Should I Worry?

[Virtual Imager]

So I received an email saying that something I sent (I didn't send it and it's not in my sent mail) was quarantined by NAV when it was received by someone I never heard of who is not in my address book. Here's the email I received:

 

Recipient of the infected attachment:  Ron Webster\Inbox

Subject of the message:  Look,my beautiful girl friend

One or more attachments were quarantined.

  Attachment width.exe was Quarantined for the following reasons:

    Virus UNAUTHORIZED FILE was found.

 

 

Do I have a problem here?

[Guest schussat]

I think you're safe. Someone else who has you in their inbox is likely virused. The virus spoofs email headers and spreads itself around, but when its payload is intercepted and cleaned by virus scanners, the error message comes back to you -- since your email address is spoofed as the "from" header. I got a ton of these misdirected errors in August, when one of these style bugs was going around.

 

-Alan

[Virtual Imager]

So you're saying that the virus doesn't have to be on my machine in order to spoof my email address in the header? That's a relief... I think.

 

But it appears that what's being sent is not something I want going out using my name. Is there some way to stop it or prevent it from happening in the future?

[DarqFlare]

No. There is no way to keep a virus from spoofing itself as your account. This happened to me as well.

 

Basically, the virus gets itself onto a computer and picks an address stored on that computer at random to spoof as. What probably happened to you (And me, and everybody else in the world) is that the virus got onto the machine of someone you had emailed in the past. The virus picked your email at random to spoof as, then sent itself out to other addresses stored on that machine using your address as the spoof.

[TCH-Dick]

These viri are a major PAIN!! All viri these days come pre equipped with their own SMTP functions as well, so even if the infected computer isn't even using e-mail at the time the virus can propagate itself anyway.

 

Not only does it spoof the "from" address, but in most cases it spoofs the mail server name, so what happens is virusX gets spread around the net with a spoofed name and server name, in our case the virus is spoofing TotalChoice server names, so admins at ISP's all over the place that don't know any better are reporting the spoofed mail as spam. Worst case scenario is a TCH mail server gets put on a blacklist due to these spoofed server names and that IP gets blocked.

 

This is one reason why we have zero tolerance policy against spam, its hard enough keeping up with all of the fake e-mails and keeping our names off of blacklists, we don't need to deal with REAL people spamming.

[Deverill]

This is a good reason to turn off the preview panel of Outlook. Some virus programs will trigger if they are even opened by the preview so make sure it's turned off.

[Virtual Imager]

Thanks for the tip... I've often wondered about that. Just turned the preview pane off and I feel free and empowered!!! Like I found the 'mute' button on the remote... Even without having to worry about a virus, it's nice to be able to delete something without having to see it on my screen. Some of this stuff really goes beyond the pale. I'm all for free speech, but shouldn't it stop at my front door? Do I really have to be bombarded with unsolicited phone calls and emails in my own home? And lately there's something worse happening on my computer.... I've been discovered by "messenger service." These nasty commercial message boxes have recently started popping up on my screen. They say "Messenger Service" in the box header and look like a typical windows dialogue box, but they're not. They're spam. I had never seen them before a couple of months ago. Don't know if I received an update to something (Windows, IE, Outlook Express, Netscape, NAV?) that is now letting them through or if I did something to my settings somewhere. It happens regardless of what programs I have open and even when my machine goes on standby. Perhaps because I get my internet service over cable and I'm always connected? If anyone knows how these are getting in and how I can stop them, please, please, please let me know. I'll be your best friend! :hug: They are even more intrusive than spam email... they're really in your face. I just got another one... Bobbie Jo wants me to go to her website. And if I want my own message to "reach millions of people directly" I can do it too by going to geocities/webservices or somethinglikethat. HELP! Make it stop! They just keep hitting my screen like drops of water in a chinese water torture chamber.

[TCH-Don]

You may want to try a spyware remover there is a good post in the suggest a program forum, also a popup killer if you do not have one.

[Virtual Imager]

Thanks for the link. I found a post that addressed the problem directly. Thought I might share it:

 

These are sent using the Messenger service integrated into Windows 2000 and XP (try the 'net send' command to see for yourself).

To disable the Messenger service, go to Start --> All Programs --> Administrative Tools --> Component Services. In Component Services, click on Services (Local), then on the right side, find Messenger and disable it.

Note: not everyone will have Administrative Tools in the Start menu. You need to make it visible under Taskbar and Start Menu Properties (right-click on taskbar --> Properties). The surest way to get to Component Services is to enter %systemroot%\system32\com\comexp.msc into the command line.