Not aware of any virus that carries a file called TRUTH.SCR (as a audio/x-wav file type), but it is using the <a href="http://securityresponse.symantec.com/avcenter/venc/data/iframe.exploit.html"; target="_blank">iframe exploit</a> of Windows (any version, damn near!) to execute the attachment, even if just previewing the message (that's why we don't use preview frame with Outlook where I work).
<strong>ok, this is waaaaay off topic, but i was wondering if there was any way somone here might be able to help me w/ a little email problem i have. i have been getting abotu 10-20 undeliverable emails a day that i have never sent. they appear to be comming from me and it looks like its the klez virus thats doing the sending, but i cant be infected, can i? its a windows .exe, right?
anyway, here is the header from one of the emails:
</strong><hr></blockquote>
My Dad ran into this a few months ago. What is happening is that the virus spoofs the emails as coming from you when it is actually some other computer sending them. An infected computer somewhere has your email address in its address book. The virus plucked yours out at random to be the "sender" of all its spawn. Assuming you're running on a Mac, there's no way they're actually coming from you. I don't know how you'd go about tracking down the infected computer, though. Meanwhile, it makes you look like a jerk, unfortunately.
. . . i have been getting abotu 10-20 undeliverable emails a day that i have never sent. they appear to be comming from me and it looks like its the klez virus thats doing the sending, but i cant be infected, can i? its a windows .exe, right?
</strong><hr></blockquote>
I had the same thing happen to me, but the virus also sent me the message, pretending to be from someone else on the infected computer's mailing list. When I got those messages, I selected 'show all headers' under the Mail menu. The 'From' is bogus, but under 'Return-Path' it showed the infected computer. I emailed them and told them the bad news.
Comments
And no, Mac, Unix, Linux are not affected.
<strong>ok, this is waaaaay off topic, but i was wondering if there was any way somone here might be able to help me w/ a little email problem i have. i have been getting abotu 10-20 undeliverable emails a day that i have never sent. they appear to be comming from me and it looks like its the klez virus thats doing the sending, but i cant be infected, can i? its a windows .exe, right?
anyway, here is the header from one of the emails:
</strong><hr></blockquote>
My Dad ran into this a few months ago. What is happening is that the virus spoofs the emails as coming from you when it is actually some other computer sending them. An infected computer somewhere has your email address in its address book. The virus plucked yours out at random to be the "sender" of all its spawn. Assuming you're running on a Mac, there's no way they're actually coming from you. I don't know how you'd go about tracking down the infected computer, though. Meanwhile, it makes you look like a jerk, unfortunately.
<strong>
. . . i have been getting abotu 10-20 undeliverable emails a day that i have never sent. they appear to be comming from me and it looks like its the klez virus thats doing the sending, but i cant be infected, can i? its a windows .exe, right?
</strong><hr></blockquote>
I had the same thing happen to me, but the virus also sent me the message, pretending to be from someone else on the infected computer's mailing list. When I got those messages, I selected 'show all headers' under the Mail menu. The 'From' is bogus, but under 'Return-Path' it showed the infected computer. I emailed them and told them the bad news.
[code] Status: U
Return-Path: <>
Received: from scaup.mail.pas.earthlink.net ([207.217.120.49]) by merlin (EarthLink SMTP Server)
with ESMTP id 18etUZ10b3NZFlq0 for <[email protected]>; Wed, 20 Nov 2002 04:25:21 -0800 (PST)
Received: from exim by scaup.mail.pas.earthlink.net with local (Exim 3.33 #1)
id 18ETuy-0005RJ-00 for [email protected]; Wed, 20 Nov 2002 04:25:20 -0800
X-Failed-Recipients: [email protected]
Message-Id: <[email protected]></pre><hr></blockquote>
[ 11-20-2002: Message edited by: ThunderPoit ]</p>