Returned Mail Virus

The above is a virus suspect. I didn't know if everyone knows or not. Apparently someone is sending bogus returned mail notifications, and unless one knows what a real one looks like they might be tempted to open the attachments, because genuine returned e-mails do have attachments of the original mail that was sent.

I copied & included the header that was to me to show what that header looks like.

The part that is x'd out above is my e-mail address.

One is just a plain .exe with no name in front of the extension & it is 93.1 KB. It is the suspected infected file. The other one is Chanenels[1].htm (1.03 KB) which is not infected, but apparently has some useful purpose in connection with the infected one.

I got this one last night. The first time ever. I knew it was bogus, because I don't have a clue as to who smaresh464 is, & knew I'd never sent anything to that person in the first place, & also just by looking at the text wording, so of course I didn't open it.

I will look up the particulars & post them as soon as I can, if I can find any.

Just thought I'd post what I do have, so people can be on the look out for bogus returned e-mail.

 

Is it your correct email address or is it possibly one that has an underscore in front of the account. So that if yours was

deloris@heber-springs.com the one in the post is

_deloris@heber-springs.com

 

There is currently a hoax in circulation which warns of infected returned mails.

 

Newt,
I x'd it out myself when I copied it to the forum. Yes it was my real home e-mail address before I x'd it out. How they got it, I don't know. I do know I never sent such a mail to this person & I do keep my Anti-Virus up to date, so the likelyhood that a resident virus sent something out from my computer is very slim.

Besides, the text of the message looks absolutely nothing like a real returned mail notification that I have ever seen.

 

brett,
This was not a warning of a bogus infected returned e-mail, this was a bogus returned e-mail sent to me.

Maybe someone saw the hoax & decided to actually DO it.

As I said, I just thougt it was important to notify people that this is a possibility. I will open the sucker & see. I haven't deleted it yet.

 

Yep, it's a virus. Norton jumped on it like a chicken on a june bug. The .exe is the culprit as I suspected.

Guess you know, I took a chance on that one.

I will still try to find some particulars on it, but right now I have to go somewhere out of town for few hours.

 

I remember that W32.Klez.E@mm uses that bounced mail ruse:

 

Alice - Yep, I have personally gotten several of those "Postmaster" versions of klez. Tricky bugger.

 

Klez.H does the same thing as one of its games. I've gotten a couple myself. It has reached the point where unless the sender is one of my kids or a very trusted individual such as a BB admin, emails with attachments get trashed, period.

 

Hi,

Well, ya'll, I only opened it to see for sure, as I was wanting to let people know. Of course, if I'd been unlucky & Norton hadn't grabbed it, then I guess I would have been "veewwy" sorry.

Normally, I don't open anything with attachements other than jpg, gif, png, & bmp, but I just couldn't help myself this time. My adventerous spirit took over.

Thanks guys for letting me know that some of the Klez variants are the culprits. Now I don't have to go searching for that info.

 

The virus makers are getting quite creative.

Speaking of tricky buggers, what about getting something like "www.freedesktopthemes.com "
in your e-mail? I'll bet some people would open it thinking it was an Internet link instead of a .com file attachment, especially if it looked like it came from someone they knew.