Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | NTL Netguard - file & printer sharing

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Security & Virus Discussion
Reload this Page should I be concerned?
Register FAQ Community Calendar

should I be concerned?
Reply
 
Thread Tools
Old 20-11-2006, 13:40   #1
lauzjp
Inactive
 
lauzjp's Avatar
 
Join Date: Mar 2006
Location: Luton
Age: 48
Services: 5mb 3 mobile broadband, sky, freeview
Posts: 3,007
lauzjp is cast in bronzelauzjp is cast in bronzelauzjp is cast in bronzelauzjp is cast in bronze
lauzjp is cast in bronzelauzjp is cast in bronze
Send a message via MSN to lauzjp
should I be concerned?
I recently received this email

Return-Path: <secur@guierfence.com>
Received: from aamtain10-winn.ispmail.ntl.com ([81.103.221.35])
by mtain02-winn.ispmail.ntl.com with ESMTP
id <20061120133331.MPXS6799.mtain02-winn.ispmail.ntl.com@aamtain10-winn.ispmail.ntl.com>
for <xxxx@ntlworld.com>;
Mon, 20 Nov 2006 13:33:31 +0000
Received: from WINDSOR-18D5535 ([72.248.80.82])
by aamtain10-winn.ispmail.ntl.com with SMTP
id <20061120133323.NGZR26030.aamtain10-winn.ispmail.ntl.com@WINDSOR-18D5535>
for <xxxx@ntlworld.com>;
Mon, 20 Nov 2006 13:33:23 +0000
Received: (qmail 2350 invoked by uid 0); Mon, 20 Nov 2006 08:33:06 -0000)
Received: from unknown (HELO lxjaxxqdd) (192.168.1.72)
by 192.168.1.25 with SMTP; Mon, 20 Nov 2006 08:33:06 -0000
Date: Mon, 20 Nov 2006 08:27:06 -0500
From: secur@guierfence.com
To: lxxxx@ntlworld.com
Subject: Mail server report.
Message-Id: <20061120133323.NGZR26030.aamtain10-winn.ispmail.ntl.com@WINDSOR-18D5535>
X-Antivirus: AVG for E-mail 7.1.409 [268.14.10/541]
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=-----------2EFA56623CF04056
-------------2EFA56623CF04056
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Mail server report.
Our firewall determined the e-mails containing worm copies are being sent from your computer.
Nowadays it happens from many computers, because this is a new virus type (Network Worms).

Using the new bug in the Windows, these viruses infect the computer unnoticeably.
After the penetrating into the computer the virus harvests all the e-mail addresses and sends the copies of itself to these e-mail
addresses
Please install updates for worm elimination and your computer restoring.
Best regards,
Customers support service
-------------2EFA56623CF04056
Content-Type: text/plain; x-avg=cert; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Content-Description: "AVG certification"
Viruses found in the attached files.
The file Update-KB6187-x86.zip: Virus identified I-Worm/Stration. The attach=
ment was moved to the virus vault.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.14.10/541 - Release Date: 11/20/2006
=

-------------2EFA56623CF04056--


What does it mean? Is it for real?

---------- Post added at 13:40 ---------- Previous post was at 13:38 ----------

I just got this one -

Return-Path: <den.wright@tjh.com>
Received: from aamtain06-winn.ispmail.ntl.com ([81.103.221.35])
by mtain02-winn.ispmail.ntl.com with ESMTP
id <20061120133825.NUUG6799.mtain02-winn.ispmail.ntl.com@aamtain06-winn.ispmail.ntl.com>
for <xxxx@ntlworld.com>;
Mon, 20 Nov 2006 13:38:25 +0000
Received: from WINDSOR-18D5535 ([72.248.80.82])
by aamtain06-winn.ispmail.ntl.com with SMTP
id <20061120133817.QYSM24577.aamtain06-winn.ispmail.ntl.com@WINDSOR-18D5535>
for <xxxx@ntlworld.com>;
Mon, 20 Nov 2006 13:38:17 +0000
Received: (qmail 2164 invoked by uid 0); Mon, 20 Nov 2006 08:37:59 -0000)
Received: from unknown (HELO lodenve) (192.168.1.77)
by 192.168.1.25 with SMTP; Mon, 20 Nov 2006 08:37:59 -0000
Date: Mon, 20 Nov 2006 08:27:59 -0500
From: den <den.wright@tjh.com>
To: xxxx@ntlworld.com
Subject: hello
Message-Id: <20061120133817.QYSM24577.aamtain06-winn.ispmail.ntl.com@WINDSOR-18D5535>
X-Antivirus: AVG for E-mail 7.1.409 [268.14.10/541]
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=-----------8CCE63589ED8696C
-------------8CCE63589ED8696C
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Mail transaction failed. Partial message is available.
-------------8CCE63589ED8696C
Content-Type: text/plain; x-avg=cert; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Content-Description: "AVG certification"
Viruses found in the attached files.
The file data.log.scr: Virus identified I-Worm/Stration. The attachment was =
moved to the virus vault.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.14.10/541 - Release Date: 11/20/2006
=

-------------8CCE63589ED8696C--
lauzjp is offline   Reply With Quote
Advertisement
Old 20-11-2006, 13:44   #2
pedantic
Inactive
 
Join Date: Mar 2004
Location: Swinton
Services: O2 standard
Posts: 2,499
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
Send a message via Yahoo to pedantic
Re: should I be concerned?
I would edit your post, if I was you, your email address is clearly visible.

Whether it's real or not, I don't know, maybe a techie can best answer that. Is your AV up to date ? When was the last time you did a full system scan ? Do you use anti spyware programs ? It may be worth doing a full scan.
pedantic is offline   Reply With Quote
Old 20-11-2006, 13:46   #3
zing_deleted
Guest
 
Posts: n/a
Re: should I be concerned?
why are you opening posts anyway? are these people known to you?
Ive had warning like this before and its been a crock of crap your email provider will have been in touch if you had bombed others.
They are trying to send you a virus
  Reply With Quote
Old 20-11-2006, 13:50   #4
Stuart
-
 
Stuart's Avatar
 
Join Date: Jun 2003
Location: Somewhere
Services: Virgin for TV and Internet, BT for phone
Posts: 26,546
Stuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver bling
Stuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver bling
Re: should I be concerned?
Quote:
Originally Posted by pedantic View Post
I would edit your post, if I was you, your email address is clearly visible.

Whether it's real or not, I don't know, maybe a techie can best answer that. Is your AV up to date ? When was the last time you did a full system scan ? Do you use anti spyware programs ? It may be worth doing a full scan.

Done.
Stuart is offline   Reply With Quote
Old 20-11-2006, 13:52   #5
lauzjp
Inactive
 
lauzjp's Avatar
 
Join Date: Mar 2006
Location: Luton
Age: 48
Services: 5mb 3 mobile broadband, sky, freeview
Posts: 3,007
lauzjp is cast in bronzelauzjp is cast in bronzelauzjp is cast in bronzelauzjp is cast in bronze
lauzjp is cast in bronzelauzjp is cast in bronze
Send a message via MSN to lauzjp
Re: should I be concerned?
I'm using outlook express - so the emails are there without me opening them..? AVG ran this morning, all ok. thank you for advice guys.
lauzjp is offline   Reply With Quote
Old 20-11-2006, 13:56   #6
pedantic
Inactive
 
Join Date: Mar 2004
Location: Swinton
Services: O2 standard
Posts: 2,499
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
pedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronzepedantic is cast in bronze
Send a message via Yahoo to pedantic
Re: should I be concerned?
Quote:
Originally Posted by lauzjp View Post
I'm using outlook express - so the emails are there without me opening them..? AVG ran this morning, all ok. thank you for advice guys.
It may be worth doing one of the many online scans, try one of these. Just for extra peace of mind.
pedantic is offline   Reply With Quote
Old 20-11-2006, 13:57   #7
zing_deleted
Guest
 
Posts: n/a
Re: should I be concerned?
I hate pop mail you would be better of doing it webmail imo. But the virus wouldnt have been run so you should be fine
  Reply With Quote
Old 20-11-2006, 15:36   #8
ADd
Inactive
 
ADd's Avatar
 
Join Date: Apr 2006
Location: Land of the free
Posts: 308
ADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond reputeADd has a reputation beyond repute
Re: should I be concerned?
These emails are bogus. Any ISP would send an abuse complaint to NTL - and they would inform you of your compromise - in accordance with their Acceptable Use Policy, this is the protocol for abuse complaints.

As has been said, delete and ignore the spam. More similar emails reported here:

http://www.thenetworkreloaded.com/vi...bcf2a8df8#8514
http://answers.yahoo.com/question/in...7094753AAJMwDc
ADd is offline   Reply With Quote
Old 20-11-2006, 15:40   #9
Stuart
-
 
Stuart's Avatar
 
Join Date: Jun 2003
Location: Somewhere
Services: Virgin for TV and Internet, BT for phone
Posts: 26,546
Stuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver bling
Stuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver blingStuart has a lot of silver bling
Re: should I be concerned?
Quote:
Originally Posted by ADd View Post
These emails are bogus. Any ISP would send an abuse complaint to NTL - and they would inform you of your compromise - in accordance with their Acceptable Use Policy, this is the protocol for abuse complaints.

As has been said, delete and ignore the spam. More similar emails reported here:

http://www.thenetworkreloaded.com/vi...bcf2a8df8#8514
http://answers.yahoo.com/question/in...7094753AAJMwDc
I am pretty sure that NTL also move users that have this problem into a "walled garden" area on the network. Basically, the only sites they get access to are the ones hosting updates.
Stuart is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 05:57.

Contact Us - Service Status - Cable Forum - Archive - Privacy Statement - Terms of Service - Top

Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.
All Posts and Content are © Cable Forum
Copyright © 2025 Cable Forum Hosted On Hetzner Cloud