cancel
Showing results for 
Search instead for 
Did you mean: 

too many infected emails

N/A

too many infected emails

for a month or so I have been receiving a few infected emails each week which have been intercepted by Norton. ( I now update Norton and AVG almost daily - no hassle with affordable b'band).

the first couple of times i just delted them using shift and delete before switching the machine off, re-booting, updating and scanning but obviously i cant do this all the time.

i have probed the emails only slightly (using a long barge pole) but they all seem to carry NETSKY32 and are titled 're:your document' or 're: your photo' or 're:something else'. they almost always come from come from innocuous sounding names @aol.com or netscapeonline.co.uk or yahoo.com etc.

thanks to the set-up I have (router with NAT, static IP etc) I get very little spam and all my regular contacts DONT have this problem so is there anyway i can determine where they are really coming from and prevent this from happening?
16 REPLIES
N/A

too many infected emails

I have only had that kind of problem once, so it was quite easy to track down and, in that articular case, it was associated with a machine that someone had used in an internet cafe to send me an email.
The best way to check is to look at the headers of these messages using a text editor like Notepad, and these will tell you the various machines that the email has gone through. There are plenty of sites around that explain how to interpret the headers e.g. Google.

However, getting something done about it isn't always that easy.

If Norton is trapping them all, aren't you protected? Sorry, I don't know Norton, but I didn't follow why you were rebooting your machine.
N/A

Viruses from Emails

I am having exactly the same problem (I-Worm Netsky. I have had C several times and Z). I have AVG but it appears to be unable to remove this virus. I have to go to the AVG website and run "vcleaner" which does remove them but all this takes an enourmous amount of time. How can I stop this and how are they getting through Plus net?
N/A

too many infected emails

tinyworld: Are you subscribed to the anti-virus service?
N/A

too many infected emails

No. I should not have to. If you are a reputable ISP you should not knowingly be spreading viruses.

Denise
N/A

too many infected emails

Quote
No. I should not have to. If you are a reputable ISP you should not knowingly be spreading viruses
:shock:

That is one of the scariest things I've heard someone say. It's not upto plus net to protect your machine from viruses. It's upto YOU!!!! :twisted:

Besides if Norton is trapping them, then you have no worries. Certain accounts on Plus Net do have anti-virus checks included as part of the package, otherwise you have to select it and there is a charge for it.
N/A

too many infected emails

A quick correction, I miss read the virus checker being used. My comment was address to Tinyworld.

AVG might be free but it's pretty poor as a virus checker, bin it and get Kaspersky.....checks viruses and trojans..

www.kaspersky.com
N/A

too many infected emails

Indeed, it never has been and never will be the responsibility of the ISP to provide protection and cover your back.

Besides, that is what PlusNet are all about, providing quality connections, without too much luxury, thus keeping costs down. They have never placed anybody under any illusion that they will protect you.

Did you happen you read the Terms and Conditions before you signed up. You will find you agreed it was your responsibility to keep your system virus free, whilst using the service.
N/A

too many infected emails

Depending on service chosen, PlusNet say:
"Email Anti-Virus Protection
Providing peace of mind when you receive email to your PlusNet mail account.
Available for Free exclusively on the Broadband EasyStart account. The Virus Protection tool monitors your incoming emails using an advanced, industry leading Sophos© virus engine. A Virus or similar intrusive programmes that are detected on your incoming emails will be stopped before they have a chance to infect your system. The virus engine is updated on our servers every day with the latest virus definitions. Sophos provide Antivirus scanning technology for enterprises and organisations in more than 150 countries worldwide. "
This does NOT seem to be happening with W32.Beagle.X@mm - My Vius software is trapping these daily which means that my workflow is temporaily interruped for me to respond. Why is PlusNet not trapping these?
N/A

too many infected emails

In theory, they should.

I would follow the advice given on most threads on this subject. Obtain the full headers and submit them via link:contact us.

This will help them trace down why they are not detected.
N/A

too many infected emails

I have free virus checks on my e-mail from plus net but if you consider the sheer number of e-mails they process it's not totally surprising that some slip though the net. I know it doesn't make it right, esp. since some people do pay for this service. So for them they want that peace of mind.

Besides it is always sensible to setup your own virus checker and firewall, regardless of what your ISP provides. Viruses, Trojans and worms can be picked up just by surfing the internet and no ISP will provide protection for that.
Just take a look at the Sasser Worm....
N/A

too many infected emails

The first, and still the best, virus scanner is your right index finger on the mouse (unless you are left handed). Simply, don't open attachments or "downloads" unless you know what they are.
N/A

too many infected emails

I, too, have been getting a lot of email viruses recently. Mainly NetSky and its varients. As the From: line is faked (and randomly chosen from the infected PC's list of email addresses around the place) I'm also receiving plenty of "You're infected!!" emails from various companies. I'm not. I'm somewhat too smart for that.

While as far as I know there's nothing I can do about the latter but ignore it or set up some kind of mail rule to auto delete messages like that, I feel I should be able to do something about the former. I can check the headers of emails in Outlook Express (preview pane disabled...... ¬_¬) and find out the ISP, and in many cases the location (NTL helpfully tell you where the addresses are located geographically).

Anyway an example header line from the most recent batch of five which built up in under 30 minutes is:
Received: from spr1-fare1-5-0-cust197.cosh.broadband.ntl.com ([80.3.178.197].........


Considering the location of many of my MSN Messenger contacts I know that this means they're in Fareham with NTL broadband. Fair enough but some are way to unhelpful such as:
Received: from host81-152-28-251.range81-152.btcentralplus.com ([81.152.28.251]..........


So is there a way I can report these emails? Such as emailing abuse@btcentralplus.com or something and having them inform whoever has that IP at the time in question that they are infected?

Half of my contacts are way to computer illiterate to know what a virus scanner was if one slapped them in the face, but hopefully their parents will.. One of the endless drawbacks of a) being a "child" and therefore b) talking to other children.... :?

Bit longer than I originally intended but these emails are getting on my nerves a bit now.

Any help would be greatly appreciated.
Thanks,
Andrew
N/A

too many infected emails

One of the drawbacks here is that btcentralplus.com is a generic domain name used by BT on ther Central Plus product.

Central Plus is a managed product by BT, so that an ISP doesn't need to purchase anything like the Redback or Juniper units PlusNet have. Instead (IIRC) the data is prosented over standard networking means.

As such, BT Retail, BT Yahoo and other ISPs all come under the name btcentralplus.com

I am not sure what the proceedures BT side would be for this, however regardless of that, we must mail abuse reports to a central location. THough this isn't abuse@btcentralplus.com

Acording to abuse.net (using the command "dig btcentralplus.com.contacts.abuse.net TXT"), the address for abuse reports is abuse@btbroadband.com
N/A

too many infected emails

Quote

AVG might be free but it's pretty poor as a virus checker, bin it and get Kaspersky.....checks viruses and trojans..


Or get Nod32, that is even better.

You can get a months free trial from www.esetsoftware.co.uk

PC-Cillin is also pretty good

www.trendmicro.com

Those two are my favourite anti-virus programs, as they are powerful and do not eat up loads of you're computers resources.