How can I detect a virus source.


B

Baal

I have clearly pissed someone off on ebay. They have sent an email with a
virus attachment from a fictitious email address. How can I determine the
real source?

My email address is false (damn robots) , please post any helpful info.

K
 
Ad

Advertisements

F

Frederic Bonroy

Baal said:
I have clearly pissed someone off on ebay. They have sent an email with a
virus attachment from a fictitious email address.
Hmmm? What makes you think that it has anything to do with Ebay? Maybe
you pissed them off somewhere else. ;-) No, seriously, viruses spread
without reason, and most people aren't aware that their computers are
sending out the beasts. Many of us receive tons of viruses every day.
How can I determine the real source?
You can't. You can try to determine their ISP by looking at the IP
address in the headers, and then inform the ISP that one of their
customers is possibly infected by a virus.
 
B

Baal

Frederic,

It was sent to an email address not known or disclosed widely.

If I sent you the header, could you help?

--
I smile and go off waving
(Amiably) - for that's my way

Baal
(e-mail address removed)
http://www.helden.co.uk
 
F

Frederic Bonroy

Baal said:
It was sent to an email address not known or disclosed widely.

If I sent you the header, could you help?
Sure, but you can also simply post all lines starting with "Received:"
and blank any information you deem unfit for being posted here.
 
G

GSV Three Minds in a Can

from the wonderful person Baal said:
I have clearly pissed someone off on ebay. They have sent an email with a
virus attachment from a fictitious email address. How can I determine the
real source?

My email address is false (damn robots) , please post any helpful info.
Stick the raw text of the email into www.spamcop.net (although if
spamcop thinks it is a virus you'll have to report it manually).
 
Ad

Advertisements

B

Baal

Oh it's a virus alright. I just want to find the geezer who sent it. The
email address has never been put out on Usenet and to very few email
contacts.

--
I smile and go off waving
(Amiably) - for that's my way

Baal
(e-mail address removed)
http://www.helden.co.uk
 
G

GSV Three Minds in a Can

from the wonderful person Baal said:
Oh it's a virus alright. I just want to find the geezer who sent it. The
email address has never been put out on Usenet and to very few email
contacts.
That wasn't my point - spamcop.net is very efficient at decoding headers
and identifying where abuse messages should go, but if it detects the
message you asked it about was a virus, it refuses to actually send a
'spam' report .. however it has done all the hard work necessary for you
to send a manual complaint. You do have to register (free) to use the
service, but for most people if it was easier than learning how to
decode headers and ramble through whois databases and suchlike.
 
W

wb

Baal said:
I have clearly pissed someone off on ebay. They have sent an email with a
virus attachment from a fictitious email address. How can I determine the
real source?

My email address is false (damn robots) , please post any helpful info.

K
What makes you think they targeted you?

What makes you think the person even knows they're infected?

You make it sound like a virus is an isolated thing, that occurs only on
purpose. They're all over the newsgroups, just click on any scr file of
britany, augellera, my sister eats cum or any other slop. I don't like it
that you, or anyone else gets infected, but directing energy towards why, is
wasteful. The energy is better used to figure out what this means, and act
accordingly - Once burned, twice shy. Put up a fence, plug any holes, and
in case something gets through, a good clean up program...

a little wet behindzzzzzz the ears?

wb
 
M

me

Baal said:
Oh it's a virus alright. I just want to find the geezer who sent it. The
email address has never been put out on Usenet and to very few email
contacts.
1. What AV says it's a virus?
2. In re "very few email contacts": it takes just one infected
PC from the "very few" toget your address compromised.

BTW, the email might have been sent w/o the "geezer"'s
knowledge.

J
 
B

Baal

Not wet behind the ears. I use AV software and Firewall, which blocks stuff
every day.

--
I smile and go off waving
(Amiably) - for that's my way

Baal
(e-mail address removed)
http://www.helden.co.uk
 
Ad

Advertisements

G

GSV Three Minds in a Can

from the wonderful person Baal said:
Not wet behind the ears. I use AV software and Firewall, which blocks stuff
every day.
Wet enough to put your .sig and .sigsep in front of everything you are
replying to, which makes most RFC compliant newsreaders treat it =all=
as .sig and drop it.

8<,
 
G

GSV Three Minds in a Can

from the wonderful person Baal said:
Yawn! Thanks for yet another useful answer.
Well if you continue to top post, and top-sig too, there isn't much
point trying to talk to you, so welcome to my killfile then.
 
Ad

Advertisements

F

FromTheRafters

1. What AV says it's a virus?
2. In re "very few email contacts": it takes just one infected
PC from the "very few" toget your address compromised.
To the OP

In addition to this, an e-mail address can be guessed at by a
spammer (even if it has never ever been used), and a spam
landing on a worm infested machine can have the address
harvested from there. A worm need not care overmuch about
an address being valid. Some worms even do the guessing
themselves.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Top