ThreadBoard ArchivesSite FeaturesActiveworlds SupportHistoric Archives |
is this a virus (Community)
is this a virus // CommunitycienaApr 12, 2004, 1:17am
i dont have aol and didnt send any emails and this is what was in my email
The original message was received at Sun, 11 Apr 2004 16:02:40 -0400 (EDT) from 44ba0093.pvlle.ca.charter.com [68.189.64.93] *** ATTENTION *** Your e-mail is being returned to you because there was a problem with its delivery. The address which was undeliverable is listed in the section labeled: "----- The following addresses had permanent fatal errors -----". The reason your mail is being returned to you is listed in the section labeled: "----- Transcript of Session Follows -----". The line beginning with "<<<" describes the specific reason your e-mail could not be delivered. The next line contains a second error message which is a general translation for other e-mail servers. Please direct further questions regarding this message to your e-mail administrator. --AOL Postmaster ----- The following addresses had permanent fatal errors ----- <shepherbs at aol.com> ----- Transcript of session follows ----- .... while talking to air-xh02.mail.aol.com.: <<< 550 MAILBOX NOT FOUND 550 <shepherbs at aol.com>... User unknown ---------------------------------------------------------------------------- ---- Received: from aol.com (44ba0093.pvlle.ca.charter.com [68.189.64.93]) by rly-xh03.mx.aol.com (v98.5) with ESMTP id MAILRELAYINXH39-49b4079a45c269; Sun, 11 Apr 2004 16:02:37 -0500 From: nikona at comcast.net To: shepherbs at aol.com Subject: Re: Your music Date: Sun, 11 Apr 2004 13:02:38 -0700 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0011_0000415F.0000617D" X-Priority: 3 X-MSMail-Priority: Normal X-AOL-IP: 68.189.64.93 X-AOL-SCOLL-SCORE: 0:XXX:XX X-AOL-SCOLL-URL_COUNT: 0 Message-ID: <200404111602.49b4079a45c269 at rly-xh03.mx.aol.com> zeofatexApr 12, 2004, 1:48am
Don't open any attachments, it could also mean that YOU are infected with a
virus. (Most scan for any e-mail addresses in cache or anywhere on your computer -- even if you never e-mailed them it could be in a temporary file.) I suggest you do a virus scan with a free scanner or update your software and scan your PC. [View Quote] cienaApr 12, 2004, 2:28am
thanx zeo. i scanned my puter and it was clean. i do update scanner
everyday. "zeofatex" <greg at warpedsoap.com> wrote in message news:407a039b$1 at server1.Activeworlds.com... > Don't open any attachments, it could also mean that YOU are infected with a > virus. (Most scan for any e-mail addresses in cache or anywhere on your > computer -- even if you never e-mailed them it could be in a temporary > file.) I suggest you do a virus scan with a free scanner or update your > software and scan your PC. > > [View Quote] ananasApr 12, 2004, 5:21am
Very likely that this virus (in Pittsburgh?) just uses
your email. So this mail was either an attempt of the virus to infect your PC or it was a bad or badly configured virus protection on a mail server. Some virus scanners used by ISPs send infected mail back to the address they find in the "Received from" entry and fall into the tricks of the virus. Some even help spreading the virus by _not_ removing the virus attachment. They send the virus "back" to the person that never sent it. Those AV companies are very good at their business :-/ [View Quote] andrasApr 12, 2004, 2:11pm
[View Quote]
> Very likely that this virus (in Pittsburgh?) just uses
> your email. > > So this mail was either an attempt of the virus to infect > your PC or it was a bad or badly configured virus protection > on a mail server. > > Some virus scanners used by ISPs send infected mail back to > the address they find in the "Received from" entry and fall > into the tricks of the virus. > > Some even help spreading the virus by _not_ removing the > virus attachment. They send the virus "back" to the person > that never sent it. Those AV companies are very good at their > business :-/ > Actually this is a new variant of the Netsky virus which maskarades itself as a mailer daemon and claims the mail is "returned". It has nothing to do with our Pittsburgh fellow (IP is from CA). -- Andras "It's MY computer" (tm Steve Gibson) ananasApr 12, 2004, 5:21pm
I got some with faked antivirus signature too from
our .pitt address. I will forward a few headers to security at verizon.net everyday now, maybe if we spam them they will try to track the virus "owner" [View Quote] paulApr 12, 2004, 11:43pm
Probably a virus. I've been getting a ton of these in my yahoo email,
returned email etc etc with an attachment file size of 24k. I just delete them everyday. I think Andras explained it somewhere in here. Paul [View Quote] |