OT - Dsboards is NOT infected with a virus

[Midnite]

Dsboards and its administrative addresses are NOT infected with a virus.  The emails being circulated that purport to be from dsboards accounts and from its users are actually originating from one individual's email account; if you expand the headers in the email messages you'll see the actual sender's address.  This person is aware they have the virus and is taking steps to rid their computer of it.  However, I wanted to assuage any concerns that posting here or allowing your email address to be listed on the forum puts anyone at risk because that isn't at all the case-- You're receiving these emails because your address is in the address book of the infected computer, and the names/e-titles from other users/messages in that same address book are merely masking the actual originating computer.  The Klez virus is one tricky little buggar, and it sends out these emails without the user's knowledge.

For your protection, do NOT open any attachments unless you have a CURRENT antivirus program, and update your program if you haven't already done so.  A removal tool/scan for the Klez virus is available on the Symantec website at
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html

Some messages also apparently contain the addresses of ezboards users, but to my knowledge Ezboards itself is also NOT infected.

[Josette]

Point of curiosity - how do you expand the headers?

I've been receiving messages, about one a day, that claim to be huge files, but contain no message and no attachment.  I've assumed that since there is no attachment, I'm safe.

The first supposedly came from the SciFi Bulletin Boad!  Another was from a poster here (who did not send it) and today a "returned" message (that I hadn't sent) to someone with a definite DS name.  The others were total unknowns.  So, I'd really be curious to try that expanding the header and see if those are the worm and if it's all from the same place.

[Mark Rainey]

Point of curiosity - how do you expand the headers?

Josette -- It depends on what program you're using. If you're on Outlook Express, right click on the email in the list, select "properties" and then click the "details" tab. You'll see several "Received from" entries; usually the bottom one shows the actual email address that originated the message.

If you're using Yahoo, Hotmail, or another Web-based mail program, there are highlighted links at the top of the screen that you just click to expand the headers.

I've been receiving messages, about one a day, that claim to be huge files, but contain no message and no attachment.  I've assumed that since there is no attachment, I'm safe.

Not entirely. I've received worms the same way, without an apparent attachment. If your antivirus program is scanning the emails, it should identify it if it's infected. If you're running OE 5.0 or 5.5 without the later security patches, the worm can run itself; but if you have the security patches, or use OE 6.0, it won't open and all you'll see is that blank screen. If you're running Netscape or another mail program, the worm won't open itself.

The first supposedly came from the SciFi Bulletin Boad!  Another was from a poster here (who did not send it) and today a "returned" message (that I hadn't sent) to someone with a definite DS name.  The others were total unknowns.  So, I'd really be curious to try that expanding the header and see if those are the worm and if it's all from the same place.

Yep, I've been getting the message from "Ezboard postmaster" as returned mail. But if you check the extended headers, it comes from an Earthlink address, and it may be from the person on this board who did get infected.

[shadow=maroon,left,300]--Mark[/shadow]

[Minja]

Josette,

Go to your mailbox and click mailbox on the top line where there's "file, edit, view, mailbox".  Click on mailbox then on View Mesage Source and you'll see where it's from.

I know I'm not sending anytihng.  I just got the ability to send e-mails out of my mailbox last night when I reinstalled earthlink.  And now the Norton antivirus scans MY e-mails that I'm sending before they leave!  Rather wicked cool I'd say!!!

Always, Minja

[MsCriseyde]

This virus is most definitely a royal pain in the !@#$%. It's now circulating through the university's e-mail system, and one of the infected users had my name in his/her address book, so the virus sent itself out using my name. Now, in addition to Norton Antivirus catching 10 copies of the virus in my inbox a day, I have to contend with nasty e-mail from people saying I sent them a virus or moron e-mail from people I don't know saying that I sent them an attachment that they can't open. DUH! If you don't know me, why, for the love of God, are you trying to open an attachment from me? I thought that was a fairly basic rule, like not taking candy from strangers, etc.

I would send out nasty replies, but I can't tell if someone is student or faculty just by the e-mail address.  

[Josette]

Thank you, all.  I just use the Netscape mail.  There isn't a separate "Mailbox" listing, but I tried View and there was a choice for all headers.  There are a couple of listings for "Received" with a bunch of different addresses, but at the top is Return-path and in each case it's the same address.  I don't know if it's the person from here or not (who contacted me - but this address is different than the one listed here).

I have the McAfee Clinic, which was updated each of the last two days.  I assume it would notify me if it caught something!