Spam, virus, or ?
07-10-2004, 04:12 PM
#1
Rennlist Member
Thread Starter
Spam, virus, or ?
I've been getting a lot of "message not delivered" type e-mails, which I have been assuming are just spam. Today, I got one that purports to be from the Rennlist Mail Server, even though I have not sent anything over the mailing list in a long time. Is this just clever spam (the purpose of which is not clear to me) or the result of a virus that I or someone else has? The message content was:
This is an automated notice sent by the Rennlist Mail Server.
Your mail message did not pass the server content filter:
From: <tomatlarge@yahoo.com>
To: <vonbulow@rennlist.net>
Subject: Mail Delivery (failure vonbulow@rennlist.net)
Date: Sat, 10 Jul 2004 12:30:51 -0500
Problem: Virus found
MIME type: text/html
File name: (none)
Virus name: Exploit-MIME.gen.c
Antivirus: McAfee Scanning Engine (4375/4.2.40)
Problem: Virus found
MIME type: audio/x-wav
File name: message.scr
Virus name: W32/Netsky.p@MM
Antivirus: McAfee Scanning Engine (4375/4.2.40)
The message was rejected by the server and was not delivered to the recipient.
Please correct all reported problems and try to send the message again.
This is an automated notice sent by the Rennlist Mail Server.
Your mail message did not pass the server content filter:
From: <tomatlarge@yahoo.com>
To: <vonbulow@rennlist.net>
Subject: Mail Delivery (failure vonbulow@rennlist.net)
Date: Sat, 10 Jul 2004 12:30:51 -0500
Problem: Virus found
MIME type: text/html
File name: (none)
Virus name: Exploit-MIME.gen.c
Antivirus: McAfee Scanning Engine (4375/4.2.40)
Problem: Virus found
MIME type: audio/x-wav
File name: message.scr
Virus name: W32/Netsky.p@MM
Antivirus: McAfee Scanning Engine (4375/4.2.40)
The message was rejected by the server and was not delivered to the recipient.
Please correct all reported problems and try to send the message again.
07-10-2004, 06:54 PM
#3
Race Director
That's why I refuse to use Outlook or Outlook Express. The built-in scripting abilities just opens up too many holes and weaknesses for viruses to exploit.
07-10-2004, 07:35 PM
#5
Race Car
Judging from the messages you posted, I believe it could be something your computer sent automatically without your knowledge and rejected by the server's virus scan IMHO.
07-10-2004, 10:57 PM
#6
Instructor
Join Date: Feb 2002
Location: New Jersey
Posts: 113
Likes: 0
Received 0 Likes
on
0 Posts
Your infected machine is sending stuff out.
You need to disinfect. Look at www.spywareinfo.com for programs which will help to cleanse.
Sometimes you need to boot in Windows Safe Mode to run the cleansing programs and delete the offending files.
try Ad-Aware, CWSchredder, HijackThis for starters. Sometimes it is also necessary to use a second ad program, like Spybot Search and Destroy as well to get all the little beasties.
You need to disinfect. Look at www.spywareinfo.com for programs which will help to cleanse.
Sometimes you need to boot in Windows Safe Mode to run the cleansing programs and delete the offending files.
try Ad-Aware, CWSchredder, HijackThis for starters. Sometimes it is also necessary to use a second ad program, like Spybot Search and Destroy as well to get all the little beasties.
07-11-2004, 04:17 AM
#7
Race Director
Here's some info on that virus: Symantec - W32.Netsky.P@mm . They have a removal tool that can be used to remove it.
