Viruses being sent through my email?

Discussion in 'Computers' started by NickSo, Aug 20, 2003.

  1. NickSo

    NickSo Producer

    Joined:
    Jul 2, 2000
    Messages:
    4,260
    Likes Received:
    0
    Trophy Points:
    0
    Real Name:
    Nick So
    Today i received a bunch of emails that said i was sending out a virus, some were from the email servers itself notifying me, others were Mail Delivery system failure messages that contained the virus.

    It is the w32/[email protected], however, i've run the remover tool on all my computers on my network, and they all said I did not have it. I checked the headers of my email, and it all showed something similar:

    Received: from NATHAN (adsl-68-75-101-97.dsl.toldoh.ameritech.net [68.75.101.97])
    by mail.chumwindsor.com (8.12.6/8.12.6av) with ESMTP id h7KHKlGD020328 for ; Wed, 20 Aug 2003 13:20:49 -0400 (EDT) (envelope-from [email protected])

    Received: from adsl-68-75-101-97.dsl.toldoh.ameritech.net (HELO NATHAN) (68.75.101.97) by 207.44.130.92 with SMTP; 20 Aug 2003 15:39:04 -0000

    [email protected] is my email address, but i have no idea who NATHAN using AMERITECH internet is. I use TELUS ADSL in canada, so it can't be me. Im thinking that the virus is originating from NATHANs computer, and for some reason sending it through my HOTMAIL email address.

    What can I do about this? Email the tech support at ameritech?
     
  2. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Joined:
    Feb 27, 2000
    Messages:
    1,528
    Likes Received:
    0
    Trophy Points:
    0
    Ignore it. The virus uses other sender addresses and they weren't in fact sent by you.

    This is why autoresponders for stuff like viruses and spam are more trouble than they're worth, IMHO.
     
  3. JamesHl

    JamesHl Supporting Actor

    Joined:
    May 8, 2003
    Messages:
    813
    Likes Received:
    0
    Trophy Points:
    0
    Forged headers, probably.
     
  4. Gabriel_Lam

    Gabriel_Lam Screenwriter

    Joined:
    Mar 7, 2002
    Messages:
    1,402
    Likes Received:
    0
    Trophy Points:
    0
    Your email address was spoofed. Not much you can do about it.

    Don't feel bad. In the last 2 days, I've received over 800 of those spoofed from my email address, and another 5500 (no mistake, 5500) w32/sobig.f infected emails.
     
  5. Chris

    Chris Lead Actor

    Joined:
    Jul 4, 1997
    Messages:
    6,788
    Likes Received:
    0
    Trophy Points:
    0
    Yep. SoBig goes through a persons mailbox and will emulate anyone that person has ever received mail from. Nice.
     
  6. Tekara

    Tekara Supporting Actor

    Joined:
    Jan 8, 2003
    Messages:
    783
    Likes Received:
    0
    Trophy Points:
    0
    makes sense, i was one of the people that recieved an email from your address and I believe I sent back a reply about the virus.

    I think an email spider must have perused this forum and just picked a random victim to spoof and sent emails to selected targets from the list it got from these forums.
     
  7. BrianB

    BrianB Producer

    Joined:
    Apr 29, 2000
    Messages:
    5,205
    Likes Received:
    1
    Trophy Points:
    0
     
  8. John Thomas

    John Thomas Cinematographer

    Joined:
    Mar 23, 2000
    Messages:
    2,633
    Likes Received:
    0
    Trophy Points:
    0
    ...and so much more attention is given to the "pirates" of music/movies. How about throwing the bulk of that weight and attention towards these script kiddies and other schmucks creating these virii?
     
  9. Ronald Epstein

    Ronald Epstein Founder
    Owner

    Joined:
    Jul 3, 1997
    Messages:
    49,229
    Likes Received:
    5,996
    Trophy Points:
    9,110
    Real Name:
    Ronald Epstein
     
  10. Kimmo Jaskari

    Kimmo Jaskari Screenwriter

    Joined:
    Feb 27, 2000
    Messages:
    1,528
    Likes Received:
    0
    Trophy Points:
    0
    Yeah, this darn critter was the straw that broke the camels back at work, I'm installing a virus filter on the incoming mail stream tomorrow. Been avoiding it since it is bound to become at least a minor pain in the butt with wrongfully quarantined mail etc, but at the moment it seems like the lesser of the two evils.

    As for going after pirates... well, the movie studios and music companies are only bribing the politicians to go after copyright violators, they don't really care about virus writers. [​IMG]
     
  11. JamesHl

    JamesHl Supporting Actor

    Joined:
    May 8, 2003
    Messages:
    813
    Likes Received:
    0
    Trophy Points:
    0
     
  12. NickSo

    NickSo Producer

    Joined:
    Jul 2, 2000
    Messages:
    4,260
    Likes Received:
    0
    Trophy Points:
    0
    Real Name:
    Nick So
    Ah, that makes sense...

    Yeah, i was reading the headers it said it was sent by outlook express, i chekced my computers, they all had different versions of outlook than the one listed, and I use hotmail normally and not outlook...

    Bah, at least i didnt get as many today...
     
  13. John_Berger

    John_Berger Cinematographer

    Joined:
    Nov 1, 2001
    Messages:
    2,489
    Likes Received:
    0
    Trophy Points:
    0
    Gee. I use Eudora and my system didn't get a chance to execute any of these virii because (shock!) Eudora doesn't perform automatic execution of any attachments! How about that?

    So ... I must ask ...

    How many more of these virii must people get slammed with before they start to think that "Hmmm. Maybe - just maybe - I should start using something other than Outlook or Outlook Express"?
     
  14. Ronald Epstein

    Ronald Epstein Founder
    Owner

    Joined:
    Jul 3, 1997
    Messages:
    49,229
    Likes Received:
    5,996
    Trophy Points:
    9,110
    Real Name:
    Ronald Epstein
    Don't use Outlook or Outlook Express.

    Viruses are targeted towards those programs.

    I use PocoMail, a
    really great Email program that will not launch any
    virus it downloads.

    Switched to PocoMail after being a Eudora
    user for years. However, I hear Eudora 6 has some
    new anti-spam tools.

    What is going to happen with this sobig virus? How
    much longer must I endure hundreds of these virus-filled
    emails being sent to me daily?
     
  15. brentl

    brentl Cinematographer

    Joined:
    May 7, 1999
    Messages:
    2,921
    Likes Received:
    1
    Trophy Points:
    110
    As an option I;ve always used Yahoo mail. Although it may not work for Ron it's great for somebody that anly gets a few personal emails a day.

    Brent
     
  16. Gabriel_Lam

    Gabriel_Lam Screenwriter

    Joined:
    Mar 7, 2002
    Messages:
    1,402
    Likes Received:
    0
    Trophy Points:
    0
    Outlook automatically blocks .pif and .scr attachments, along with .exe and a bunch of others. You couldn't run it if you wanted to, unless you edit your registry and add those specific keys.

    If you want to actually run the virus, you have to regedit, and go here:

    HKEY_CURRENT_USERSoftwareMicrosoftOffice10.0O utlookSecurity

    Add a new string value:

    Level1Remove

    and modify that value:

    .pif;.scr;.exe

    Not many people do I'm guessing.

    My coworker got it even worse than I did:

    [​IMG]
     
  17. Kevin P

    Kevin P Screenwriter

    Joined:
    Jan 18, 1999
    Messages:
    1,439
    Likes Received:
    0
    Trophy Points:
    0
     
  18. John_Berger

    John_Berger Cinematographer

    Joined:
    Nov 1, 2001
    Messages:
    2,489
    Likes Received:
    0
    Trophy Points:
    0
     
  19. Ronald Epstein

    Ronald Epstein Founder
    Owner

    Joined:
    Jul 3, 1997
    Messages:
    49,229
    Likes Received:
    5,996
    Trophy Points:
    9,110
    Real Name:
    Ronald Epstein
    Watch the latest MSNBC News report here:

    Click Here

    (broadband users only)
     
  20. ChrisMatson

    ChrisMatson Cinematographer

    Joined:
    Dec 14, 2000
    Messages:
    2,181
    Likes Received:
    0
    Trophy Points:
    110
    Thanks for the link, Ron. I am getting messages that say I am sending the virus, but all of the latest virus updates indicate that I am not infected. I have also downloaded all of the patches for XP. I guess that some people that have me listed in their address book have been infected and the virus/worm sends itself in my name. This thing is frustrating as hell.
     

Share This Page