Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Need virus help

Status
Not open for further replies.
Jamaz17

Jamaz17

Technical User
Mar 31, 2004
15
CA
Hey all,

The past few days a few peoples e-mail have been bombarded with bogus e-mails, from what seems to be people on their contact lists. There are no attactments in the e-mails they have been receiving only text which say stuff like "sorry about the e-mail that didn't go through" and other stuff like that. I've done a lot of searching around and I can't find anything our virus software here (CA inoculateIT) also hasn't found anything. Does anyone have an ideas as to what it could be, it's becoming a real nuisance.
Thanks in advance for any help
 
Sort by date Sort by votes
Jamaz,

Is the message "Sorry_your_message_cannot_be_delivered._"? If so, it sounds like you might be looking at the Sober.f variant.
 
Upvote 0 Downvote
Howdy:

Odds are, their email addresses are being "spoofed".. As per Webopedia..

"Forging an e-mail header to make it appear as if it came from somewhere or someone other than the actual source. The main protocol that is used when sending e-mail -- SMTP -- does not include a way to authenticate. There is an SMTP service extension (RFC 2554) that allows an SMTP client to negotiate a security level with a mail server. But if this precaution is not taken anyone with the know-how can connect to the server and use it to send spoofed messages by altering the header information. "

Someone, that has those addresses in their contact list is infected by one of a dozen or more virii out there that spoof email address.. Until that system is found and cleaned, expect lots of these !!

Murray
 
Upvote 0 Downvote
Thanks for the info guys, I looked into the Sober virus and all the messages I am receiving are consistant with what I have now read about the Sober virus. I downloaded a removal tool for Sober from Symenantic and I'm testing computers now, although the computer that i have tested so far apear to be clean, although this is one of the computer receiving these mass amounts of e-mails.

-James
 
Upvote 0 Downvote
Nothing has to be infected on your end for your machine(s) to be receiving the emails. It could be one of your clients, one of your employees home pcs, etc.

Tired of waiting for an answer? Try asking better questions. See: faq222-2244
 
Upvote 0 Downvote
Howdy:

As carr said, it probably isn't one of your systems infected.. The infected system will, in all liklihood, be outside you span of control.. It could be a clients system, a friend's system, that has one of your employees email address in their Contact List .. That is the system in question that has to be found and cleaned and that will be a near impossibility...

Murray
 
Upvote 0 Downvote
Thanks for the awsome help guys, agree with you guys that the virus is some where outside of my control.

Thanks again,

-James
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
177
Oorde
Oorde
andyv2011
  • Locked
  • Question
Looking at Virus Actions
Replies
0
Views
77
andyv2011
andyv2011
Tiffc0922
  • Locked
  • Question
Virus / Malware Scans on Local PCs
Replies
5
Views
122
goombawaho
goombawaho
kharrison70
  • Locked
  • Question
Meskisift Visaal Studie Virus? 6
Replies
6
Views
122
goombawaho
goombawaho
CCX008
  • Locked
  • Question
Barowwsoe2save , how can I remove this stubborn virus !! 3
Replies
10
Views
160
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top