A couple of years ago someone on my Audi list forwarded to me a secret
on how to evade the Klez virus propagator. I figure it would be appropriate
to do so here. I've always run Outlook Express and despite it being a
Microsoft based email reader, I've never had any complaints. Considering
that these Viruses generally affect email downloaders and not web based
email like Hotmail, then the solution is quite stupidly simple.
If you add the identity !000 to your address book with the address of
Wormalert you will do two things to the propagating program of the worm.
First, because of how the propagator works it goes alphabetically through
your email address and the address !000 would end up first in your book.
Supposedly because it's not a valid address the worm will find an error and
stop running. Second, even if it doesn't stop running, it will try to send
itself to that address and find none, then return to you with a failed
mailer message indicating to you that you're infected.
Currently I'm having issues with someone who has the worm Yaha K. The
problem with this one is that it changes it's from address before arriving
at it's destination so a response to that address goes no where. I'm on
someone's mailer who has it and I can't find out who. All I have is their
ISP address. :'(
Rave Racer
'89 Jetta 1.8L 16V GTX gone but not forgotten
http://www.vwot.org/members/Pete.html
'87 Audi 4000 Quattro Sedan another victim of time
http://www.audifans.com/registry/view.php?action=viewCar&carid=110
'72 Triumph GT6
http://www.triumphowners.com/uploaded/50-50-111014_20raveracer-gt6-1.jpg
'83 Toyota Tercel (yoda) ...is no more
> Date: Wed, 12 Feb 2003 08:16:39 -0800
> From: "Kristi Richardson" <lytabyron@hotmail.com>
> Subject: Re: Rash Of KLEZ infected messages
>
> I have had 2 infections in the last month, Brad has had none, so I never
> thought of the spitlists as infectious. Figured it was all my "adult
sites".
> Just kidding!
>
> Kristi
> - ----- Original Message -----
> From: "Joe Curry" <Spitlist@gte.net>
> To: "Spitfire Internet Mail List" <spitfires@autox.team.net>; "Triumph
> Internet Mail List." <triumphs@autox.team.net>
> Sent: Tuesday, February 11, 2003 8:33 AM
> Subject: Rash Of KLEZ infected messages
>
>
> > Recently, I have received a rash of messages infected with the KLEZ
> > worm. Fortunately, NAV has detected them before they can do any
> > damage. I am wondering if everyone else on the lists are also getting
> > bombarded with them.
> >
> > It seems that at least 30 percent of my messages are infected.
> >
> > Please bear in mind that this worm is spread by reading the address book
> > of email programs, so everyone please update their antivirus definitions
> > to be sure that you are not unknowingly contributing to this outbreak.
> >
> > Regards,
> > Joe Curry
/// triumphs@autox.team.net mailing list
/// or try http://www.team.net/cgi-bin/majorcool
/// Archives at http://www.team.net/archive
|
