Psst... Ready to join TalkBass and start posting, make new friends, sell your gear, and more?  Register your free account in 30 seconds.

Klez capabilities question

Discussion in 'Off Topic [BG]' started by Peter McFerrin, Dec 23, 2002.


  1. Can Klez spoof From addresses in an email's headers? I've gotten a couple of complaint emails from sysadmins, which is odd because I always have NAV Auto-Protect running and LiveUpdate set to run daily, and I'm quite sure I'm virus-free (Klez usually causes massive performance hits within a few days of infection).
     
  2. john turner

    john turner You don't want to do that. Trust me. Staff Member Administrator

    Mar 14, 2000
    atlanta ga
    yes, it can. the real source of the email will be the x-apparently from: section in the email header. check it out - if it has your email header in it, then you be spreadin' the disease, cochese.
     
  3. I'll ask the dude who's staying in my apartment over the break (I'm at home 'til ~01/10/2003) to check the headers if I get another one.
     
  4. I'm not sure if this is related, but I've been getting 25-50 messages saying "Message returned: Unknown Address" or something to that effect from Yahoo's mailer-daemon as if I've been sending out advertisements to dozens of people at random. I don't use MS Outlook or anything like that, just hotmail and my school account online, but come to think of it my mom uses Outlook on this computer (I'm home for break right now, too). Is this possibly related and what should I be doing to fix it?
     
  5. jazzbo

    jazzbo

    Aug 25, 2000
    San Francisco, CA
    I know this is English. It definitely appears to be English, but for the life of me, I can't understand it at all. Especially that first sentence: "Can Klez spoof From addresses in an email's headers?" Okay, who says a what from a where?
     
  6. lump

    lump

    Jan 17, 2000
    St. Neots, UK
    Whew. It's not just me. And someone really needs to explain, "Klez usually causes massive performance hits within a few days of infection."

    Yeah, I remember college...
     
  7. Josh Ryan

    Josh Ryan - that dog won't hunt, Monsignor. Staff Member Supporting Member

    Mar 24, 2001
    luddites. :D
     
  8. DougD

    DougD Bassman7654

    Sep 19, 2002
    North Las Vegas NV
    I too have been receiving mailer-daemon? Emails and I just delete them. The virus will run its course after a while and the emails will stop. One more thing, I called my service provider (Earthlink) and they said that they would never send messages to people saying that they are infected with anything! (they wouldn’t know unless they opened your email). So I think that is just another trick of the virus meant to scare people into doing something silly. The best way to combat the virus is to always virus-scan your emails, Never ever open unsolicited emails (especially if they have attachments), and DONT' SPAM YOUR FRIENDS (this includes the "pass this on to 10 of your friends or little Sara will starve to death" type of crap). The virus will resurface from time to time (cause some people just gotta open up them thar attachments) :)
    And then were in for another round.:rolleyes:
     
  9. Try going to Pandasoftware.com and downloading a tool to run on your PC.

    I am not a huge fan of Norton, sometimes thier tools are to destructive, sometimes they don't get every bit of the virus out.
    All and all it is a great product but like all not perfect.

    I.e. When the nimda virus came out and took the world by storm Cheyenne AV kept putting out updates and fixes for about a week. Norton did the same for a day and then put a disclaimer on the web page saying sorry . . . blah blah blah

    The Brasil virus that is out, Norton removes it but it always comes back a day later.

    YMMV