Virus Warning
Posted: Thu May 30, 2002 8:59 pm
WARNING!
I received a lot of mails infected by a certain virus, a worm called W32.Klez.H@mm.
Why do I post this here? Because the mails were only sent to my mail account linked at my site (Dave's Corner) which is probably almost only visited by lurkers of this forum. So this might be interesting for some of you.
If you receive mails with messages like
"Welcome to my hometown",
"So cool a flash,enjoy it",
"End hiding script from old browsers",
"W32.Elkern removal tools",
"A WinXP patch",
"Hello,sos!",
"He looks for a rebound." (this list is not complete!) with an attachment like
"border.pif", src.bat",
"install.exe",
"value.pif",
"slideshow[1].scr",
"437450@x27!x27[1].exe" (either not complete),
DO UNDER NO CIRCUMSTANCES OPEN THE ATTACHMENT, even if the sender seems to be trustworthy!
The virus uses the address book and inserts known sender names. So don't trust these mails.
If you use MS mail clients, well then you might already be infected. Because Outlook (Express) can open attachments automatically (without asking).
You get more information and a removal tool here: Symantec Security Response - W32.Klez.H@mm.
Take this little advice from me: Don't use MS mail clients. I haven't had any problems with this virus, because my mail clients doesn't do anything with attachments automatically and doesn't have an address book which the virus could 'see'. It doesn't even display HTML, just plain text. (Another security problem.) Only my virus scanner popped up a message.
If you search for a different free mail client, you may give Pegaus or Kaufman Mail Warrior (sounds proper, heh?) a try. You can find them i.e. here TUCOWS.
Dave
I received a lot of mails infected by a certain virus, a worm called W32.Klez.H@mm.
Why do I post this here? Because the mails were only sent to my mail account linked at my site (Dave's Corner) which is probably almost only visited by lurkers of this forum. So this might be interesting for some of you.
If you receive mails with messages like
"Welcome to my hometown",
"So cool a flash,enjoy it",
"End hiding script from old browsers",
"W32.Elkern removal tools",
"A WinXP patch",
"Hello,sos!",
"He looks for a rebound." (this list is not complete!) with an attachment like
"border.pif", src.bat",
"install.exe",
"value.pif",
"slideshow[1].scr",
"437450@x27!x27[1].exe" (either not complete),
DO UNDER NO CIRCUMSTANCES OPEN THE ATTACHMENT, even if the sender seems to be trustworthy!
The virus uses the address book and inserts known sender names. So don't trust these mails.
If you use MS mail clients, well then you might already be infected. Because Outlook (Express) can open attachments automatically (without asking).
You get more information and a removal tool here: Symantec Security Response - W32.Klez.H@mm.
Take this little advice from me: Don't use MS mail clients. I haven't had any problems with this virus, because my mail clients doesn't do anything with attachments automatically and doesn't have an address book which the virus could 'see'. It doesn't even display HTML, just plain text. (Another security problem.) Only my virus scanner popped up a message.
If you search for a different free mail client, you may give Pegaus or Kaufman Mail Warrior (sounds proper, heh?) a try. You can find them i.e. here TUCOWS.
Dave