Newsobserver.com-Mysterious messages likely virus-related

By ARATI BECHTEL

Q. Lately, I have been receiving returned e-mail messages that I did not send. I do not recognize any of the sender or destination addresses. I contacted Road Runner customer service about this. They said that there are viruses that can disguise their origin by sending e-mail from a random e-mail address found on an infected system. I doubt that these phony “returned messages” are from my system, as I have a hardware firewall and use Norton Antivirus religiously. I doubt that these phony e-mail returns will harm my system, but they are extremely annoying. Is there anything I can do to stop them?

Sid Sidlo, Raleigh

A. Your response sounds about right: annoyed but not worried. Many viruses spread by sending e-mail from an infected computer and using forged e-mail addresses. A virus can send an e-mail that indicates it is from a particular e-mail address, but that address might have been randomly selected from the infected computer’s address book. Sobig.F is an example of a computer worm that propagates this way.

Because you are receiving returned mail from unfamiliar or unknown e-mail addresses, it seems likely that someone you know has an infected computer that is sending e-mail with your e-mail address forged as the return address. This could explain why the e-mail messages are coming to you instead of the true sender. So, your ISP’s tech support gave you solid information.

Unfortunately, there seems to be no simple solution to the problem of virus-borne forged e-mail, though you could help by urging your Windows-using friends to update their anti-virus definitions and run full virus scans on their computers. Also, continue your diligence in protecting your own computer.

As for what to do about the returned e-mail, you can simply delete it and forget about it, which is what I do. Or you could set up an e-mail filter to check for those messages and move them to a folder so that they don’t clog up your inbox.

Q. When I try to open the newsletter from our country club, available via the country club’s Web site, I get the message, “Provides unsafe information to an ActiveX control. Current security settings prohibit running controls in this manner. Page may not display correctly.” I have Acrobat Reader 5.0 installed, and that should bring up this page. Please help.

Carol Yentsch, Pine Knoll Shores

A. ActiveX is a Microsoft programming language primarily for the Web, explains Jason Kleiman, a consultant with Work Smart, an IT support and consulting company in Durham.

Adobe Acrobat Reader uses an ActiveX program to launch Reader from a Web page that contains a PDF. A PDF is a Portable Document File, which is the file format of Adobe Acrobat documents such as the newsletter you want to read. If your Internet Explorer security settings prevent this ActiveX program from running, Reader will be unable to work correctly, Kleiman says.

You can change your security settings in Internet Explorer 6 by clicking on the Tools Menu, choosing Internet Options and selecting the Security tab.

From here, you can change your security level for the Internet, say, from High to Medium by moving the slider bar at the bottom of the dialog box.

You can also view specific ActiveX settings if you click on the “Custom Level” button on the Security tab. Here, you can change various settings to allow ActiveX to run, Kleiman says. However, he says, if your overall security settings for the Internet are at the Medium level, you shouldn’t need to do anything else; Reader should work properly, unless other settings have been changed at some point.

If adjusting your security settings doesn’t help, you might have a more complex underlying problem, Kleiman says. There could be, for instance, a problem with the Acrobat Reader installation. To address this, you could try uninstalling Reader 5.0 and downloading and installing the free Adobe Reader 6.0 from Adobe’s Web site,
www.adobe.com. This should solve any installation problems.