virus?!
polycounter lvl 18
Urgh, this cant be so. How the hell do I pick this crap up?
So, my e-mail is acting very oddly. Basically, almost every day in my comcast account, I get several messages that *appear* to be returned mail. i.e mail that bounces back to me that didn't make it to it's destination. And yet I never sent any mail and they're always addresses that I don't recognise.
Subject headings such as 'Returned mail: Service unavailable' from 'Mail Delivery Subsystem [MAILER-DAEMON@aol.com]' or 'Undelivered Mail : Unknown user' is the kind of crap Im getting.
I'm not opening them of course, but even without ever having done that, this seems weird.
Norton AV isn't picking anything up. If this weirdness looks familiar to anyone I'd be curious to find out what it is.
thanks.
So, my e-mail is acting very oddly. Basically, almost every day in my comcast account, I get several messages that *appear* to be returned mail. i.e mail that bounces back to me that didn't make it to it's destination. And yet I never sent any mail and they're always addresses that I don't recognise.
Subject headings such as 'Returned mail: Service unavailable' from 'Mail Delivery Subsystem [MAILER-DAEMON@aol.com]' or 'Undelivered Mail : Unknown user' is the kind of crap Im getting.
I'm not opening them of course, but even without ever having done that, this seems weird.
Norton AV isn't picking anything up. If this weirdness looks familiar to anyone I'd be curious to find out what it is.
thanks.
Replies
It took me a day to get rid of it, running every visus checker and spyware program I could find. I can't tell you how it eventually went, but I know I used
Spybot
Adaware
MS Anti Spyware
AVG Virus
Sophos free download thing
It went, but that was after running each several times.
If its just one or two messages, tis probably not that, but when it gets so that you are receiving an email a second....you've got a problem.
Basically DaZ, if you are getting like 5-8 of these a day, it probably isn't anything related to your machine being infected, it's probably just more junk. If you ran your A/V software and the malware cocktail that Rick recommended you should be OK.
But yah, as said above, if you are getting 10-20 an hour or something....yah, you might have gotten whacked.
A few of the viruses/worms writers out there decided that just relying on someones address book wasn't good enough to find e-mail addresses. These viruses use e-mail addresses for two purposes, as an address to try and infect, and also an address to spoof the e-mail from. The spoofing helps to slow down the "Hey Joe, I got a virus from your e-mail, run your scanner" type responses to get rid of them.
Anyhow, these newer ones now scan through the web browser cache for any e-mail addresses it can find. Thus, if a person who say in theory visited your home page got infected, the virus would find your e-mail address in the internet explorer cache and start using it to spoof from and as a target.
The fix to this is to obscure or change the e-mail address you post to any web site or web board. Once their cache gets emptied, it should die out.
I get quite a few of these bounces when a new version of some e-mail virus comes out, due to a web board I administer elsewhere. The viruses catch the admin e-mail link at the bottom of the page and use it quite a bit. To counter this, I just filter out the returned mail messages to that address, and also change it about every 2-3 months. It sucks to have to do so, but it avoids unnecessary traffic on the mail servers. Sadly these days most mailservers see a higher percentage of viruses and spam messages then they do legitimate e-mail.