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
