Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / Am I infected with something?

Author
Message
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 23rd Aug 2003 13:14 Edited at: 23rd Aug 2003 13:16
Link
Three 'out of place' emails appeared in my inbox today, 1 was a reply to an email I never sent and 2 were telling me two of my emails couldn't be sent, again, I never sent an email to either of these two and have never heard of their addresses.

Here are the emails I recieved, hopefully someone can explain to me if I have some sort of virus:

Quote: "From: <kate_cat45@hotmail.com>
To: <exeat@designex.net>
Sent: Saturday, August 23, 2003 5:45 AM
Subject: Re: That movie


> See the attached file for details"


I've never sent an email to this person (never even heard of the address), I haven't sent any emails with the subject 'That movie' and what's more this email doesn't even have a file attached.

Number 2:
Quote: "From: "Mail Delivery Subsystem" <MAILER-DAEMON@aol.com>
To: <exeat@designex.net>
Sent: Saturday, August 23, 2003 2:33 PM
Subject: Mail Delivery Problem

>
> Sorry exeat@designex.net. Your mail to the following recipients could not be delivered because they are not accepting mail with attachments or embedded images:
> koreanlady528"


Like before I have no clue who that person is and haven't sent any emails, let alone ones with attachments or embedded images.

Number 3:
Quote: "From: "Mail Delivery Subsystem" <MAILER-DAEMON@aol.com>
To: <exeat@designex.net>
Sent: Saturday, August 23, 2003 5:12 PM
Subject: Returned mail: User unknown


> The original message was received at Sat, 23 Aug 2003 03:12:05 -0400 (EDT)
> from dhcp11-17.microagenorth.com [216.108.11.17]
>
>
> *** ATTENTION ***
>
> Your e-mail is being returned to you because there was a problem with its
> delivery. The address which was undeliverable is listed in the section
> labeled: "----- The following addresses had permanent fatal errors -----".
>
> The reason your mail is being returned to you is listed in the section
> labeled: "----- Transcript of Session Follows -----".
>
> The line beginning with "<<<" describes the specific reason your e-mail could
> not be delivered. The next line contains a second error message which is a
> general translation for other e-mail servers.
>
> Please direct further questions regarding this message to your e-mail
> administrator.
>
> --AOL Postmaster
>
>
>
> ----- The following addresses had permanent fatal errors -----
> <dirtydancer33089@aol.com>
>
> ----- Transcript of session follows -----
> ... while talking to air-xj02.mail.aol.com.:
> >>> RCPT To:<dirtydancer33089@aol.com>
> <<< 550 MAILBOX NOT FOUND
> 550 <dirtydancer33089@aol.com>... User unknown
>


--------------------------------------------------------------------------------


> Received: from PIONEERKIOSK (dhcp11-17.microagenorth.com [216.108.11.17]) by rly-xj04.mx.aol.com (v95.1) with ESMTP id MAILRELAYINXJ45-5193f4713b913f; Sat, 23 Aug 2003 03:11:54 -0400
> From: <exeat@designex.net>
> To: <Dirtydancer33089@aol.com>
> Subject: Re: Approved
> Date: Sat, 23 Aug 2003 0:06:40 --0800
> X-MailScanner: Found to be clean
> Importance: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MSMail-Priority: Normal
> X-Priority: 3 (Normal)
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="_NextPart_000_04866A90"
> X-AOL-IP: 216.108.11.17
> X-AOL-SCOLL-SCORE: 0:XXX:XX
> X-AOL-SCOLL-URL_COUNT: 0
> Message-ID: <200308230312.5193f4713b913f@rly-xj04.mx.aol.com>
"


Again I haven't heard of this email address. This email also had an attachment named: "ATT00125.dat" which is 241 bytes. This email also claims there's no such address and hence why it failed to send which is incredibly strange.

Does anyone have any idea why I would be getting such emails? Interesting things to note are the last 2 were AOL emails and the first was a Hotmail address, I've heard of none of these people and they certainly aren't in my address book. I figured I must have a virus but so far my scanner shows nothing.

What's more is the last email with an attachment I recieved was from Rick Vanner 4 days ago and it was virus-free just like all other attachments I've opened. Anybody have any clues? Thanks.

"Computers are useless they can only give you answers."
Back to top
Profile PM Email
koshi
21
Years of Service
User Offline
Joined: 20th Aug 2003
Location: Cyberspace
Posted: 23rd Aug 2003 13:35
Link
rick vanner? thats rich..
hm lot of strange emails going around...

Famous last words -
Pull the pin and count to what?
Back to top
Profile PM
spooky
22
Years of Service
User Offline
Joined: 30th Aug 2002
Location: United Kingdom
Posted: 23rd Aug 2003 14:32
Link
Well the first one is definately the 'sobig' virus. It would have came from someone who has your name anywhere in their address book or other place on their pc. BUT the from address (the hotmail account) would have been cobbled together from all the other email addresses on their pc. So tracking down where it actually came from would be hard.

Just don't open the attachment.

The programmer formerly known as sonic
Back to top
Profile PM Website
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 23rd Aug 2003 15:48
Link
Quote: "rick vanner? thats rich.."


Nope, Rick is Rick while Rich is Rich Davey Rick is the commercial director and Rich is the webmaster. I sent an interview to Rick which he filled and sent back, all perfectly legit which is why I don't think I got a virus from him.

Quote: "Well the first one is definately the 'sobig' virus."


That's what I thought as well except that it doesn't even have an attachment which totally confused me. lol.

Very strange indeed.

"Computers are useless they can only give you answers."
Back to top
Profile PM Email
Critters
21
Years of Service
User Offline
Joined: 11th Apr 2003
Location: United Kingdom
Posted: 23rd Aug 2003 17:55
Link
thats wierd

http://www.jaxteam.co.uk
Back to top
Profile PM Email
Andy Igoe
22
Years of Service
User Offline
Joined: 6th Oct 2002
Location: United Kingdom
Posted: 23rd Aug 2003 19:18
Link
I can't tell the virus in my inbox from all the spam I get, noteably nothing gets opened unless: The subject line is clear and related to something I am interested in and; The sender line is somebody I recognise.

Nothing ever gets opened on my email if it has an attachment and I am not first expecting an attachment, if I receive an attachment from a known associate but I was not expecting it then I send an email asking if they sent me a file.

Those who send me files regularly know to mark their subject line with a keyword for instant attention.

That my friends, is the result of the digital communications revolution. Anyone got two cups and a piece of string? I need to upgrade.

Pneumatic Dryll
Back to top
Profile PM Email Website
Eric T
21
Years of Service
User Offline
Joined: 7th Apr 2003
Location: My location is where I am at this time.
Posted: 23rd Aug 2003 19:24
Link
Well anyone who knows me... knows my email subjects always have "" at the beggining and end.. thats my saftey precaution.

Working on 4 projects 2 RPG(programming texturing and 3d map), 1 3rd person shooter (Programming), and a special project.
Back to top
Profile PM Email Website
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 24th Aug 2003 03:14
Link
Yeah, I always checkout the attachments before I open them as well and hence why I'm so surprised at getting these emails. Oh, and I just recieved a fourth today as well:

Quote: "From: "Mail Delivery Subsystem" <MAILER-DAEMON@aol.com>
To: <exeat@designex.net>
Sent: Sunday, August 24, 2003 3:09 AM
Subject: Returned mail: User unknown


> The original message was received at Sat, 23 Aug 2003 13:09:25 -0400 (EDT)
> from dhcp11-17.microagenorth.com [216.108.11.17]
>
>
> *** ATTENTION ***
>
> Your e-mail is being returned to you because there was a problem with its
> delivery. The address which was undeliverable is listed in the section
> labeled: "----- The following addresses had permanent fatal errors -----".
>
> The reason your mail is being returned to you is listed in the section
> labeled: "----- Transcript of Session Follows -----".
>
> The line beginning with "<<<" describes the specific reason your e-mail could
> not be delivered. The next line contains a second error message which is a
> general translation for other e-mail servers.
>
> Please direct further questions regarding this message to your e-mail
> administrator.
>
> --AOL Postmaster
>
>
>
> ----- The following addresses had permanent fatal errors -----
> <mxpxsg@aol.com>
>
> ----- Transcript of session follows -----
> ... while talking to air-xd03.mail.aol.com.:
> >>> RCPT To:<mxpxsg@aol.com>
> <<< 550 MAILBOX NOT FOUND
> 550 <mxpxsg@aol.com>... User unknown
>


--------------------------------------------------------------------------------


> Received: from PIONEERKIOSK (dhcp11-17.microagenorth.com [216.108.11.17]) by rly-xd02.mx.aol.com (v95.1) with ESMTP id MAILRELAYINXD26-10a3f479fbe81; Sat, 23 Aug 2003 13:09:19 -0400
> From: <exeat@designex.net>
> To: <MXPXSG@aol.com>
> Subject: Thank you!
> Date: Sat, 23 Aug 2003 10:04:05 --0800
> X-MailScanner: Found to be clean
> Importance: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MSMail-Priority: Normal
> X-Priority: 3 (Normal)
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="_NextPart_000_0033CAAA"
> X-AOL-IP: 216.108.11.17
> X-AOL-SCOLL-SCORE: 0:XXX:XX
> X-AOL-SCOLL-URL_COUNT: 0
> Message-ID: <200308231309.10a3f479fbe81@rly-xd02.mx.aol.com>
> "


Again an AOL email. This is really getting annoying, I don't suppose anyone knows how I can stop them coming in?

"Computers are useless they can only give you answers."
Back to top
Profile PM Email
8truths
21
Years of Service
User Offline
Joined: 10th May 2003
Location: United States
Posted: 24th Aug 2003 08:01
Link
I am under the impression (from no official sources) that the next round of Sobig is already underway (sort of a Sobig.F.5) employing the HTML exploit through Internet Explorer.

Does this exploit work through Outlook? I have to admit, I never really looked up whether Outlook just uses a Web component or if it does its own HTML itself.

If it doesn't work through Outlook, it can work through unpatched IE when using web mail.

I admire your honesty. Hell, I like you; you can come over to my house and ---- my sister!
Back to top
Profile PM
Shock
AGK Developer
22
Years of Service
User Offline
Joined: 24th Oct 2002
Location: United Kingdom
Posted: 24th Aug 2003 14:08
Link
i think outlook just calls ie when it wants to compile some html, hence outlook always crashes if ie crashes


Sticking feathers up your butt doesn't make you a chicken.
Back to top
Profile PM
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 24th Aug 2003 16:55
Link
Strike 5:
Quote: "From: "Mail Delivery Subsystem" <MAILER-DAEMON@aol.com>
To: <exeat@designex.net>
Sent: Sunday, August 24, 2003 10:37 PM
Subject: Returned mail: User unknown


> The original message was received at Sun, 24 Aug 2003 08:37:38 -0400 (EDT)
> from dhcp11-17.microagenorth.com [216.108.11.17]
>
>
> *** ATTENTION ***
>
> Your e-mail is being returned to you because there was a problem with its
> delivery. The address which was undeliverable is listed in the section
> labeled: "----- The following addresses had permanent fatal errors -----".
>
> The reason your mail is being returned to you is listed in the section
> labeled: "----- Transcript of Session Follows -----".
>
> The line beginning with "<<<" describes the specific reason your e-mail could
> not be delivered. The next line contains a second error message which is a
> general translation for other e-mail servers.
>
> Please direct further questions regarding this message to your e-mail
> administrator.
>
> --AOL Postmaster
>
>
>
> ----- The following addresses had permanent fatal errors -----
> <babygrrl4204@aol.com>
>
> ----- Transcript of session follows -----
> ... while talking to air-xj03.mail.aol.com.:
> >>> RCPT To:<babygrrl4204@aol.com>
> <<< 550 MAILBOX NOT FOUND
> 550 <babygrrl4204@aol.com>... User unknown
>


--------------------------------------------------------------------------------


> Received: from PIONEERKIOSK (dhcp11-17.microagenorth.com [216.108.11.17]) by rly-xj04.mx.aol.com (v95.1) with ESMTP id MAILRELAYINXJ44-5183f48b187de; Sun, 24 Aug 2003 08:37:30 -0400
> From: <exeat@designex.net>
> To: <BaByGrRl4204@aol.com>
> Subject: Re: Re: My details
> Date: Sun, 24 Aug 2003 5:32:14 --0800
> X-MailScanner: Found to be clean
> Importance: Normal
> X-Mailer: Microsoft Outlook Express 6.00.2600.0000
> X-MSMail-Priority: Normal
> X-Priority: 3 (Normal)
> MIME-Version: 1.0
> Content-Type: multipart/mixed;
> boundary="_NextPart_000_008A21B1"
> X-AOL-IP: 216.108.11.17
> X-AOL-SCOLL-SCORE: 0:XXX:XX
> X-AOL-SCOLL-URL_COUNT: 0
> Message-ID: <200308240837.5183f48b187de@rly-xj04.mx.aol.com>
"


Another AOL one. Has anyone heard of any type of AOL-related virii or worms going around? I hope this doesn't go on for long.

"Computers are useless they can only give you answers."
Back to top
Profile PM Email
Philip 1337
22
Years of Service
User Offline
Joined: 27th Aug 2002
Location: United Kingdom
Posted: 27th Aug 2003 16:04
Link
I just got and email and i'm on AOL,

It said that i had to open the attached file to see what it was about and it was from

MAILER-DAEMON@aol.com

I thought it could be a virus so i clicked report spam and deleted it.
Back to top
Profile PM
Preston C
21
Years of Service
User Offline
Joined: 16th May 2003
Location: Penn State University Park
Posted: 27th Aug 2003 16:50
Link
I got a message too, just like the ones above. I deleted mine right away, though Norton didnt say if it was a virus. I also got 3 last night from Microsoft claiming to have a new patch for me, and to install it immediately. Norton caught those 3 viruses, yet the AOL messages, if they're a new type of virus, I hope we're not all infected.



Hell Begins September 2nd at 7:30 AM. Yep, schools starting soon.
Back to top
Profile PM Email
Philip 1337
22
Years of Service
User Offline
Joined: 27th Aug 2002
Location: United Kingdom
Posted: 28th Aug 2003 15:54
Link
I just got one on my MSN hotmail

From : MAILER-DAEMON@anadolu.edu.tr

Subject : Undeliverable mail: Thank you!

Date : Thu, 28 Aug 2003 15:47:10 +0400

Attachment : attach4 (1k)
Reply Reply All Forward Delete Put in Folder...InboxSent MessagesDraftsTrash Can Printer Friendly Version

Failed to deliver to '<webdesign@anadolu.edu.tr>'
LOCAL module(account webdesign) reports:
account is full (quota exceeded)

Reporting-MTA: dns; anadolu.edu.tr

Original-Recipient: rfc822;<webdesign@anadolu.edu.tr>
Final-Recipient: LOCAL;
Action: failed
Status: 5.0.0


Notice: Attachments are automatically scanned for viruses using
Back to top
Profile PM
Philip 1337
22
Years of Service
User Offline
Joined: 27th Aug 2002
Location: United Kingdom
Posted: 28th Aug 2003 15:56
Link
From :
MAILER-DAEMON@mail3.nexpoint.net

To :
gbros_philip@hotmail.com

Subject :
failure notice

Date :
28 Aug 2003 09:27:36 -0000

Attachment : document_all.pif (101k)
Reply Reply All Forward Delete Put in Folder...InboxSent MessagesDraftsTrash Can Printer Friendly Version

Hi. This is the qmail-send program at mail3.nexpoint.net.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

<lemerb@secantsoftware.com>:
user is over quota

--- Below this line is a copy of the message.



From :
<gbros_philip@hotmail.com>

To :
<lemerb@secantsoftware.com>

Subject :
Re: Wicked screensaver

Date :
Thu, 28 Aug 2003 12:45:33 +0300

Attachment : document_all.pif (101k)
See the attached file for details
Back to top
Profile PM
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 29th Aug 2003 13:06
Link
Okay I think it's safe to assume they're some kind of virus, lol.

"Computers are useless they can only give you answers."
Back to top
Profile PM Email
MushroomHead
22
Years of Service
User Offline
Joined: 26th Aug 2002
Location: United Kingdom
Posted: 29th Aug 2003 16:54 Edited at: 29th Aug 2003 16:55
Link
If you're not sure an attachment is a virus or not, send it to symantec research for anlysis, they will let you know if it's a virus or not ... also you'll be doing the world a favour. Currently there is a new modified version of blaster worm doing rounds.
Back to top
Profile PM
HZence
21
Years of Service
User Offline
Joined: 9th Mar 2003
Location:
Posted: 30th Aug 2003 18:48
Link
Quote: "That's what I thought as well except that it doesn't even have an attachment which totally confused me. lol."


Maybe someone with Norton scanned the e-mail and repaired the infected file, but then accidentally sent it to you or it still got sent somehow?

SW Games - www.freewebs.com/swgames

Yeah, I know, I only have one game. Yeah, I know it sucks. But I made it! Me!
Back to top
Profile PM
Dave J
Retired Moderator
21
Years of Service
User Offline
Joined: 11th Feb 2003
Location: Secret Military Pub, Down Under
Posted: 31st Aug 2003 07:50
Link
Very strange but I guess it's a sort of logical explanation lol.

"Computers are useless they can only give you answers."
Back to top
Profile PM Email
Back to top

Login to post a reply

Server time is: 2024-11-23 18:29:21
Your offset time is: 2024-11-23 18:29:21