Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible Email Worm?


  • Please log in to reply
3 replies to this topic

#1 finewine291

finewine291

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:14 AM

Posted 03 March 2007 - 09:44 AM

I am running Microsoft Oulook 2003. I believe somewhere in the network there is an email worm. I have worked on this for a full two days. Every computer is updated and has had a full system scan using Symantec Corporate Edition.

In my personla email account I am getting failure delivery notifications for emails that I have not mailed. They are garbage emails indicating a worm. (Random letters and words) I have scanned my pc using Norton, Adaware, and Spybot. I have checked my Windows Run , Run Once, start up folders in the registry. Everything is coming back clean.

While checking other computers in the network I found a couple of viruses/worm such as the Beagle worm. Symantec cleaned them. There has to be another worm somewhere.

My pc appears clean. How is it that I am getting the returned messages? Am I infected? If so where in the world do I go from here to figure out where the worm is hiding?

BC AdBot (Login to Remove)

 


#2 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:08:14 AM

Posted 03 March 2007 - 10:02 AM

More likely than not, these "returned" E-mails were not sent by you or anyone on your network. Malware often masks itself as a mailer-deamon because E-mail providers do not filter these out.
Regards,
John
Whereof one cannot speak, thereof one should be silent.

#3 finewine291

finewine291
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:14 AM

Posted 03 March 2007 - 10:21 AM

Let me make sure I understand. Does someone out there have a worm that is using my email address as the return path or is the malware being sent to me? If someone opens the email that is being sent by the malware will they become infected?

#4 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:02:14 PM

Posted 03 March 2007 - 04:56 PM

It would not necessary mean that your system is corrupted. Mailing worms will pick up any given email adress which is in an adressbook and use it.
to be absolutely sure pleae do the following :
In normal mode, run an online antivirus check from at least two and preferably three of the following sites
BitDefender
Computer Associates Online Virus Scan
Panda's ActiveScan
Trend Micro Housecall
Windows Live Safety Center Free Online Scan
This scanner from Trend does not require an Active X to run.

1. Detects and removes malware ( viruses, worms, trojans, etc. )
2. Detects and removes grayware and spyware
3. Restores damage caused by malware to your system.
4. Notifies about vulnerabilities in installed programs and connected network services.
5. Multi-platform support for: Windows, Linux, Solaris.
6. Easy-to-use with the Microsoft Internet Explorer and Mozilla Firefox.

I would have everybody run at least 3 tests to be sure.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users