Notice of Virus on E-mail

[MAGGIE]

For several weeks my internet provider has caught a virus
infected e-mail. How can I find the sender of the
infected e-mail? This is the notice that I get from my
internet provider.

A virus from (e-mail address removed), with the subject "Use
this patch immediately !". The virus W32/Dumaru.a@MM
virus !!! was found in file: patch.exe

 

[neo [mvp outlook]]

You would need to review the internet header on the message to determine
what network/host the item is coming from.

 

[Tom Lake]

You would need to review the internet header on the message to determine
what network/host the item is coming from.

Even that information can be forged.

Tom Lake

 

[Crusty \(-: Old B@stard :-\)]

Your ISP caught the virus so, at this time, I wouldn't be worried. I sure
wish that MY ISP (RoadRunner) scanned the e-mail for virus. I get 15-20 per
day delivered to my e-mail account for download! Nowhere, on their web
pages, do they even address using antivirus software to scan the e-mails
that they process for their customers.

--
Regards:

Richard Urban

aka Crusty (-: Old B@stard

 

[neo [mvp outlook]]

true, but there is still valid data there if you know how to read it.

--
Neo [MVP Outlook]
Due to the Swen virus, all e-mails sent to this account will be deleted
w/out reading.

 

[Bruce Chambers]

Greetings --

What you received is either a very common, malicious hoax or the
output of a computer infected by one of several widely publicized,
wide-spread, mass emailing worms. This sort of email has been quite
common for at least the past 9 months. The most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Trojan.Xombe
http://www.symantec.com/avcenter/venc/data/trojan.xombe.html

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH