[Vwdiesel] The KLEZ confusion
Sandy Cameron
scameron at compmore.net
Tue Jul 9 09:49:26 EDT 2002
This virus causes the loss of good friends because it sends itself from
computers operated by unknowing users that have been infected, who don't
have virus protection software and probably don't know they are infected.
It ALWAYS fakes a sender address, usually captured from a previous visit to
another computer, from the address lists it finds there, and carries forward
to the dummy computer it is sending from.
As someone here observes, the sender field is useless as a source ID, but
the ISP ID number is probably true, and if you are mad enough about it, you
could seek redress from the ISP it came from.
The only way we will stop getting the hits on the group, is when someone
discovers they have the virus (and they are NOT likely to be a group member)
and cleans it up.
ANYBODY who has your email address in their computer can be a remail point.
Symantec (do a google on KLEZ) has an excellent description of how it works,
and a downloadable free utility for cleaning it out of a computer.
Most firewall programs kill it on arrival (Mine,- PC-Cillin works instantly)
I use a text-only (Eudora lite) mail pgm, and coupled with PC-cillin, keeps
the house clean.
It would be regressive to trash a group or it's owner because it is
effectively dealing with a preventable nuissance. DELETE and move on.
Sandy
More information about the Vwdiesel
mailing list