Here I am

E~Mail Funnystuff Part four

Attention: TDR Forum Junkies
To the point: Click this link and check out the Front Page News story(ies) where we are tracking the introduction of the 2025 Ram HD trucks.

Thanks, TDR Staff
F

email notification

  • formula
  • Replies: 2
N

Classifieds

  • nwinters
  • Replies: 1
ToolManTimTaylor

ToolManTimTaylor

Steve ... ... Now this :



Subj: W32. Klez. E removal tools

Date: 11/2/2002 1:32:01 PM Eastern Standard Time

From:

To: -- email address removed --

File: setup. zip (56946 bytes) DL Time (TCP/IP): < 1 minute

Sent from the Internet (Details)







Symantec give you the W32. Klez. E removal tools

W32. Klez. E is a dangerous virus that spread through email.



For more information,please visit http://www.Symantec.com



<hr>





And This:



Subj: Welcome to my hometown

Date: 11/2/2002 2:44:15 AM Eastern Standard Time

From:

To: -- email address removed --

File: 1869028530. zip (56960 bytes) DL Time (TCP/IP): < 1 minute

Sent from the Internet (Details)



<hr>



And this:



Subj: Cbc, cbf

Date: 11/4/2002 10:03:31 PM Eastern Standard Time

From:

To: -- email address removed --

File: width. zip (59664 bytes) DL Time (TCP/IP): < 1 minute

Sent from the Internet (Details)
 
Last edited by a moderator:
Tim, please open the message header information and tell me what it says in there as to where it came from like I said in your last message. The parts of the email that you posted there tell me nothing. I get emails every day just like those that supposedly come from MYSELF :). I know for a fact that Robin has the latest releases of anti-virus dat files on all the PC's that have that email address on them that definately cover all three of those viruses. If you are using outlook express when you open the message click on file->properties->details and copy and paste the received from lines. Like I said before both Robin and my email addresses are out there in 10's of thousands of peoples inboxes and viruses now go through your inbox and sent items folders and send themselves out from your PC and masquerade as the users that you have received email from and those that you have sent it to so that they can't be traced to their source. The received from line will however tell you what email server it came from but not the user.
 
Steve ... . If I use AOL's Proprietary software (7. 0) which is hardly EVER I can only get what you see above ... . Nothing else as aol does not recognize point of origin if it is from anything OTHER than Aol. (Hence the note *This message was sent from the internet)



However I enter aol thru an open gateway (AOL Anywhere) @ Aol.com's http address. When I do that it is an aplet that displays mail like a JPEG type form (If you right click an open message and select properties it has a .jpg extension at the end of the details)



I can try a point of origin tracking software that is ancient but it just may work. Kinda like a Ping.
 
BAM!!!



The KLEZ Mail



<hr>

Return-Path: <craig@eskimo.com>

Received: from rly-zd04. mx. aol.com (rly-zd04. mail. aol.com [172. 31. 33. 228]) by air-zd05. mail. aol.com (v89. 20) with ESMTP id MAILINZD53-1102133200; Sat, 02 Nov 2002 13:32:00 -0500

Received: from mail. eskimo.com (mail. eskimo.com [204. 122. 16. 4]) by rly-zd04. mx. aol.com (v89. 20) with ESMTP id MAILRELAYINZD44-1102133136; Sat, 02 Nov 2002 13:31:36 -0500

Received: from Tof (1Cust89. tnt11. krk1. da. uu.net [67. 250. 80. 89])by mail. eskimo.com (8. 9. 1a/8. 8. 8) with SMTP id KAA06320for <ToolManTimTaylor@aol.com>; Sat, 2 Nov 2002 10:30:59 -0800 (PST)

Date: Sat, 2 Nov 2002 10:30:59 -0800 (PST)

Message-Id: <200211021830. KAA06320@mail. eskimo.com>

From:

To: -- email address removed --

Subject: W32. Klez. E removal tools

MIME-Version: 1. 0

Content-Type: multipart/alternative;boundary=Q40717kp0z4Dj9U021j195l06yh1MyH0Kk

<hr>



Workin' on the others
 
Last edited by a moderator:
As I suspected it definately didn't come from Robin or the TDR. If it had come from them you would have seen netcom.com or bellsouth.net (the ISP's that they use) in the received from lines. In that case it came from someone at either eskimo.com or Tof. With the way these viruses work there is no way to trace it further. There's nothing we can do about it. This is why everyone needs to have virus protection!
 
Yeah I know my bad I couldn't see the source up 'til yesterday. Anywho Steve if it's O. K I will keep theese threads going along with theese so now everyone not just new members can see what the common e~Mail viruses that Masqurede <---- Ugh robin's address (And yours for that matter cause that's happened too) will come up as.
 
Thanks to TM's pointer, I downloaded the software from the Semantec site (took almost all day to download, install and run!) - it found a virus called "seeker" on my system - hope it got all of 'em...



I also run AVG and Zone Alarm - neither of them caught the virus, even tho' both are up to date... :rolleyes:
 
You must log in or register to reply here.
Issue 128 – Digital Version
Digital Magazines
FREE!
TDR Test Drive - Digital Edition
Renew
Subscribe
Gift Subscriptions
Back Issues
Subscription Status
Address Change Form
Buyer's Guides
Ram Diagnostic Trouble Codes
The Perfect Collection
The Perfect Collection Vol. II
TSB Updates
Dodge/Cummins Historical Overview
Cameron Collection
What Makes Us Tick?
Product Showcase
Advertising



Turbo Diesel Register
Issue 128 – Digital Version
Digital Magazines
FREE!
TDR Test Drive - Digital Edition
Renew
Subscribe
Gift Subscriptions
Back Issues
Subscription Status
Address Change Form
Buyer's Guides
Ram Diagnostic Trouble Codes
The Perfect Collection
The Perfect Collection Vol. II
TSB Updates
Dodge/Cummins Historical Overview
Cameron Collection
What Makes Us Tick?
Product Showcase
Advertising



Back
Top