harbormaster
09-02-2002, 07:22 PM
There are alot of you Donzi guys out there who are fairly new to the internet and computers. If you are going to play on the net, you REALLY need to have a current antivirus program running on your 'puter.
It is also imperative that you update your antivirus program's "virus definitions" every week. The definitions are what help an antivirus program to recognize new viruses.
There is an especially little nasty, widely circulating out there called the KLEZ virus. This virus is causing confusion with alot of people.
The Klez virus will send itself out using other people's names. This means two things:
1. You may receive infected messages that don't come from the indicated sender. The messages may appear to be from anyone including official sources and trusted associates. Their computers are not the ones that are infected and they did not send the email.
2. You may be notified that you sent a virus when it was actually sent by someone else.
Since Klez was released the number of virus laden messages through most email servers has doubled. In one 24 hour period, My personal mail server blocked over 4000 malicious mail messages containing this virus. This is almost 20 times the normal rate.
Please read the section below on infection prevention.
Two of the 120 possible subject lines are "returned mail" and "undeliverable mail" sometimes leading the recipient to believe the attachment is returned email when it is actually the virus. The virus also tries to make the recipient believe it is a patch or virus removal tool. No reputable organization will send such a program via unsolicited email.
The Klez virus infects computers in three major ways:
1. If you click an attachment in a message sent by the virus and your anti-virus software is not up to date.
- Treat email attachments and other unknown
software with care
- Keep your anti-virus software up to date
2.If you read an infected email message using Outlook or Outlook Express and you are running an out of date copy of Internet Explorer. You do not have to click anything to get infected if Internet Explorer is out of date.
- Keep your operating software up to date.
- In particular, make sure Internet Explorer
is up to date.
3. If you share writable Windows folders, Klez will find them and drop infected files into your computer. If you click on an infected file in a Windows share, someone else's or your own, and you're running out of date anti-virus software, you'll get infected.
- Nullify unneeded risk by neither providing
nor using shares that are writable by
anonymous persons (or viruses).
- Treat email attachments and other unknown
software with care
- Keep your anti-virus software up to date
If You Receive an Email Message with the Virus
It is unlikely that the actual sender is the one that is displayed in the FROM: field. The email addresses in both the To: and From: fields are selected at random from a number of sources. The safest course of action is to delete the message.
If Your Computer is Infected
Variants of the virus may delete all files on the hard drive on certain dates.
Other variants choose files from the hard drive to send along as an additional attachments. This may lead to exposure of confidential data or documents.
Use Microsoft's Windows Update Service to update your computer. Failing to do so may result in a quick re-infection.
Download and run the Symantec tool that removes the various variants of Klez. It can be found here: http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html
Install auto-updating anti-virus software. Failing to do so may result in a quick re-infection.
It is also imperative that you update your antivirus program's "virus definitions" every week. The definitions are what help an antivirus program to recognize new viruses.
There is an especially little nasty, widely circulating out there called the KLEZ virus. This virus is causing confusion with alot of people.
The Klez virus will send itself out using other people's names. This means two things:
1. You may receive infected messages that don't come from the indicated sender. The messages may appear to be from anyone including official sources and trusted associates. Their computers are not the ones that are infected and they did not send the email.
2. You may be notified that you sent a virus when it was actually sent by someone else.
Since Klez was released the number of virus laden messages through most email servers has doubled. In one 24 hour period, My personal mail server blocked over 4000 malicious mail messages containing this virus. This is almost 20 times the normal rate.
Please read the section below on infection prevention.
Two of the 120 possible subject lines are "returned mail" and "undeliverable mail" sometimes leading the recipient to believe the attachment is returned email when it is actually the virus. The virus also tries to make the recipient believe it is a patch or virus removal tool. No reputable organization will send such a program via unsolicited email.
The Klez virus infects computers in three major ways:
1. If you click an attachment in a message sent by the virus and your anti-virus software is not up to date.
- Treat email attachments and other unknown
software with care
- Keep your anti-virus software up to date
2.If you read an infected email message using Outlook or Outlook Express and you are running an out of date copy of Internet Explorer. You do not have to click anything to get infected if Internet Explorer is out of date.
- Keep your operating software up to date.
- In particular, make sure Internet Explorer
is up to date.
3. If you share writable Windows folders, Klez will find them and drop infected files into your computer. If you click on an infected file in a Windows share, someone else's or your own, and you're running out of date anti-virus software, you'll get infected.
- Nullify unneeded risk by neither providing
nor using shares that are writable by
anonymous persons (or viruses).
- Treat email attachments and other unknown
software with care
- Keep your anti-virus software up to date
If You Receive an Email Message with the Virus
It is unlikely that the actual sender is the one that is displayed in the FROM: field. The email addresses in both the To: and From: fields are selected at random from a number of sources. The safest course of action is to delete the message.
If Your Computer is Infected
Variants of the virus may delete all files on the hard drive on certain dates.
Other variants choose files from the hard drive to send along as an additional attachments. This may lead to exposure of confidential data or documents.
Use Microsoft's Windows Update Service to update your computer. Failing to do so may result in a quick re-infection.
Download and run the Symantec tool that removes the various variants of Klez. It can be found here: http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html
Install auto-updating anti-virus software. Failing to do so may result in a quick re-infection.