Google Answers Logo
View Question
 
Q: is my computer sending out spam? ( Answered 5 out of 5 stars,   0 Comments )
Question  
Subject: is my computer sending out spam?
Category: Computers > Internet
Asked by: gnossie-ga
List Price: $15.00
Posted: 10 Aug 2005 04:54 PDT
Expires: 09 Sep 2005 04:54 PDT
Question ID: 553931
I've heard that computers can be hijacked and be made to send out
spam:  can this also happen to hotmail?

I recently received the following email message in my Hotmail inbox:

"This is an informative message sent by Kerio MailServer 6.0.10 at
omega.agenda.net.

Your mail message did not pass the server content filter:

From: <myemail@hotmail.com>
To: <somebodyelse'semail@jmadv.com>
Subject: Re: Bad Request
Date: Mon, 8 Aug 2005 14:26:58 -0800

Problem: Virus found
MIME type: application/octet-stream
File name: details.zip
Virus name: W32/Netsky.p@MM!zip
Antivirus: McAfee Scanning Engine (4552/4.4.00)

All invalid attachments of the message were deleted and the message was
delivered to the recipient."

The only text I have changed is my email, and the email of the person
who supposedly sent the virus.  The email says it was from
postmaster@omega.agenda.net, which I don't think is the Hotmail
people.

The thing is, I never sent an email to any address remotely like that,
much less a virus-laden one!  I'm innocent!

And I somehow doubt that this email is in itself a sort of spam or
phishing, since there's no URL to go to, or product to buy.

So why did I receive it if it's false?

Anyhow, 15 bucks if you can tell me what's going on.
Answer  
Subject: Re: is my computer sending out spam?
Answered By: theta-ga on 10 Aug 2005 05:48 PDT
Rated:5 out of 5 stars
 
Hi gnossie-ga,
    Rest assured that neither your computer nor your hotmail account
have been hijacked. The virus laden email was sent from a computer
that had been infected by the Netsky worm. This worm scans the hard
disk of the infected computer looking for email addresses, and then
mails itself to these addresses using a spoofed 'From' field for these
emails. The From field is usually filled with one of the email
addresses it found on the disk.
    So, the most likely scenario is that the worm infected the system
of someone who had your hotmail address on disk. It then proceeded to
email itself to the addresses it found, using random addresses in the
'From:' field. As it happened,  the omega.agenda.net server received
the mail which had your hotmail address in the From field, and
automatically notified you.
    More information on this worm can be found here:
        - W32.Netsky.P@mm
          (http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky.p@mm.html)
    In case you want to scan your system for this worm, you can use
the removal tool found here:
        - W32.Netsky@mm Removal Tool
          (http://securityresponse.symantec.com/avcenter/venc/data/w32.netsky@mm.removal.tool.html)

  I myself had a run in with this worm last year when I suddenly
started receiving around 4-5 virus notification emails from a local
business here. Since I had never mailed anyone in that company, I was
most puzzled. However, a little detective work uncovered that an
acquantaince of mine was working in that company, and had his system
infected by this worm. Now his system was sending these worm laden
emails to his collegues, with my mail id in the from field (!!), and
their updated antivirus filter was catching these mails and notifying
me. The notifications took around two weeks to subside. :)

=========================

Hope this helps. 
If you need any clarifications, just ask!

Regards,
Theta-ga
gnossie-ga rated this answer:5 out of 5 stars
Fantastic.  Exactly what I wanted to know.  And the news was good,
too!  (At least for me.)

Comments  
There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  


Google Home - Answers FAQ - Terms of Service - Privacy Policy