[Fists] re virus attacks

Jim Reid [email protected]
Sat, 20 Apr 2002 10:09:19 -1000 

> I am sending it here because someone on this list is 
> loaded down with viruses on their machine. 

My machine rcvd 5 copies of the W32.Klez.E V today!
Each from a different "source".  Fortunately, I updated
my Norton definitions just yesterday -- the last time
Symantec released to their "Intelligent Updater".
However,  this has been happening everyday now for
the last two or three weeks;  and I am sure few came
because I am subscribed to the FISTS reflector,  I
subscribe to several others.  However,  the W32
can send an e-mail and not use the real machine
which is infected as the source;  see the following
from the Symantec site:

a.. "Because this worm does use a randomly chosen address 
that it finds on an infected computer as the "From:" address, 
numerous cases have been reported in which users of 
uninfected computers receive complaints that they have 
sent an infected message to someone else.

For example, Linda Anderson is using a computer that 
is infected with W32.Klez.E@mm; Linda is not using a 
antivirus program or does not have current virus definitions. 
When W32.Klez.E@mm performs its emailing routine, it 
finds the email address of Harold Logan. It inserts Harold's 
email address into the "From:" line of an infected email that 
it then sends to Janet Bishop. Janet then contacts Harold 
and complains that he sent her infected email, but when 
Harold scans his computer, Norton AntiVirus does not find 
anything--as would be expected--because his computer 
is not infected.

If you are using a current version of Norton AntiVirus, have 
the most recent virus definitions, and a full system scan with 
Norton AntiVirus set to scan all files does not find anything, 
you can be confident that your computer is not infected with 
this worm."

Please,  if you subscribe to e-mail reflectors,  buy and use
a good anti-V program,  and keep the bug definitions up to
date.  New ones are out nearly every week;  there was a
new one caught,  and a fix for it and "catching" definition
set up for Norton's program only yesterday!

73,  Jim KH7M
Note:  Every outgoing e-mail from my machine is scanned
by Norton's before it can be sent!