virus rejections

[drtom]

XP Pro, PIII - 866
This is probably not related to the forum but I hope someone can give me a heads up.
I am receiving the odd rejection email from unknown senders that tell me my message to them (which I didn't send) is infected. There may or may not be attachments with the messages. My definitions are up to date and when I run tools from Symantec nothing is found. Can anyone give me a clue please?
Thanks

 

[gpalmer711]

If you are not sending these emails then you should deffinatly not rely on Norton AntiVirus as your only defence. While it is a good application, it often misses things, I know to my cost.

Take a look at Smah's great FAQ FAQ760-3862 and try at least two of the online scanners.

I personally prefer the Trend Micro and Panda ones.

You should also run some good Spy/Adware checkers such as AdAware and SpyBot.

If that does not help then either post the subject lines of the emails here or do a search of them on google.

Most emails that self replicate have a set list of subject lines. Once you can tally the subject line to the virus, removal should be easier.

Greg Palmer
Free Software for Adminstrators

http://www.palmersoft.co.uk

 

[Lemon13]

I am receiving the odd rejection email from unknown senders that tell me my message to them (which I didn't send) is infected" - the point is you didnt send! just delete them, its either spam, they want to confirm your email adress (to sell) or the attachment is infected.

 

[gpalmer711]

I disagree with Lemon13, If i ever receive an email from somebody which contains an infected file I will always reply and tell them. Also make server side antivirus suits will automatically send the sender an email informing them that the email contained a virus and that they should resend without the attachment.

Also alot of viruses and worms, spread so quickly because they email themselves from your machine without you knowing about it.

That being said if you receive an email like you have stated and it has an attachment, like Lemon13 says don't open it. As this is one of the techniques the virus writers use.

Greg Palmer
Free Software for Adminstrators

http://www.palmersoft.co.uk

 

[bcastner]

All,

I often receive posts that Norton AV wants to block. As a fairly good "Net citizen" I make sure that I am not sending out worm or SPAM emails.

But I cannot say the same for everyone I ever emailed, or who emailed me. I regularly get the notices that Forum Member drtom raised as an issue.

drtom,

Someone else has your email address in their address book, and is infected with one of many common internet worms.

Because many of these malwares spoof themselves, there is little you can do from the email address information to resolve the issue.

The only thing you can do is to make absolutely certain that you workstation is clean. See faq608-4650 for a recipe approach to a good cleanup.

Again, it is very likely that some other computer is generating this mail. Clean you own machine, and then just ignore the email about issues. Hopefully in the end others will clean their machines (to includes your email address) and the issue will disappear.

Best wishes,
Bill Castner

 

[drtom]

My machine is clean as per Norton and Spy-Bot. As a rule I don't open attachments from those I don't recognize and even some that I do. I shall try the suggestions on the additional articles and move on.
Thank everyone.
Doc

 

[bcastner]

That is about all you can do.
As a fairly good "Net citizen"

I hate this too.
Bill

 

[AnalogAnomaly]

I use F-Secure at work and Kapersky Labs/Bit Defender at home for anti-virus. I also use mail washer pro at work.. at home i don't use pop3 for e-mail. Rither way i always scan attachments first, if i get something saying my message was rejected (happens at work, not at home) i close out of the e-mail app, disconnect from the network, scan the system for spyware and virii, then delete the e-mail if nothing is found. You see people will send you that kind of message with a virus or trojan in it, it's called social engineering. The "love bug" virus that went out a few years back used the same kind of delivery method, people see something in their in-box and have to open it. There were a few articles in another forum regarding OCD and end-users which I can relate to. Being click-happy will get you in to more troble. Just because it's there and you MIGHT be missing something, doesn't mean you should open it. Yes, it's also entirely possible that someone's using an app to generate fake e-mail, and listing your e-mail address as the false source. It's very easy to do. Scan your system for virii and trojans, then delete the e-mail, don't bother replying to it, even if you find something, if it's legit it was sent automaticly by one of the SMTP servers processing the mail. No human will likely ever see your reply, and if it's fake.. you may just be put on a list for more attacks. My opinion on norton is that it's crap, especially system-works which is just about as bad as mcaffe and AVG, panda i haven't used, nor am I likely to ever use. Trend Micro's pc-cillin isn't that great either.

Yes, I'm biased and opinionated. It's worked out quite well for me. Hope this offers some semblance of insight.

Best of wishes,
Analog Anomaly