If you received a Virus say the Klez or worm as it is, what would happen if you just forwarded it back to sender. theoredically speaking? or is that not possable? just wondering becouse i got an attatchment this morning and Norton nailed it and quarentined it so i ran a virus scan any way just to make sure, didn't come up with nothing so i deleted it. just wondering if there was any way of sending it back to the A$# Hole? Or would I just be wasteing my time. this was a phases.bat by the way it came out of japan, I can say never even had a problem with someone sending a virus until i got AIM I have had surfing viruses but nothing like this. I believe the reason for this is when i got AIM a few Lady's sent there info and wanted to chat and I blocked them, don't care much for preditors I (know it was porn people).

------------------
YODA74@windows-sucks.com
CCMR (http://www.dreamwater.net/tech/yoda74/index.html)

PUSH TO TEST. RELEASE TO DETONATE.
[Closed captioned for the thinking impaired.]

Yoda, the more recent versions of Klez hides the real sender by impersonating an address in the infected PC's address book. You can still find out by using advanced header features (how depends on what program you are using).

Last week I received two strange emails. One, from "Tommy", who asked me to re-send a message that I never sent, even though my email address was displayed in the From line when he "replied" to it. Later we found that the message Tommy received was infected with Klez. It did not infect him because he was using a plain-text-only web-based email interface.

Another message, infected by Klez, appeared to come from yet another person I know, "Janese". Because I was also using a web based email interface at the time the virus did not run and the message appeared blank, even though it was supposed to be 133KB in size.

After doing a lot of searching on the web I found out about the impersonation feature of Klez and went back to investigate the infected message from Janese. Both the one that came TO me infected, from Janese, and the one that appeared to come FROM me to Tommy actually came from another person, Michael whose PC is infected with Klez.

If Tommy had, out of annoyance, sent me an infected message on purpose we would have both been mad at the wrong person. Same thing if I had purposely sent Janese an infected message. Of those involved, I was the only one to take the time to research Klez (didn't know what it was for a while) and the only one savvy enough to check the advanced header info.

If you get mad at someone for negligence in virus protection, just make sure that it is the right person.

Sorry, the infected message was 33KB, not 133KB.

Yoda

A few years ago I was plagued with spamers ,
I acquired an image (Animated Gif) that I would attach to the spam and send back to them.
In all but 1 or 2 the e-mail was sent back as undeliverable (Wouldn’t accept attachments )
Or the senders address was no good. ( Out Bound Only)
So I started embedding the file into the reply.

The skull and cross bones would graphically salute them if viewed
With a text line across the bottom telling them “Your Spam Sucks.”

It had No effect on the amount of spam I was getting But I did feel better after the reply was sent.

Replying to a twit who didn’t like your blocking them in AIM will simply tell them they have the correct working E-mail address
If Like Most other spamers they sell their mail list you may just be opening your self up to even more of the same..

In the case of a quarantined file.
You would have to remove the file from nortons quarantine. ( Bad idea if it is a virus)
Then reply and set it to return the file attachment also.

IMHO.
Delete everything from them.
add them to the block filter of your e-mail program and Move on.

Eutychus,
I have recieved an e-mail in the pastr that there appeared to be nothing there as well and no attachment either. Hopefully I do not have the virus and I'm running 2 good anti's so I should http://www.PCGuide.com/ubb/rolleyes.gif be OK.

But you mention the advanced header info. Can you elaborate a little more on that from a 'numb-er than a pounded thumbs' point of view http://www.PCGuide.com/ubb/frown.gif so I have a slight chance of understanding?

This is a first, I'm reading a reply from Rick while replying but it wasn't there when I hit the reply button. I guess stranger things have happened...

------------------
This space for George Carlin quotes:

You never really learn to swear until you learn to drive.

(He should broaden that to pc's.)

That is an easy one to answer.
Between the time you opened the post to start reading it and the time you clicked reply
I posted My reply.
So when the thread reloaded in your browser My message was inserted http://www.PCGuide.com/ubb/biggrin.gif

It was just a thought, http://www.PCGuide.com/ubb/biggrin.gif But gotcha, will leave perpatrator alone and block e- mail. (for now)! guess I'll have to tighten up a little more. http://www.PCGuide.com/ubb/wink.gif HE HE HE We having fun yet!

------------------
YODA74@windows-sucks.com
CCMR (http://www.dreamwater.net/tech/yoda74/index.html)

PUSH TO TEST. RELEASE TO DETONATE.
[Closed captioned for the thinking impaired.]

One other thing to consider...once you do find out who actually sent the virus, what good would it do to send it back when the sender is already infected??? Kind of like sneezing toward a person who already has the flu...

Who asked about advanced headers? Oh, Ted...

OK..if you're using OE, just right click on the message in the message list, (right hand pane) and click Properties, then Details. That will show you the full headers, instead of just the To:, From: and Subject: lines that show by default. If you wish to forward spam complaints or virus notices to the originating ISP, copy and paste the full headers into the forwarded message.

Usually I receive viruses rather frequently, a gazillion spammers have my email address, so every time one of them manages to get hit by the newest virus I receive several copies of it. (12 copies of Klez at last count, from all over Europe and Asia) I usually forward a notice concerning the virus to the originating ISP, using the full headers to find out where it came from, and also copy and paste the headers into the message. That allows the ISP to investigate the problem and trace exactly where the email came from, mainly by using the IP addresses and Message ID included in the headers.

Most ISPs should inform their customers if they discover that a virus has been sent using their servers, since it poses a major threat to their servers as well.

With web based email you'll have to check the website, I set Yahoo to show full headers long ago. They may list it as details or detailed information...no telling, you'll have to do some reading in their instructions or help pages.

If you use Netscape maybe someone who uses it can pop in and help, I don't use it.

------------------
If your nose runs and your feet smell...
You're built upside down!
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.dreamwater.com/paleopete/computer.htm) has been moved, please update your bookmarks.