- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Microsoft
- >
- Re: Possible Email Trojan???
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-02-2004 11:24 AM
тАО02-02-2004 11:24 AM
This evening I got the following 'bounce' email back to me. It looks like I tried to send it but I did not.
It's either completely spoofed to look like I sent it or there is something on my machine sending mail out on the sly.
Anti-Trojan 5.5 came back clean.
Any suggestions on the above?
Many Thanks
Barry
_____________________
This message was created automatically by mail delivery software (Exim).
A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
ink_mark@neptunz.***
retry time not reached for any host after a long failure period
------ This is a copy of the message, including all the headers. ------
Return-path: <***My email address***>
Received: from [**.128.18.159] (helo=tbird)
by rhenium.btinternet.com with esmtp (Exim 3.22 #25)
id 1AnmNB-00016x-00
for ink_mark@neptunz.***; Mon, 02 Feb 2004 22:16:53 +0000
From: "Barry" <***my email***>
To:
Date: Mon, 2 Feb 2004 22:16:42 -0000
Message-ID: <001601c3e9da$403763a0$0c00000a@krustymonkey>
MIME-Version: 1.0
Content-Type: application/ms-tnef;
name="winmail.dat"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="winmail.dat"
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.2616
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
Importance: Normal
X-MS-TNEF-Correlator: C5618F82E2E2541B24168ECEA7CE46A44362900
Subject: Not read: Don't pay so much for Ink Cartridges
_____________________
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-02-2004 03:48 PM
тАО02-02-2004 03:48 PM
Re: Possible Email Trojan???
http://www.microsoft.com/security/antivirus/mydoom.asp
good luck
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-02-2004 04:59 PM
тАО02-02-2004 04:59 PM
Re: Possible Email Trojan???
Where have you been. I've missed you.
Roger
Roger
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-02-2004 05:51 PM
тАО02-02-2004 05:51 PM
Re: Possible Email Trojan???
Glad to see you at the very top!! Thanks alot you are a nice person. I've been hanging out my friend.
later........
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2004 03:07 AM
тАО02-03-2004 03:07 AM
Re: Possible Email Trojan???
XMAN,
I ran a check for both variants of MyDoom from the link you sent me. Came back clear both times.
Any other possiblities you can think of?
Many Thanks,
Barry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2004 03:35 AM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2004 06:01 AM
тАО02-03-2004 06:01 AM
Re: Possible Email Trojan???
Alexander,
What worries me is that the Received from header has both my IP address AND my machine ident.
>Received: from [**.128.18.159] (helo=tbird)
Doesn't this suggest that the mail DID originate on my machine?
Is there a better Trojan search tool than Anti-Trojan 5.5?
Thanks again
Barry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2004 06:13 AM
тАО02-03-2004 06:13 AM
Re: Possible Email Trojan???
Go to this link to read more about the virus:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MYDOOM.A
As for removal tool-I'd recomend to download from www.trendmicro.com their removal.
Search in that site for a file name sysclean.com and download it to your machine.Then try to run it-it'll complain about some file missing (don't remember it's name-I'm at home at the moment) search for it and download it to the same directory that the sysclean is and run sysclean again. It's pretty good.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2004 09:03 AM
тАО02-03-2004 09:03 AM
Re: Possible Email Trojan???
Alexander,
Thanks for the link.
Sysclean dl'd and run. System checked out clean.
Not me then!
Thanks again
Barry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-03-2004 02:58 PM
тАО02-03-2004 02:58 PM
Re: Possible Email Trojan???
It goes both way my friend.
Sorry I missed your questions!