Mail from Symantec ??? with virus

Discussion in 'Software Q&A' started by Choto Cheeta, Sep 20, 2004.

Thread Status:
Not open for further replies.
  1. Choto Cheeta

    Choto Cheeta Rebooting

    Joined:
    Aug 9, 2004
    Messages:
    6,202
    Likes Received:
    15
    Trophy Points:
    0
    Location:
    220.225.82.33
    From past few days i'm getting emails on my yahoomail from support@symantec.com saing that...

    "The sample file you sent contains a new virus version of buppa.k.
    Please update your virus scanner with the attached dat file.

    Best Regards,
    Keria Reynolds"

    but the attach file it self contails virus....... but yahoo online scan dont detects those viruses but my system does....... what is going on......

    what should i do??

    i use NAV04
     
  2. SouvikSinha

    SouvikSinha New Member

    Joined:
    Sep 20, 2004
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Calcutta
    Dear Saurav,
    The mails, which you are getting are not from Symantec at all. Someone else is sending you those mails by faking the Symantec ID. The attachments are virus infected, indeed. Please put the ID support@symantec.com to your block list and never download any attachment from any unknown source.
     
  3. OP
    OP
    Choto Cheeta

    Choto Cheeta Rebooting

    Joined:
    Aug 9, 2004
    Messages:
    6,202
    Likes Received:
    15
    Trophy Points:
    0
    Location:
    220.225.82.33
    well the emails r back again... from this IP 202.141.21.245

    [​IMG]
     
  4. OP
    OP
    Choto Cheeta

    Choto Cheeta Rebooting

    Joined:
    Aug 9, 2004
    Messages:
    6,202
    Likes Received:
    15
    Trophy Points:
    0
    Location:
    220.225.82.33
    guyes... check the IP trace... humm Department of Information Technology..... well as a reciever of this email do i have right to complain... but if i do then whom to complain??
     
  5. icecoolz

    icecoolz Active Member

    Joined:
    Jul 30, 2004
    Messages:
    1,221
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Bangalore
    just ignore them. There is no point in blocking these mails either. As they will appear from different ID's which all will sound extremely credible (such as admin@symantec.com and so on). Just delete them and forget abt it. If you are using yahoo then turn on your junk mail filters. They are very very good.
     
  6. OP
    OP
    Choto Cheeta

    Choto Cheeta Rebooting

    Joined:
    Aug 9, 2004
    Messages:
    6,202
    Likes Received:
    15
    Trophy Points:
    0
    Location:
    220.225.82.33
    which i have did a year back... emails were stoped then... but they r back again... so what about this??

     
  7. Intruder

    Intruder New Member

    Joined:
    Nov 24, 2004
    Messages:
    27
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    bunker
    yes..

    I used to get it long before. delete it as soon as u get
    thats the safe way.
    and dont forget to enmpty trash.
    Cleanup(delete) the quarentine stuff if any

    Do nothin else
    thats the safe way out as Saurav said
     
  8. QwertyManiac

    QwertyManiac Commander in Chief

    Joined:
    Jul 17, 2005
    Messages:
    6,656
    Likes Received:
    10
    Trophy Points:
    0
    Wait i think ur infected file if anny has been autosent by nav to sym, thus the mail...
     
  9. expertno.1

    expertno.1 New Member

    Joined:
    May 16, 2005
    Messages:
    2,480
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Expert Planet
    ????????

    what do you meant ?
     
  10. mariner

    mariner New Member

    Joined:
    Dec 21, 2003
    Messages:
    522
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    mumbai
    dumo it straight !!!!!!!!
     
  11. mariner

    mariner New Member

    Joined:
    Dec 21, 2003
    Messages:
    522
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    mumbai
    dump it straight to the kachra bin !!!!!!!!
     
  12. QwertyManiac

    QwertyManiac Commander in Chief

    Joined:
    Jul 17, 2005
    Messages:
    6,656
    Likes Received:
    10
    Trophy Points:
    0
    Re: ????????

    I meant that sometimes when an unknown virus is detected by NAV or it cant repair then it sends it to SYM for verification and free repair, this has an auto mode too... Thus it reminds again via mail...

    Edit :
    Bout the yahoo non detection, it has NAV 2005 from sym and thus it trusts the SYM server for thier mail wont it ? (backdoor in NAV ?)
     
  13. aadipa

    aadipa New Member

    Joined:
    Feb 12, 2004
    Messages:
    997
    Likes Received:
    2
    Trophy Points:
    0
    Location:
    Palghar, Mumbai
    Norton never sends mail to its users.. These all mails are SPAM and virus itself.
     
  14. sidewinder

    sidewinder New Member

    Joined:
    Jul 24, 2004
    Messages:
    628
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    West Bengal
    Dear Saurav this mail itsellllllf is a virus.just delete it
     
  15. OP
    OP
    Choto Cheeta

    Choto Cheeta Rebooting

    Joined:
    Aug 9, 2004
    Messages:
    6,202
    Likes Received:
    15
    Trophy Points:
    0
    Location:
    220.225.82.33
    @sidewinder the messege u queted... was writen by me a year ago.. so i did deleted them, i did IGGY them... no problem with that...


    but From the IP which i wrote... trace that one.. see where it leads u.. is that a privet Company?? GOV office or ISP... as they r sending that email (may b they anware of it)... so thought notifing them... & also Symantec.... so do one has the right to complain??

    & also can we really call it spam?? as its not advertising some thing.... rather its an attack...

    & yes the NAV of YAHOO cant find that virus....

    well i used to use NAV long time ago... but for previous 10 or 8 months i am useing KAV 5.0.372.... so no question of my system sending some thing to their server....

    r u sure mate... as i see u have a brainiac tag so i am not going to argue with u... but i saw when some one donwloads any Trail product from sysmantec.... he/she gets mail from symantec notifing them about how many days r left.... what will it cost... about new product update... & guess what?? their address is same...
     
  16. selva1966

    selva1966 Member

    Joined:
    Jun 19, 2004
    Messages:
    164
    Likes Received:
    0
    Trophy Points:
    16
    When I was using Norton some months back I did send a virus as attachment to them and also gave my email id. First an acknowledgment was received auto generated then after 1 or 2 day another mail saying that particular virus is not a big problem and advising virus update. So symentec does send email.

    But if you are not using norton someone somewhere is trying to send a virus. After all norton is most popular anti virus so the probability reaching someone who is using norton is more.


    Poor fellows don't know saurav_cheeta is smart and digitized :p :p :p
     
  17. AlienTech

    AlienTech New Member

    Joined:
    Sep 17, 2004
    Messages:
    433
    Likes Received:
    0
    Trophy Points:
    0
    I would use a tracert then notify abuse @ each node I find. Usually I have found that they will reply. If I don't get a reply I will go up each node and no admin wants to get 1000 emails complaining about someone who rents/leases/uses their network is causing problems so they will do something. Especially one of the big ISP's.

    I usually start with the last node itself, usually it is the local ISP from where the virus was sent and he would know who was sending it out and block their access. It is not good to go to regional levels. Then not only that ISP but everyone else sharing those lines might get blocked.

    Now some of these guys think they are big shots, which is why block lists came into being. No one wants to get on a block list. Because then zillions of people who use automatic block-lists will automatically be blocked from their domains. So no one wants to piss off anyone these days.

    I looked at Peer guardian, It blocks over 80% of the internet.
     
  18. aadipa

    aadipa New Member

    Joined:
    Feb 12, 2004
    Messages:
    997
    Likes Received:
    2
    Trophy Points:
    0
    Location:
    Palghar, Mumbai
  19. aadipa

    aadipa New Member

    Joined:
    Feb 12, 2004
    Messages:
    997
    Likes Received:
    2
    Trophy Points:
    0
    Location:
    Palghar, Mumbai
     
  20. OP
    OP
    Choto Cheeta

    Choto Cheeta Rebooting

    Joined:
    Aug 9, 2004
    Messages:
    6,202
    Likes Received:
    15
    Trophy Points:
    0
    Location:
    220.225.82.33
    yup... but that virus has a host... a computer whos owner doesnt know about it... & he/she might have my email address on his/her address list... thats why i was asking u guess for a trace or who is look up... i did by my self & posted that here...

    thats the point.... there r telnet email sending procidure from that u can send an email from any ones address.... thats i know.... so the big question that comes to my mind is how to know...?? the way i know any one can impliment it to send an email with the name of my email..... so how to ID the emails??
     
Thread Status:
Not open for further replies.

Share This Page