Unwelcome Visitor

His name is Klez and he may be visiting in your home or office right now creating havoc without your knowledge. Based on my experiences in the past few weeks I firmly believe this little demon is running rampant in the local real estate community and may very well be damaging mine and your reputation as you are reading this letter. What does this have to do with home inspections? Not a thing, but it has much to do with mine and your business and personal relations with everyone with whom we have computer contact and beyond. Please bear with me and allow me to explain my concern and why I am dealing with this topic. I will tell you what it is, what it does, why I am so concerned about it, why you should be concerned, what to do about it and how, hopefully, to keep something like this from happening to you or prevent it happening again. 

This week I received a call from a complete stranger who is a retired Realtor. This gentleman was very concerned that a friend in Lexington Kentucky's computer had been infested with a computer virus, which had also infected his computer, and that it had come from me. He was alarmed and didn't have any idea what to do about it. You don't know me very well, but if you did you would know that I take this computer virus issue very serious. The reason is that over the years I have had four major confrontations with them. I take exhaustive measures to protect my computers. The fact that these two people, who I don't even know, were convinced that their computers were infected by a virus, which came for me, was not only alarming but upsetting to me. I immediately dived into the issue. The first thing I was able to determine was that my systems were not infected and that it did not come from me, but that it probably did come from one of you and that I was not the only one being spoofed as the culprit in infecting other peoples systems but that many of you may be as well. 

What it is: The little devil is called "W32.Klez.H@mm", it also has other names and derivatives, and it is what's know as a worm computer virus. This virus infects Windows 95, Window 98, Windows NT, Windows 2000, Windows WP, Windows Me. It does not affect Macintosh, Unix or Linux. 

What it does: It spreads by e-mail and shared networks and it is very possible, if you do not have or have not kept your virus protection program properly set up and up to date, that you have this thing on your computer and it is sending itself out to everyone who has ever sent a e-mail to you or who's e-mail address is on your system. It searches your system for e-mail addresses and sends out e-mail messages to these addresses (without your knowledge) with itself as an attachment. It randomly chooses one of your files to send along with itself to recipients. I hope its not a compromising picture, or a personal financial document. 

Why I am so concerned about it: This worm often uses a technique know as "spoofing." When it performs its email routine it can use a randomly chosen address (LIKE MINE OR YOURS) that it finds on an infected computer as the "From:" address, numerous cases have been reported in which users of uninfected computers received complaints that they sent an infected message to someone else. I can attest to this. I am getting these messages now. I have also experienced the next one: The infected e-mail comes as a "postmaster bounce message." The message indicates that you attempted to send email and the attempt failed. The virus is attached. I am being inundated with these. I am also receiving it disguised as an immunity tool. Here is a copy of the message from one this week: 

"Klez.E is the most common world-wide spreading worm. It's very dangerous by corrupting your files. Because of its very smart stealth and anti-anti-virus technique, most common AV software can't detect or clean it. We developed this free immunity tool to defeat the malicious virus. You only need to run this tool once, and then Klez will never come into your PC. NOTE: Because this tool acts as a fake Klez to fool the real worm, some AV monitor maybe cry when you run it. If so, Ignore the warning, and select 'continue'."

Why you should be concerned: The things mentioned above are good reasons, but here are some more. I am being hit by as many as twenty e-mails per day which have a file attachment infected with this virus, many of which are, or appear to be, coming from those who receive this newsletter. This virus attacks and neutralizes virus protection programs, which are not properly set up, or are not kept up to date on a weekly basis rendering them useless leaving you without protection when you may think you are safe. 

What to do about it: You can find information on this virus at this link. You may be able to simply click on it. If not copy and paste it into your web browser: http://www.sarc.com/avcenter/venc/data/w32.klez.h@mm.html 

Symantec Corporation (Norton Ant-Virus) provides a tool available on-line to remove infections of all know variants of W32.Klez and a similar W32.ElKern. I used it this week to clean the guys system who called me. This is the easiest way to remove these threats and should be tried first. You can get the tool and instructions on how to use it here: http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html You may be able to click on this link. Be very careful to follow the detailed instruction to the letter. 

How to keep something like this from happening to you or happening again:

1. Keep the upgrades to your operating system "security patch's" up to date. This is done by clicking on "Windows Update" downloading and installing the files. You should do this once a month at minimum.
2. Upgrade to the latest Virus Protection Program and update it weekly.
3. Never ever download any file from a e-mail without first verifying that it was sent to you on purpose by a trusted person. Don't touch it, don't click on it. Under no circumstances should you ever download even a trusted file without first scanning it for viruses.
4. Don't load any file on your computer from any source by any method without first scanning it for viruses.
5. Visit my web site and read the article titled "Computers In Our Work and Play" clicking on it should take you there, if not the address is "http://www.chrisdhilton.com/newsletters/computers_in_our_work.htm" This article has great information on how serious this issue is and on protecting yourself from computer viruses.

I hope you have not been infected with this little devil, and if you have been, that you can clean it without much difficulty. Sorry for straying from my subject of home inspections, but if our roles were reversed I would appreciate the same from you. If you have been infected I would like to know. Drop me a note. 

Thought for the week
 
"Don't be foolish, be vigilant and protect yourself."