1. Home
  2. ✈ RC aircraft models
  3. "C. O. Jones spreading "W32/Netsky.c.eml!exe" virus??

"C. O. Jones spreading "W32/Netsky.c.eml!exe" virus??

I just received this virus notice from my ISP.... This appears to have been sent from the bogus email address of the NG troll known as "C.O. Jones".. I've had no contact with him, to my knowledge, nor do I desire any... It kinda shows that in addition to not knowing much about RC, he's not too swift at computer use, either.

Whether or not he knows it, he's transmitting a virus. Regulars, be advised.....

=========================== The notice from my ISP:

An email was sent to you that we have identified as containing a virus. Below find the details of the infected message:

From: snipped-for-privacy@yougotit.com Date: Thu, 1 Jul 2004 14:36:29 -0400 Virus Name: W32/Netsky.c.eml!exe Infected Attachments:

To protect you from destructive Internet viruses, your Cox High Speed Internet service now includes a free anti-virus security enhancement. This security enhancement detects and prevents the delivery of most viruses transmitted via email so that your personal computers will not be harmed.

This is an auto-generated message. Please do not reply. Please note that Cox does not read the content (text) of your email messages. This security enhancement only detects known viruses.

This anti-virus security enhancement of your Cox High Speed Internet service is applied when your email comes through our email servers and is intended to provide protection against most identified viruses transmitted via email. In order to complete your anti-virus protection, it is recommend that you install and use PC-based anti-virus software on your PC; this will protect you from viruses transmitted through Web sites, Internet downloads, and via diskettes, portable drives, etc. Cox High Speed Internet's email anti-virus security enhancement will not prevent downloading of virus-infected files, nor will it remove viruses already present on your computer.

Sincerely,

The Cox High Speed Internet Team ==================================

Cheers,

Bill

Reply to
Bill Fulmer
Loading thread data ...

Well isn't that interesting! Why would Cox call a WORM a virus? Then again, when using my legit address in normal e-mail, why hasn't Cox notified me of this issue? And why doesn't Norton show a specific worm called, W32/Netsky.c.eml!exe? Norton does list quite a few in the w32 category. The closest I found was a w32.netsky.c which is covered by the signatures from early February. Gee! I have the signatures from yesterday, 30 June. Think I'm covered? And I do a full system scan every week. Not to mention the protection I get from my ISP and my firewalls! My system did identify and block W32.Beagle.J@mm on 3/30/2004. It tried to sneak in with an e-mail attachment.

Think maybe someone else could be using my bogus address?

Think maybe someone else has the worm and it's using my bogus address which it got from someone else's hard drive? Oh yeah! These worms search documents on hard drives for e-mail addresses.

Think maybe I know more about this than even Fulmer can imagine? I'm sure I do! And if not, my neighbor is a CISSP who does this for a living. I'm certain he knows more than Fulmer and he said I'm fine!

Nice try Fulmer but, you need to figure out another ploy!

Reply to
C.O.Jones

your email address has probably been spoofed. I would recommend changing your password to something a bit more difficult to crack. That and virus scanning is no longer enough. I would also recommend that you download Spybot Searchand Destroy along with Lavasoft's Adaware. These 2 used together can help keep you free from browser hijackers that can give someone the ability to spoof your email. These can be activated by simply going to an innocent looking web page after a web search.

My hotmail account as well as my government account have both been spoofed. A changed password has cleared the hotmail account and the LAN folks where I work have cleared several computers there as well. ANYONE can spread a virus or worm or trojan or whatever you want to call it and not know about it until this happens.

Reply to
Black Cloud

Get BHODemon as well.

WTH

Reply to
WTH

In news:6P0Fc.230$pY2.183@lakeread01, C.O.Jones pecked:

The message appears to be legitimate. It's the standard Cox message I've received before.

The OP needs to realize that such worms are RARELY transmitted from the address named. The worm has infected a computer that has Jones' email address in its address book. It then uses its own SMTP mailer and sends itself as if from persons in the address book.

-- Dave Thompson

Reply to
Dave Thompson

All good advice. Problem is, I already have and use Spybot S&D as well as Adaware. Scans last night showed nothing unusual. Second, that address I post is a bogus address which is used ONLY for this NG. So I have to ask why no one else here has seen it from me?

I believe it was harvested from here by someone who is using it for less than honorable reasons. Perhaps to send spam my way, sign me up for things or whatever. I suspect too the culprit is a regular poster.

I've e-mailed cox to see what additional info they can provide me. Then turn it all over to my neighbor and let him play with it. That's what he does for a living and I'm confident he's as good as anyone.

BTW, just as a precaution my account password has indeed been changed.

Chuck

Reply to
C.O.Jones

My thoughts exactly!

Chuck

Reply to
C.O.Jones

Which would beg the question: Who here would have Jones in their contacts list?

Reply to
Paul McIntosh

Probably the same bunch who claim to be ignoring me.......................but don't!

Know anyone like that Paul?

Reply to
C.O.Jones

PolyTech Forum website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.