It just pisses me off that people can't take the time to update their virus protection!!
From what I can figure, the virus snagged my e mail addresses off my web sites. I have gotten this sent to me at least 15 times in the past week, to my "webmaster@" addresses, and my AOL address. I just tried to forward it to TOS Files@aol.com, and their mailbox is full (of this virus I am sure)
Klez.E is the most common world-wide spreading worm.It's very dangerous by corrupting your files.
Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.
We developed this free immunity tool to defeat the malicious virus.
You only need to run this tool once,and then Klez will never come into your PC.
NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it.
If so,Ignore the warning,and select 'continue'.
If you have any question,please mail to me.
----------------------- Headers -------------------------------- Return-Path: email@example.com
Received: from rly-xa02.mx.aol.com (rly-xa02.mail.aol.com [172.20.105.71]) by air-xa05.mail.aol.com (v84.16) with ESMTP id MAILINXA54-0426120446; Fri, 26 Apr 2002 12:04:46 -0400
Received: from secure29.schmolie.com (secure29.schmolie.com [126.96.36.199]) by rly-xa02.mx.aol.com (v84.10) with ESMTP id MAILRELAYINXA29-0426120403; Fri, 26 Apr 2002 12:04:04 -0400
Received: from pimout2-int.prodigy.net (pimout2-ext.prodigy.net [188.8.131.52])
by secure29.schmolie.com (8.10.2/8.10.2) with ESMTP id g3QG3O210544
for firstname.lastname@example.org; Fri, 26 Apr 2002 09:03:24 -0700 Received: from Wudb (dialup-184.108.40.206.Dial1.Chicago1.Level3.net [220.127.116.11])
by pimout2-int.prodigy.net (8.11.0/8.11.0) with SMTP id g3QG3Oh226912
for email@example.com; Fri, 26 Apr 2002 12:03:24 -0400
Date: Fri, 26 Apr 2002 12:03:24 -0400
From: csmith669 (firstname.lastname@example.org)
Subject: Worm Klez.E immunity
This virus is spreading FAST! I had it mailed to me 6 times in the last 3 days, and our office had 6 infected e-mails this morning!
One of our webmail services hasn't been able to catch in their filtrers. Make sure your virus protection is up to date!
In all the above e mails of the virus in the other thread I started, I masked the actual senders e mail address. NOT THIS TIME.
This is why it is important to read the HEADERS. You can clearly see the above virus was actually sent by email@example.com
If you don't see my classic signature, the e mail DID NOT come from me. For those of you who have not seen my sig, no matter what, I always sign my posts and e mails "~Chuck" since 1997...
Oh, and don't open any e mails with any attachment from "me" regardless of what the subject is, if it has an attachment.
This (as I mentioned before) virus exploits a flaw in MICROSOFT OUTLOOK, that by inserting a simple code in the text of the message, it automatically downloads and runs the attachment without the person who is reading the mail knowing!!!
Again, MICROSOFT realeased a patch to fix this flaw back in NOVEMBER 2001.
IF you use Outlook, go update it! Also, in addition to updating your virus protection software, try and update windows as well. The update "link" is right on your START MENU....
I just got it sent to me again, from "a well respected moderator of Lawnsite/Plowsite" ....... Only it was a forged "from field" and the actual sender was the moderator.... which means his computer is infected.The headers match ever othere mail I have gotten from him in the past.
Most viruses that are targeted at Outlook are designed to enter your address book and then send e-mails with the virus not only from the address book but also from anyone that has sent you e-mails and anyone that is "cc'd in those e-mails. You can help the spread by going into your address book and adding a fake address like "AAAAA" so that it will halt in sending the first wave of outgoing forwards of the virus. This way even if you get it, it won't go after your friends and families. I have seen this work. The other thing you can do is get something other than Outlook and then uninstall Outlook Express.
The "fix" that timm9 mentions only works on very few virus types. Most viruses, worms & trojans will still work around that perceived security measure. I don't have time right now to find & post the link that explains it, but trust me on this one. I have sent the link to Chuck & maybe he has it handy & can post it. This Klez virus has been around for a long time, so it is really funny that anyone would actually get it now, as the patches & virus protection updates to avoid it have been out for a long time. Oh well.