| View Question |
|
|
 | ||
|
| Subject:
computer virus found
Category: Computers > Security Asked by: oldbulldog-ga List Price: $10.00 |
Posted:
30 Apr 2004 08:04 PDT
Expires: 30 May 2004 08:04 PDT Question ID: 338811 |
I received the following message back in connection with an innocent
message sent to a friend..one to whom I have sent hundreds of
messages. It had no offensive language.
"Antigen for Exchange found application.zip->document.txt
.exe infected
with VIRUS= W32/Netsky.p@MM (NAI) worm.
The message is currently Purged. The message, "Re: hi", was
sent from lormar@bentonrea.com and was discovered in SMTP Messages\Inbound
located at Thomson/MITCHELL/MAIL71NT."
My innocent message was as follows:
"Hi:
I have been have a heck of a time with the neuropathy in the feet plus I
think an ingrown big toe nail. MISERABLE ALL IS I CAN SAY.
Planting dahlias like crazy and many other things we ordered. MUCH HELP.
Dinner with Brundage Monday night. They say I can drive after 24 hours. I
will drive more appropriately....no Barney Oldfield
Car getting a new "motor mount." Poor old thing ..just like its owner.
I HURT!'
My question: WHAT IS GOING ON HERE? IS SOMEONE EVES-DROPPING WITH A
COOKIE PERHAPS? WHY WOULD I GET SUCH A RESPONSE FROM MY INNOCENT
MESSAGE WITH NO OFFENSIVE LANGUAGE OR ATTACHMENT WITH A CHANCE FOR AN
INCLUDED WORM.
MY COMPUTER IS CHECKED DAILY FOR VIRUSES ETC BY NORTON
OLDBULLDOG | |
|
| ||
|
| Subject:
Re: computer virus found
Answered By: antivirus-ga on 03 May 2004 06:41 PDT |
Hi Oldbulldog, You gave a great description of the problem! Unfortunately, Antigen for Exchange was not as clear in its reporting to you! What Antigen was actually alerting on was a message with the *subject* line of "Re: hi". It had nothing to do with the message you sent to your friend. The timing was just coincidental. The Netsky.P worm spoofs the From sender. In fact, most new email worms spoof the From sender. This means that someone you know (or who has your email address somewhere on their system) has become infected and the virus is being sent from THEIR machine in YOUR name. Nice, huh? This doesn't even have to be someone you've corresponded with in the past, but just someone who for some reason or another has your email address somewhere on their system and is now infected with the worm. The Netsky worm searches a wide range of file types in search of addresses, including text files, document files, cached web pages, and the address book. Antivirus software isn't smart enough to distinguish a spoofed sender and so sends the alert to a perfectly innocent party. In fact, this erroneous alerting becomes quite a large part of the problem! Ironically, the person least likely* to be infected is the one whom the antivirus alert is accusing. A complete technical description of Netsky.P may be found here: http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky.p@mm.html For background info on Netsky, see "War of the worms": http://antivirus.about.com/b/a/069462.htm Also of interest, "Spoofing in no joke": http://www.orps.state.ny.us/ref/pubs/survey/may04/story1.htm Hope this helps! Regards, Antivirus |
| ||
|
| Subject:
Re: computer virus found
From: diego1982-ga on 01 May 2004 06:34 PDT |
Maybe you donīt have a virus. A friend of yours, that has your email account in its address can be infected. So It is sending virus to the people of the address book from email random email address from its address book |
If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you. |
| Search Google Answers for |
| Google Home - Answers FAQ - Terms of Service - Privacy Policy |