You can type here any text you want

I might have a virus, suggestions?

Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!
W

WakkoSS

Senior Member
Joined
Dec 23, 2002
Messages
2,379
For the past day I've been getting return emails from MAILER-DAEMON saying my email to so and so is undeliverable, some of them say due to virus. I do not recognize the email addresses listed in the return, nor the name of the file in one of the emails (document_9446.pif). I updated my Norton AntiVirus today and did a full scan, but found nothing. I've had no responses from people saying I've sent them anything, but I'd really like to get this squared away. Anyone have a suggestion? I did a computer search for that file and found nothing in my computer.:confused:

I did a websearch for that file name and found this:
http://www.messagelabs.com/viruseye/info/default.asp?frompage=virus+information&fromurl=%2Fviruseye%2Finfo%2Fdefault%2Easp&virusname=W32%2FSobig%2EF%2Dmm but I certainly have not downloaded anything sent from someone if I didn't recognize it or if it seemed suspicious. I HAVE used Kazaa about 20 times in the past week though.
 
forum thread with links

Theres also thread on the camaro forums. I don't think thats what you have, but if your running windows xp you will have all kinds of security problems(you should do the download regardless). Good luck
 
Daemon is an admin/it program that hackers also use because its so easy to get into comp with it
I received this message before in my email, but it was because the company i received it from was hacked by a guy using Daemon, so i may not be on your comp
quick check you can do though is go to your services (start>programs>admin. tools>services) and look for Daemon/dameware, if it is there you were hacked, and just double click and change it to disabled, then get you a firewall
 
Could it be that someone else has the virus, and it's putting his email in as the return email address? When it gets refused, the email is directed to the return address? That seems to be the standard for the email viruses. I got those for about a week a while back before it stopped. Probably got 100 notifications that week.
 
Could be Bill, its been happening to me as well.

It is this virus: http://vil.nai.com/vil/content/v_100561.htm

Its spreading like crazy, I have been hit about 30 times since yeterday afternoon. Its a w32 variant and one of the file attachments it has is named document_9446.pif. If your definitions are not up to date, it will slip right past Norton.
 
I was thinking it was someone else using my name and not my actual computer doing it. I got return emails even though my AOL was shut down. Computer was connected to the DSL though. I'll try shutting the DSL down and seeing if I still get email notifications.

I looked for Admin tools under programs and couldnt find it...under something else perhaps? I am running XP.

Norton is up to date but didn't find anything.
 
Same problem here for 2 days now. I am a senior systems analyst, so I have a good handle on my PC. Anyhoo, after many emails and convo's with the email guru's at corporate, we determined that I (and 4 others in my office) DO NOT HAVE the virus. We figger that others have it and it is spoofing my name as the sender, and some systems fire back a "you've been bad" email. I also have received a barage of the initial email, but our security strips the virus attachment before it is shipped to me.
 
Many of my emails have addresses that appear to be TR owners. N2TURBO2@so and so was one of them....but some are no good. Perhaps the names were gleaned off GNTtype, here or TBS? Just dont know.
 
When someone has this virus, they usually don't know it. The virus takes a random email address from the hard drive (not just the address book) and sticks it in the email as the "from" person, and that email address as the return address. It isn't intentional. Just think about all of those forwarded email jokes, where someone forwards it without deleting all of the 200 other forwarded email addresses on it. You probably don't even know the person with the virus, and they probably don't know they have it. If someone's ISP detects the virus in the email and rejects it (AT&T does this), it will send back a rejection email to the return address--in this case, you. Even though it didn't come from you, and the guy with the virus knows nothing about it.

Or, I could be completely wrong. That did happen once before. :D
 
Sorry guys, the virusscanner out there is still from my last day of work there - back in June.

Since I don't work there anymore, no one has felt it "important enough" to continue on updating that program.

Sorry!

People, go to www.mcafee.com and download the home version of 7.0.

Trade secret - The mcafee people are so nice that their "30 day trial" never expires. You can't upgrade to the next version, but they will give you free definition updates for years. Their corporate theory is that they make the money off the corporate customers, and if a homeowner wants to download and protect themselves, Mcafee is ahead of the game and doesn't mind the lost revenue on the home product. Great bunch of people.....

ANyone without some sort of virus software that is updated frequently deserves to lose their entire hard drive. Once that happens, then they will listen and actually run some sort of virus protection. JMO!
 
Originally posted by GN One Day...
Could it be that someone else has the virus, and it's putting his email in as the return email address? When it gets refused, the email is directed to the return address? That seems to be the standard for the email viruses. I got those for about a week a while back before it stopped. Probably got 100 notifications that week.
Click to expand...
The above is correct. Many worms will substitute the senders name with that of another after it infects address books. You get the bounce message even though it wasn't sent from your PC. If you're confident your PC is clean then you have nothing to worry about.
 
Originally posted by tjthorson
Sorry guys, the virusscanner out there is still from my last day of work there - back in June.

Since I don't work there anymore, no one has felt it "important enough" to continue on updating that program.

Sorry!

People, go to www.mcafee.com and download the home version of 7.0.

Trade secret - The mcafee people are so nice that their "30 day trial" never expires. You can't upgrade to the next version, but they will give you free definition updates for years. Their corporate theory is that they make the money off the corporate customers, and if a homeowner wants to download and protect themselves, Mcafee is ahead of the game and doesn't mind the lost revenue on the home product. Great bunch of people.....
Click to expand...

Thanks again for providing that for us Todd, it has really helped me many times in the last year or so. Thanks for letting me in on that little secret about Mcafee too, I did not know that, and thats gonna help me too.
 
Well, I shut my DSL off for 4 hours and yet it still said I attempted to deliver mail, so my name must be cloned. It must have happened on this site or TBS, since most of the email addresses have something about Buicks, Turbos, Racing or similar in the titles.
 
I would change my email, And look at the last post on the link I gave. Sounds like what you may have. To bad they don't have a fix for that, yet
 
Use a condom? :D :D

What's wierd, is I haven't received any virii-laden email in months.. :confused:

I know Roadrunner is getting pretty aggressive at stopping virii at their firewall, and I run an SMC barricade FW router, with NAV 2003 (updated), but you would think I would see SOMETHING..
 
Originally posted by tjthorson

People, go to www.mcafee.com and download the home version of 7.0.

Trade secret - The mcafee people are so nice that their "30 day trial" never expires. You can't upgrade to the next version, but they will give you free definition updates for years. Their corporate theory is that they make the money off the corporate customers, and if a homeowner wants to download and protect themselves, Mcafee is ahead of the game and doesn't mind the lost revenue on the home product. Great bunch of people.....
Click to expand...

Todd, please elaborate. I went to McAfee.com and found no "30 day trial".
 
It would appear that I may have spoke too soon. I had someone call me today and told me they had their McAfee trial version shut itself down after 30 days. It would appear that the newer trial downloads do have a time limit in them.

Well, at least you have 30 days of protection for free.

You have to register with the site to download.

http://download.mcafee.com/us/eval/...rusScan+Home+Edition&img=VirusScan_retail.gif

They do have a free detection utility "freescan". That is new, within the few months (since I left the industry) and maybe that is when they turned on the time limit in Viruscan.

Good luck!
 
You must log in or register to reply here.

Similar threads

J
GBODY PARTS, I WANT A DIVORCE!!!
2
32
9K
robzombie
robzombie
N
  • Locked
I have a true story to tell. How I lost my GN @ Gbodyparts
6 7 8
142
59K
Bweavy
B
M
As it turns out, I didn't have to say a word...
8
722
jasjamz
jasjamz
M
87 GN motor in my 3000LB 87 Monte...where to start?.I have a donor car waiting!!!
2
909
monte87LS
M
A
ATTN PLEASE: I think I am getting ripped off by a member here...please help..
6
1K
FBSideoiler427
F

Online statistics

Members online
26
Guests online
6,232
Total visitors
6,258
Totals may include hidden visitors.

Newest members

Stay Connected

Back
Top