Symantec AVF detected an unrepairable virus in a message you sent

  • Thread starter Thread starter Top Spin
  • Start date Start date
T

Top Spin

I have gotten several messages from a professional organization that I
belong to with this is the subject line:

"Symantec AVF detected an unrepairable virus in a message you sent"

I am not sure what to do. I am 100% certain that I did not send them
any email messages at all. So, I guess the possibilities are:

1. Someone is sending them messages that look liie they came from me.

2. Some spyware has infected my machine and is sending message out
under my name.

Using information I got on this forum, I downloaded 2-3 spyware
programs and ran them. None of them detected much. I think among all
of them, they found one adware program and 2-3 registry entries. They
reported that they were all disabled or deleted.

How should I respond to this organization?

How can I find out who sent them this email?

Thanks
 
I have gotten several messages from a professional organization that I
belong to with this is the subject line:

"Symantec AVF detected an unrepairable virus in a message you sent"

I am not sure what to do. I am 100% certain that I did not send them
any email messages at all. So, I guess the possibilities are:

1. Someone is sending them messages that look liie they came from me.

2. Some spyware has infected my machine and is sending message out
under my name.

Using information I got on this forum, I downloaded 2-3 spyware
programs and ran them. None of them detected much. I think among all
of them, they found one adware program and 2-3 registry entries. They
reported that they were all disabled or deleted.

How should I respond to this organization?

How can I find out who sent them this email?

Thanks
Click to expand...


http://www.virusbtn.com/magazine/articles/features/2004/06_01.xml


Regards,
Ian Kenefick
http://www.ik-cs.com
no snake oil here!
 
OK. I'm not sure what to do with that. Is it saying that the message I
received should be ignored?
Click to expand...

Well if your machine conforms to the three 'security musts'
[up-to-date AV, Firewall and OS' then you can consider yourself safe
and ignore the messages.

These messages are known as Antivirus Spam. I get them all the time in
the office as do most of my colleagues - I create a filter to place
them in a folder where I can review them if I get some time.


Regards,
Ian Kenefick
http://www.ik-cs.com
no snake oil here!
 
OK. I'm not sure what to do with that. Is it saying that the message I
received should be ignored?
Click to expand...

Well if your machine conforms to the three 'security musts'
[up-to-date AV, Firewall and OS' then you can consider yourself safe
and ignore the messages.

These messages are known as Antivirus Spam. I get them all the time in
the office as do most of my colleagues - I create a filter to place
them in a folder where I can review them if I get some time.
Click to expand...

So, would it be a waste of time to reply to the message (the reply
address is valid) telling the organization that I do not believe the
messages are coming from my system?

Is it worth my time to request a copy of the infected email or
instruct them to send it to some online scanning service?

Is there any way for them to find out if it really came from my system
or if it just had the header modified?
 
On Tue, 08 Mar 2005 18:59:06 +0000, Ian JP Kenefick

I have gotten several messages from a professional organization that I
belong to with this is the subject line:

"Symantec AVF detected an unrepairable virus in a message you sent"

I am not sure what to do. I am 100% certain that I did not send them
any email messages at all. So, I guess the possibilities are:

1. Someone is sending them messages that look liie they came from me.

2. Some spyware has infected my machine and is sending message out
under my name.

Using information I got on this forum, I downloaded 2-3 spyware
programs and ran them. None of them detected much. I think among all
of them, they found one adware program and 2-3 registry entries. They
reported that they were all disabled or deleted.

How should I respond to this organization?

How can I find out who sent them this email?

Thanks


http://www.virusbtn.com/magazine/articles/features/2004/06_01.xml

OK. I'm not sure what to do with that. Is it saying that the message I
received should be ignored?
Click to expand...

Well if your machine conforms to the three 'security musts'
[up-to-date AV, Firewall and OS' then you can consider yourself safe
and ignore the messages.

These messages are known as Antivirus Spam. I get them all the time in
the office as do most of my colleagues - I create a filter to place
them in a folder where I can review them if I get some time.
Click to expand...

So, would it be a waste of time to reply to the message (the reply
address is valid) telling the organization that I do not believe the
messages are coming from my system?

Is it worth my time to request a copy of the infected email or
instruct them to send it to some online scanning service?

Is there any way for them to find out if it really came from my system
or if it just had the header modified?
Click to expand...

Well you could do that and quote that website link on virusbtn written
by a reputable virus researcher and ask them to reconfigure their AV -
but this would probably be in vain.


Regards,
Ian Kenefick
http://www.ik-cs.com
no snake oil here!
 
On Tue, 08 Mar 2005 18:59:06 +0000, Ian JP Kenefick

I have gotten several messages from a professional organization that I
belong to with this is the subject line:

"Symantec AVF detected an unrepairable virus in a message you sent"

I am not sure what to do. I am 100% certain that I did not send them
any email messages at all. So, I guess the possibilities are:

1. Someone is sending them messages that look liie they came from me.

2. Some spyware has infected my machine and is sending message out
under my name.

Using information I got on this forum, I downloaded 2-3 spyware
programs and ran them. None of them detected much. I think among all
of them, they found one adware program and 2-3 registry entries. They
reported that they were all disabled or deleted.

How should I respond to this organization?

How can I find out who sent them this email?

Thanks


http://www.virusbtn.com/magazine/articles/features/2004/06_01.xml

OK. I'm not sure what to do with that. Is it saying that the message I
received should be ignored?
Click to expand...

Well if your machine conforms to the three 'security musts'
[up-to-date AV, Firewall and OS' then you can consider yourself safe
and ignore the messages.

These messages are known as Antivirus Spam. I get them all the time in
the office as do most of my colleagues - I create a filter to place
them in a folder where I can review them if I get some time.
Click to expand...

So, would it be a waste of time to reply to the message (the reply
address is valid) telling the organization that I do not believe the
messages are coming from my system?

Is it worth my time to request a copy of the infected email or
instruct them to send it to some online scanning service?

Is there any way for them to find out if it really came from my system
or if it just had the header modified?
Click to expand...

I just uploaded a similar article to the weblog on my website. have a
look :)


Regards,
Ian Kenefick
http://www.ik-cs.com
no snake oil here!
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Top said:
I have gotten several messages from a professional organization that I
belong to with this is the subject line:

"Symantec AVF detected an unrepairable virus in a message you sent"

I am not sure what to do. I am 100% certain that I did not send them
any email messages at all. So, I guess the possibilities are:

1. Someone is sending them messages that look liie they came from me.

2. Some spyware has infected my machine and is sending message out
under my name.

Using information I got on this forum, I downloaded 2-3 spyware
programs and ran them. None of them detected much. I think among all
of them, they found one adware program and 2-3 registry entries. They
reported that they were all disabled or deleted.

How should I respond to this organization?
Click to expand...

Assuming that you did not send the infected file, I would complain to them
via their complaints/abuse helpdesk and demand that they stop sending spam.

If this does not succeed, find their ISP in the email headers and demand to
them that they enforce their terms of service on the organisation, which
usually including NOT sending unsolicited email.

Do not let this company get away with spamming you.

Regards,


Adam Piggott.


- --
Please replace dot invalid with dot uk to email me.
Apply personally for PGP public key.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFCLgCq7uRVdtPsXDkRAgzRAJ43/2TRwSFpP724ZPSzn4u9+3ohXQCgkykM
mJRWh+nHnKNKO54DxLxGd40=
=IENf
-----END PGP SIGNATURE-----
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



Assuming that you did not send the infected file, I would complain to them
via their complaints/abuse helpdesk and demand that they stop sending spam.

If this does not succeed, find their ISP in the email headers and demand to
them that they enforce their terms of service on the organisation, which
usually including NOT sending unsolicited email.

Do not let this company get away with spamming you.
Click to expand...

Whoa. The email is from a professional organization that I belong to.
I am quite certain that they are not spamming me.

They probably did receive an infected email that looked like it came
from me. Of course, I cannot guarantee that it did not come from some
malware software running on my machine, but I do have a firewall, an
antivirus program, and I just ran some anti-spyware programs
recommended on this forum. So I don't think it really came from me.

I'm just trying to figure out what to do. I do not want to attack the
organization.
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Top said:
Whoa. The email is from a professional organization that I belong to.
I am quite certain that they are not spamming me.

They probably did receive an infected email that looked like it came
from me. Of course, I cannot guarantee that it did not come from some
malware software running on my machine, but I do have a firewall, an
antivirus program, and I just ran some anti-spyware programs
recommended on this forum. So I don't think it really came from me.

I'm just trying to figure out what to do. I do not want to attack the
organization.
Click to expand...

The organisation should set up it's anti-virus properly. Sending out
"infection alert" emails is counter-productive and a waste of bandwidth.

I'm sure if the appropriate logging is active on the machine that received
the infected file then one would be able to find the original email.


Adam.

- --
Please replace dot invalid with dot uk to email me.
Apply personally for PGP public key.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)

iD8DBQFCLhoq7uRVdtPsXDkRAnniAJkBAa03afL5skBHYDjqboJLE+eN1ACglNmy
Ud8m8+nxNKgPLWlXqEVrz8Q=
=BAGL
-----END PGP SIGNATURE-----
 
I am not sure what to do. I am 100% certain that I did not send them
any email messages at all. So, I guess the possibilities are:

1. Someone is sending them messages that look liie they came from me.

2. Some spyware has infected my machine and is sending message out
under my name.
Click to expand...

Prolly #1 as many of the buggars harvest email addys and send mail on
their own.
If your PC is clean and you haven't sent them emails I would suggest you
email the professional company in question and tell them so. Also you
might mention that your email addy may have been spoofed by another source.
 
[snip]
[snip]
OK. I'm not sure what to do with that. Is it saying that the message I
received should be ignored?
Click to expand...

Well if your machine conforms to the three 'security musts'
[up-to-date AV, Firewall and OS' then you can consider yourself safe
and ignore the messages.

These messages are known as Antivirus Spam. I get them all the time in ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
the office as do most of my colleagues - I create a filter to place
them in a folder where I can review them if I get some time.
Click to expand...

Indeed. One anti-virus company with a clue:

"Why (some) anti-virus companies are to blame for the recent e-mail flood."
http://www.f-prot.com/news/gen_news/030910_open_letter.html
"Yes, (some) antivirus companies are spammers."
http://www.f-prot.com/news/gen_news/040130_open_letter.html
 
Back
Top