|
jmlangford
Jun 18, 2002, 2:18 AM
Post #1 of 19
(2332 views)
Shortcut
Registered: Sep 2, 2001
Posts: 1569
|
Someone has hacked into the system somehow and is sending out bogus e-mails using the addresses from people here on rc.com. I have rec'd several in the last couple of days from Trevor and John Gill with huge attachments that use up the memory if opened. John nor Trevor actually sent me anything. I know this because the name that showed up with the e-mail is not the same as the ones that showed up with prior e-mails I have rec'd from them. John assured me he didn't send the e-mails in question and I haven't spoken with Trevor. One of the attachments from "Trevor" and one from someone not a member were photos from this site. This is bullcrap! Is anyone else dealing with this? Please let me know ASAP!
|
|
|
|
|
pianomahnn
Jun 18, 2002, 2:37 AM
Post #2 of 19
(2332 views)
Shortcut
Registered: Feb 17, 2001
Posts: 3779
|
Got the one from trevor. Norton told me it contained a virus dealie.
|
|
|
|
|
jmlangford
Jun 18, 2002, 2:43 AM
Post #3 of 19
(2332 views)
Shortcut
Registered: Sep 2, 2001
Posts: 1569
|
How do I get rid of it if the virus made it into my computer?
|
|
|
|
|
pelliott
Jun 18, 2002, 3:05 AM
Post #4 of 19
(2332 views)
Shortcut
Registered: Mar 10, 2002
Posts: 317
|
I think you can download McAfee virus scanner, for a fee of course, and have it scan your system. When it comes to e-mails, hacking into the system is not required. It is possible for a virus to mail itself to many people and even fake the return addresses so you don't know where they came from. The virus could have come from anyone who has sent mail to an address on this site and still has the address in their address book.
The only smoking gun, so to speak, is that a picture from this site was sent. An email virus or "worm" would have to be pretty smart to grab a picture in the process of sending itself to another host. Or perhaps that is one way that it tricks someone into opening it's attachment.
By the way, the most common way to really become infected by a worm is to open its attachment which would be an executable. If you delete it without opening the attachment you should be okay.
|
|
|
|
|
jmlangford
Jun 18, 2002, 4:29 AM
Post #5 of 19
(2332 views)
Shortcut
Registered: Sep 2, 2001
Posts: 1569
|
e-mail. Not PM.
|
|
|
|
|
freeballn
Jun 18, 2002, 4:49 AM
Post #6 of 19
(2332 views)
Shortcut
Registered: Jun 2, 2002
Posts: 41
|
If you need to do a scan for viruses and don't want to shell out right away, there is a great free virus scanning service at housecall.antivirus.com, from Trend Micro. We use their full version at our work. The free web scan is the same thing, you just have to do it manually, and it is not as fast.
In addition to .exe files watch out for any .vbs files if you are running windows. They can do just as much damage. I delete emails with either unless I was expecting it, and scan it first.
|
|
|
|
|
trevor
Anonymous Poster
Jun 18, 2002, 6:09 AM
Post #7 of 19
(2332 views)
Shortcut
Registered: Nov 11, 2006
Posts: 0
|
I am going to look into this ASAP! I did NOT send anyone emails. If you get one with an attachment, then delete it. If I need to send you an email, then I will send you an email first notifying you then I will send you the file later. There is a vicious email going around that is sent via viruses. I get several per day.
I will look into how/why this is occuring. Sorry about this.
Trevor
...on second thought, I haven't purposely sent an email. However, there is a posibility that an email virus is sending them from my machine. But I've search high and low with McAffee and can't find a thing. I've even followed online instuctions for removing it. So my guess is that it's coming from somewhere else.
[ This Message was edited by: trevor on 2002-06-17 23:11 ]
|
|
|
|
|
jmlangford
Jun 20, 2002, 4:51 AM
Post #8 of 19
(2332 views)
Shortcut
Registered: Sep 2, 2001
Posts: 1569
|
Trevor, so far, I have rec'd them from jgill, elcapbuzz, trevor, and others outside the rc.com comunity. It started with the rc.com members and then I noticed it spreading out. I am 99% sure that I know which rc.com user is behind it. I have suggested that he be banned.He is still around causing grief so I am going to take care of this problem myself. He has been a pain in the butt for months.
|
|
|
|
|
space_monkey
Jun 20, 2002, 5:35 AM
Post #9 of 19
(2332 views)
Shortcut
Registered: Mar 5, 2002
Posts: 91
|
Snoball
just delete the old one and re-download the program. IT will save you money but can get to be a pain to do every 90 days.
|
|
|
|
|
jmlangford
Jun 20, 2002, 11:33 PM
Post #10 of 19
(2332 views)
Shortcut
Registered: Sep 2, 2001
Posts: 1569
|
That is what I am doing with Norton.
|
|
|
|
|
psych
Jun 20, 2002, 11:51 PM
Post #11 of 19
(2332 views)
Shortcut
Registered: Jan 30, 2002
Posts: 416
|
Just a theory, but it might be a virus called Klez. I deal with this one like 5-10 times per day from our customers, and it's not slowing down like it usually would when a new virus comes out.
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html
That link details what the virus is/does. But the sneaky part of it (in a nutshell) is it'll send from an infected machine, to someone in the address book, but it'll send AS someone else FROM the address book. So if I was infected and had John Gill in my address book, it could in theory send a virus to you Jody using John's email address.
To check that if you still have one of the emails in question, right click it and go into the properties. Click on the Details tab and the Return Path there will likely show someone elses email address. This is the actual infected computer.
Just a theory though...
Mike...
--That website I linked to has a removal tool for this virus and it works pretty well if the instructions are followed correctly and if you are actually infected.
|
|
|
|
|
rock_climbin_06
Jun 21, 2002, 12:14 AM
Post #12 of 19
(2332 views)
Shortcut
Registered: May 15, 2002
Posts: 190
|
I am pretty sure norton is free. You should try that cause that has seemed to work out pretty good on my laptop and on my regular compaq. Just some advice though...
|
|
|
|
|
dannymccracken
Jun 21, 2002, 12:15 AM
Post #13 of 19
(2332 views)
Shortcut
Registered: Mar 3, 2002
Posts: 469
|
I agree with Psych that you probably have the Klez virus. I used to do system engineering, including virus prevention, for around 10,000 PC’s. I recently helped 2 friends who had the same symptoms. The Klez virus (it is more like a worm) has the ability to remove the McAfee tools from memory and avoid detection. I had to use the Symantec tool to clean both machines. The Symantec tool is available for free. Feel free to PM me if you have any questions.
|
|
|
|
|
fo_d
Jun 21, 2002, 12:26 AM
Post #14 of 19
(2332 views)
Shortcut
Registered: Nov 4, 2001
Posts: 918
|
I have had several worms in tha last year, The one AV program I found thayt works better than any other is AVG, its free and its does really well on worms.
http://www.grisoft.com/html/us_index.htm
Les
P.S. I learned not to open .exe files from e-mail
[ This Message was edited by: fo_d on 2002-06-20 17:30 ]
|
|
|
|
|
miagi
Jun 21, 2002, 12:39 AM
Post #15 of 19
(2332 views)
Shortcut
Registered: Feb 1, 2002
Posts: 1087
|
Ive got PM's from people that just joined today and talk like 2 year olds(which is quite odd), but no virus emails or anything. Thanks though
|
|
|
|
|
psych
Jun 21, 2002, 1:05 AM
Post #16 of 19
(2332 views)
Shortcut
Registered: Jan 30, 2002
Posts: 416
|
A quick note about AVG: beware!
I wanted to test it, so I installed it on my system at work, updated to the latest defenitions, disabled my other scanners, then purposefully infected myself with both Hybris and Magistr virus'. AVG happily sat there in my systray, didn't warn me, nothing. So I promptly uninstalled it, fired up McAfee again and cleaned both off. Nice being free and all, but....I don't have too much confidence in it personally.
Mike...
|
|
|
|
|
jmlangford
Jun 23, 2002, 5:13 AM
Post #17 of 19
(2332 views)
Shortcut
Registered: Sep 2, 2001
Posts: 1569
|
Just did the norton/symantec thing. I had 40 infected files. They were infected with W32klez.h@mm and W32.elkern.4926. Used the symantec program and cleaned/deleted all but one file. The log wouldn't open to show me which file so I quarantined all of the remaining files(17) in the Norton Anti-Virus quarantine. My question is, can I still use the files I quarantined? Some of them were my photo stuff. Just wondering if my photo software will still work with some of the exe files quarantined.
|
|
|
|
|
beyond_gravity
Jun 25, 2002, 3:20 AM
Post #18 of 19
(2332 views)
Shortcut
Registered: Jan 2, 2002
Posts: 5078
|
I just scaned my comp and found the virus too. But I never got any e-mail's or anything about it. And I dont even have a rc.com e-mail.
|
|
|
|
|
sauron
Jun 25, 2002, 1:28 PM
Post #19 of 19
(2332 views)
Shortcut
Registered: Oct 15, 2001
Posts: 1859
|
jody,
No, you don't want to use the quarantined files. Chances are, it'll cause the virii to spread, and cause more problems, etc..
The best thing to do is to just delete 'em. (Yes, I know - not always the most desirable thing to do)
- d.
|
|
|
|
|
|
