What Should I Do Now?

Discussion in 'other security issues & news' started by Rico, Sep 29, 2005.

Thread Status:
Not open for further replies.
  1. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,695
    Location:
    Texas
    Hi All

    Today upon opening MS Outlook, PC-Cillin greeted me with:

    Subj: Returned mail
    Sender: DAEMON@host13.amministra.com
    Virus Name: worm netsky.p

    unable to clean. File was deleted

    This also occured yesterday also, but it came from aol.c o m.

    I'll do another virus scan, after yesterday's virus alert running a full scan came out clean.

    All my defenses are up-to-date.

    Should I contact the sender or ignore?

    Thanks
    rico
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
    Hi rico,

    I would ignore it, since PC-Cillin scanned your incoming email and deleted it due to a network worm presence. Contacting the sender would probably not work, since it was probably emailed from somewhere else and the return address is likely a spoof that will bounce anyway.

    -- Tom
     
  3. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,695
    Location:
    Texas
    Hi Tom & thanks for the comments. I did notify my ISP, & they said the header does not contain all the information required as I forwarded the message to them.

    Thanks again
    rico
     
  4. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,095
    Hi rico,

    When forwarding any email to your ISP it is necessary to capture all of the message text in its raw form first, so if your email has a pull-down menu for viewing the message source, pull it down, hit cntrl-c, launch notepad.exe, and paste the contents of the clip board into the notepad window. When you forward the original email to the ISP then craft a one or two line sentence explaining why you are sending the following message text followed by original email, and paste the entire contents of the notepad file after your introduction, and before the original email - maybe separated by single character line separators. That way your ISP can read the email header which was missing by just sending them the original email via forward button.

    -- Tom
     
  5. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,695
    Location:
    Texas
    Hi Tom, Thanks very much for the excellent advise! Note the tech. support Verizon, advised me to forward the email to there abuse department. The abuse dept. advised me of the problem with the header. I should have known something was amiss when the tech. had to put me on hold to look (approx. 5 min.) to find the correct place to FORWARD the, virys laiden email. Anyway now i know the correct procedure.

    Thanks again
    rico
     
Loading...
Thread Status:
Not open for further replies.