Home Competition Regions Dancing Comp. Rules Age Groups Hall of Fame Feis Handbook NAFC Championships Rules_Championships 2007 Feis Schedule 2006 Feis Schedule FAQs Links Events Convention 2007 News Nationals Crescent City Feis Contact Information Members

Virus - [email protected] worm

This virus is still making the rounds. Make sure that your virus signatures are up to date. This email spread especially by email spoofing. I have been made aware of this by some Feiseanna that I sent them an attachment and they are unable to open it. If you are unsure, please contact me. More information is available at SARC

Email spoofing

  • This worm often uses a technique called "spoofing." When the worm performs its email routine, it can use a randomly chosen address it finds on an infected computer as the "From:" address. Numerous cases have been reported in which users of uninfected computers received complaints that they sent an infected message to someone else.

    For example, Linda Anderson is using a computer infected with [email protected] Linda is not using an antivirus program or does not have the current virus definitions. When [email protected] performs its emailing routine, it finds the email address of Harold Logan. The worm inserts Harold's email address into the "From:" portion of an infected message, which the worm then sends to Janet Bishop. Then, Janet contacts Harold and complains that he sent her an infected message, but when Harold scans his computer, Norton AntiVirus does not find anything because his computer is not infected.

    If you are using a current version of Norton AntiVirus, have the most recent virus definitions, and a full system scan with Norton AntiVirus, which is set to scan all the files, does not find anything, you can be confident that your computer is not infected with this worm.
  • There have been several reports that, in some cases, if you receive a message that the virus has sent using its own SMTP engine, the message appears to be a "postmaster bounce message" from your own domain. For example, if your email address is [email protected], you could receive a message that appears to be from [email protected], indicating that you attempted to send an email and the attempt failed. If this is the false message sent by the virus, the attachment includes the virus itself. Of course, such attachments should not be opened.
  • The message may be disguised as an immunity tool. One version of this false message is:

    Klez.E is the most common world-wide spreading worm. It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technic,most common AV software can't detect or clean it.We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once,and then Klez will never come into your PC.

    NOTE: Because this tool acts as a fake Klez to fool the real worm,some AV monitor maybe cry when you run it. If so,Ignore the warning,and select 'continue'. If you have any question,please mail to me.

If the message is opened in an unpatched version of Microsoft Outlook or Outlook Express, the attachment may be automatically executed. Information about this vulnerability and a patch are available at:


Questions or comments about website:
Copyright © 2002, 2003. 2004 ,2005 & 2006 NAFC &  Achill Computer Services
Last Updated: 08/02/07