Solved

Is there any way to stop this message from coming in with a virus.

Posted on 2004-09-21
7
209 Views
Last Modified: 2010-04-08
The message I am getting is:

"The original message was received at Sun, 19 Sep 2004 19:37:07 -0500 from localhost with id i8K0b7qM001437

   ----- The following addresses had permanent fatal errors ----- <daveharleyfx@earthlink.net>
    (reason: 550 daveharleyfx@earthlink.net...User unknown)

   ----- Transcript of session follows ----- ... while talking to mx7.earthlink.net.:
>>> RCPT To:<daveharleyfx@earthlink.net>
<<< 550 daveharleyfx@earthlink.net...User unknown 550 5.1.1 <daveharleyfx@earthlink.net>... User unknown"

It contains the Klez.H virus. I get one of these per hour. Norton AntiVirus correctly eliminates the virus, but this is getting tedious for me.

Any suggestions welcome.

Thanks,

Chuck
0
Comment
Question by:CRNile
  • 5
7 Comments
 
LVL 49

Expert Comment

by:sunray_2003
Comment Utility
Chuck,

Try running this to see if that would help clean any virus that is in your system
http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html

If you are getting emails from known recipients then send an email informing about the virus and may be they have it in their system and then can clean the virus aswell. If you are getting from unknown senders then obviously you cannot do anything except to scan the emails after they come so that you can be ready to delete if the emails contain a virus

SR
0
 

Author Comment

by:CRNile
Comment Utility
Norton AntiVirus is getting rid of the virus. It just that I am getting all of these messages with reports of the deleted virus. When Norton AntiVirus runs a full scan, no viruses are reported.

This is a forward from a website where I am the administrator. I forwarded any messages to my ID. Unfortunately, I haven't been able to get into the administrative furnction to see what else I could do.

I know that the virus is not getting to my system, but it all of these hourly replies that I need to make. Now I have one more that just started. It is tedious! I would like to short circuit this cycle.

Chuck
0
 
LVL 15

Accepted Solution

by:
will_scarlet7 earned 250 total points
Comment Utility
Just one point about Klez...

You may already know this, but it is no use to reply to the emails, telling the sender that they have a virus. The worm randomly chooses an email from the infected computer's address book as the "From" address, so chances are the address that you reply to is not the same computer that the email originated from.
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 

Author Comment

by:CRNile
Comment Utility
I do not reply to emails. I just delete them. Norton tells me about each email it receives and that it has deleted the virus. I am required to respond to go on. There were 14 occurrences this morning when I signed on.

Maybe, I can get Norton to delete the virus and go on to the next without getting a response from me.

Chuck
0
 

Author Comment

by:CRNile
Comment Utility
I found the Norton AntiVirus notification setting and turned it off.
0
 

Author Comment

by:CRNile
Comment Utility
I'm getting a new message WITH the virus. It gave me hope initially that the messages would stop, but this comes once per hour. I guess I didn't turn off the Norton message, so I need to acknowledge every receipt and elimination of the virus.

The new message is:

"The original message was received at Fri, 17 Sep 2004 15:37:31 -0500 from localhost with id i8HKb7xI024983

   ----- The following addresses had permanent fatal errors ----- webmaster
    (reason: Deferred)
    (expanded from: root)

   ----- Transcript of session follows -----
procmail: Quota exceeded while writing "/var/spool/mail/webmaster"
webmaster... Deferred: local mailer (/usr/bin/procmail) exited with EX_TEMPFAIL Message could not be delivered for 5 days Message will be deleted from queue"


I wish they would delete it from the queue!

Chuck
 
0
 

Author Comment

by:CRNile
Comment Utility
I accepted one answer, but I think the points should be split between the two people who at least tried to help me. What i finally did was go to the Yahoo email for me that gets read by Outlook and kill the messages there.
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Use these top 10 tips to master the art of email signature design. Create an email signature design that will easily wow recipients, promote your brand and highlight your professionalism.
Outlook Free & Paid Tools
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now