|
|
|
Is anyone else recieving Virus' apparently from my retro-rides.com email account,..?
I've been recieving a load into the account and now DarrenW tells me he has had a few out of the account,..
Just want to know if it is an isolated case or if my mail account is spamming virus' all over the place.
-David
|
|
|
|
|
|
|
|
Likely a signed up member somewhere has it, and has the R-R email address in their address book, or in a temporary internet file. That is how most of the current crop work. Use an infected 3rd party probably known to all others getting mails so that it has a ready made address list to send between.
I receive bucket loads from the admins at my own domain telling me my account is infected/damaged/compromised, and to run an update. Problem is I'm the only admin for my domain, and run it completley with only about 4 email addresses on it, and yes the update is actually a virus.
I delete roughly 2-300 a day of Swen/Mydoom/Netsky/Bagle (mainly still swen, but a couple of each of the others) and even see them coming through on some of the car related mailing lists that are supposed to be AV/Spam protected.
|
|
|
|
|
|
|
Yeah I guess thats whats happening my end,.. all virus' get deleted, before being read,.. basically if I don't know the name and its got an attatchment it won't even get opened,..
Annoyingly it seems that it is coming from my account now as well, which is very strange as I'm certainly not enfected, maybe its spoofing,..
|
|
|
|
|
Virus'!DarrenW
@darrenw
Club Retro Rides Member 74
|
|
The weird thing about the ones I got from you HoTWire is that the attachments are password encoded, with the code in the email. I think this is the reason why they are getting past my AVG - which normally deletes the attachment.
interesting!
|
|
|
|
skim
Part of things
![*](//storage.proboards.com/forum/images/stars/star.png)
Posts: 23
|
|
|
If you run Outlook, open the email, click on View & select options You should then see the IP address in the Internet headers & hopefully you might be able to trace it back to a user of the forum
|
|
|
|
|
|
|
The weird thing about the ones I got from you HoTWire is that the attachments are password encoded, with the code in the email. I think this is the reason why they are getting past my AVG - which normally deletes the attachment. interesting! Sounds like Netsky then. Sends the virus (only sometimes) as a password protected zip, and sends the password in the email.
|
|
|
|
skim
Part of things
![*](//storage.proboards.com/forum/images/stars/star.png)
Posts: 23
|
|
|
I've seen Netsky on a customer PC & after running AVG - it picked up over 6000 infected files!!!! Bloody thing was everywhere
|
|
|
|
|
Virus'!iRocco
@1380checkm8
|
|
Yes, I got 4 the other day from your rr account - f*ucked up my phone good and proper for a couple of hours!
|
|
![](http://www.sloganizer.net/en/style3,iRocco.png) I like long walks, especially when they're taken by people I don't like.
|
|
|
|
|
curse word,.. sorry dude,.. I'll have a looksee at whats going on,.. I should be virus free,..
|
|
|
|
|
Virus'!iRocco
@1380checkm8
|
|
nuts,.. sorry dude,.. I'll have a looksee at whats going on,.. I should be virus free,.. Bet all the women say that about you HoTWire!! ![;)](//storage.proboards.com/forum/images/smiley/wink.png)
|
|
![](http://www.sloganizer.net/en/style3,iRocco.png) I like long walks, especially when they're taken by people I don't like.
|
|
|
|
|
|
nuts,.. sorry dude,.. I'll have a looksee at whats going on,.. I should be virus free,.. You will be mate, the mails are "Apparently" from you. if you can check the headers of the mail, it will show the sending server, in the case of these Virii, it is usually a built in SMTP engine within the worm, and the address listed will be that of the infected sending computer, although it isn't unknown for them to spoof the sending address too.
|
|
|
|