Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

Virus sent from my address

Options
  • 04-05-2004 10:51pm
    #1
    eirebhoy
    Closed Accounts Posts: 14,013 ✭✭✭✭


    I got the following e-mail a few minutes ago:
    The following message had attachment(s) which contained viruses:

    From : *****@hotmail.com
    To : *****@setanta.com
    Subject :
    Date : Tue, 4 May 2004 22:45:47 +0100
    Message-ID:

    Attachment Virus name Action taken
    cf190937938.att Exploit.IFrame.FileDownloadRemoved
    message.scr I-Worm.NetSky.q Removed
    I have never sent an e-mail to setanta. If their was a virus sent from my e-mail account, could I have one on my PC?

    Ta.


Comments

  • Options
    #2
    ColmOT [MSFT]
    Closed Accounts Posts: 545 ✭✭✭ColmOT [MSFT]


    It's more than likely someone is spoofing your email address somewhere else.

    Don't forget that email has no inherent security built into it, so it's pretty easy to spoof someone's email address.

    I get non-delivery receipts like these every other day and I know I don't have a virus on my machines....


  • Options
    #3
    eirebhoy
    Closed Accounts Posts: 14,013 ✭✭✭✭eirebhoy


    OK, Cheers Colm.


  • Options
    #4
    bennyc
    Registered Users Posts: 1,907 ✭✭✭bennyc


    good link for a quick scan of your PC Stinger

    Download this and run a scan on your PC if there is anything on it it will clear it for the time. Although you will still need the latest DAT files from your AV software.


  • Options
    #5
    sceptre
    Registered Users Posts: 19,608 ✭✭✭✭sceptre


    Along with what Colm said, there's always a chance that the virus is on their machine, the virus is coded to send these bounce messages to mailbox contacts and the @setanta.com address is the spoofed one. Can't remember which virus does this but it's one of the more recent ones.


  • Options
    #6
    eirebhoy
    Closed Accounts Posts: 14,013 ✭✭✭✭eirebhoy


    I got the following e-mail today:
    Attention: *****@hotmail.com


    A virus was found in an Email message you sent.
    This Email scanner intercepted it and stopped the entire message
    reaching its destination.

    The virus was reported to be:

    Worm.SomeFool.P


    Please update your virus scanner or contact your IT support
    personnel as soon as possible as you may have a virus on your system.


    Your message was sent with the following envelope:

    MAIL FROM: *****@hotmail.com
    RCPT TO: ***@uninova.pt

    ... and with the following headers:

    ---
    MAILFROM: *****@hotmail.com
    Received: from 83-70-34-57.bas2.prp.dublin.eircom.net (HELO uninova.pt)
    (83.70.34.57)
    by nospam.uninova.pt with SMTP; 5 May 2004 16:21:17 -0000
    From: *****@hotmail.com
    To: ***@uninova.pt
    Subject: Re: Thank you for delivery
    Date: Wed, 5 May 2004 17:25:32 +0100
    MIME-Version: 1.0
    Content-Type: multipart/mixed;
    boundary="----=_NextPart_000_0016----=_NextPart_000_0016"
    X-Priority: 3
    X-MSMail-Priority: Normal
    I am with Eircom so that is probably my IP. I have done a virus scan at housecall and it found nothing. Any idea's? BTW I haven't sent an e-mail from this address in about a month.

    Cheers.

    Also, I sent a CV to someone yesterday from my eircom address and they gave me a phone call this morning saying their was a virus detected in the mail. I have deleted the CV.


  • Advertisement
  • Options
    #7
    yossarin
    Registered Users Posts: 932 ✭✭✭yossarin


    I read an article recently about the huge amounts of bounce back spam being generated by virus guards (often when the virus is a known email address spoofer). Interesting stuff, how the bounce back feature is being used to spam people with scary advertisements for virus guards.

    i can't find it, but heres a link to the MS page with the sasser pach instead :)

    eirebhoy ! don't delete the CV ! I hope you have a text copy of it ! it might have just been a macro in the file or somthing. system admins quite often overreact as they've bigger fish to fry.

    what virus guard are you running ? www.grisoft.com AVG is a good free one.
    If your're worried about a particular virus, do a google on "<<virus name>> symmantec" and you'll get a link to a fix tool in most cases.


  • Options
    #8
    eirebhoy
    Closed Accounts Posts: 14,013 ✭✭✭✭eirebhoy


    Originally posted by yossarin
    eirebhoy ! don't delete the CV ! I hope you have a text copy of it ! it might have just been a macro in the file or somthing. system admins quite often overreact as the've bigger fish to fry.

    what virus guard are you running ? www.grisoft.com AVG is a good free one.
    If your're worried about a particular virus, do a google on "<<virus name>> symmantec" and you'll get a link to a fix tool in most cases.
    I copied and pasted the CV into Word pad, it was previously on Microsoft Works Word Processor.

    I am using Norton BTW.


  • Options
    #9
    yossarin
    Registered Users Posts: 932 ✭✭✭yossarin


    I know that netsky has the amusing habit of turning off active scanning in norton.

    are you still worried about having a virus , or is this just good ole healthy paranoia ?


Advertisement