I've been getting some e-mails that are a little odd and I'm wondering if there is anyway I can find out where they are coming from - with respect to location, (i.e. UK or US). Does anyone know how to find this out? I use talk21.com and Yahoo.com if that makes any difference. Thanks

Look at the header information on them and run a whois/traceroute etc on the sender's IP.

They don't have a .pif file or a .zip file attached to them to they? Don't open the file! I've been getting some dodgy ones like that, apparently it's a strain of the Netsky virus.

Funny you should post this....

I have had a load of Emails lately with virus's.... subject heading Re: Thanks and things simple like that.....

Luckily they are scanned prior to delivery, we have good security on the puter...... so no harm done......

Haven't had this many ever..........

???????????? coincidence?????????????????

I had a spate of them on talk21 a while back, and at least one of them had a nasty attached to it that even Norton Anti Virus couldn't spot.

I ended up having to completely rebuild my PC.

After that I stopped using the Talk21 POP servers and only use the online viewer. I NEVER open an attachment now unless I know exactly what it is...

DaveC and Honeymommy: Yes there are sometimes attachments and I never open them. I too have subjects like 're: thanks for your e-mail' and 're:urgent' I'm sure they start them off with 're' so it looks like I e-mailed them first... very sneaky!

Ulujain... I have no idea how to run a whois/traceroute... can you help me out?

Thanks guys

The IP address is the address for the specific computer you're getting the emails from.

To get the IP address if you're using Outlook right click on the email and look for properties. The IP addy will be a series of numbers. Then copy and paste the numbers into a prog like this one...

http://www.networldmap.com/TryIt.htm

If you're using web based mail just look at the header info. Remember to run a virus scan and update your definitions.

Never heard of a virus destroying a whole computer before.

Use full headers view or whatever Outlook Express offers. You'll see a bunch of stuff that may look like this:

Return-path: <[email protected]>
Envelope-to: [email protected]
Delivery-date: Thu, 22 Apr 2004 20:01:44 -0400
Received: from ulujain by mecca.myhostdns.com with local-bsmtp (Exim 4.24)
id 1BGo8W-0005Vk-7s
for [email protected]; Thu, 22 Apr 2004 20:01:44 -0400
Received: from [66.163.170.83] (helo=smtp813.mail.sc5.yahoo.com)
by mecca.myhostdns.com with smtp (Exim 4.24)
id 1BGo8V-0005Vd-W4
for [email protected]; Thu, 22 Apr 2004 20:01:44 -0400
Received: from unknown (HELO KHHK) ([email protected]@68.75.30.241 with login)
by smtp813.mail.sc5.yahoo.com with SMTP; 22 Apr 2004 23:57:37 -0000
Message-ID: <000701c428c5$ab12f070$6de3fea9@KHHK>

See the bit in bold? That's what to look for.
Then go to http://www.whois.sc and enter that number to find out the iowner of the IP block. The whois info should return an abusae address. Forward the entire email to that abuse address.

Hope this helps!

I receive about 50% bogus/virus emails as described above, this started about 3months ago when I moved to the US. This is on an email addy that I use on 5 forums and for personal stuff like emailing friends.. I use a different one for registering things and the like.... I have now been informed that spyware basically distribites your email addy from peoples addressbooks, from messenger lists, from anything it can find. Personally I use a spybot (ultimategeek) which find all immediately tho you do have to pay. Others may not and I'm guessing this is where the problem came from; someone elses machine being accessed without them knowing.

Once you're on the lists, you on for life.... when my spam/virus level reaches more than 60% I'll simply change email addy... its a problem with most email addys these days. My Hotmail account is 90% spam but I only use that one for messenger.

The return path is 99% bogus too BTW.

Nah, it didn't burst into flames or anything, I just meant my hard disk, reinstalling the operating system etc. It didn't matter how many fixes and anti virus checks I ran, it still couldn't shift the problem.

So it was time for a low level format....

Interesting you say that, since moving to States I have same problem with several sendings of the Netsky viruses everyday, I actually don't get the e-mails my server stops them and sends me a message to let me know about it, very luck I would say or I would be mega infected!!!
Suzie

Whats a good one to use to check for spyware and where do you get it. I would like to check my computer for spyware as my paranoia level has been well up lately!

While we're on this subject of tracing e-mails.... I have a French friend that has been living in the UK for many years now but she e-mailed me the other day and I can't tell if it is from the UK or France. I wanted to visit her but I don't know where she is. I know the simple way to find out is to ask her but I only get occasional e-mails as she is traumatised and beside herself trying to cope with her toddler whos is terminally ill. I really wanted to see her and the little one before I left the UK as it has been a few months since I last went to her house. They were having treatment at Great Ormond St but things have become too advanced and I suspect they may have gone back to France to be with family.... it's terribly terribly heartbreaking.
Can anyone tell me if there is a way to see which country she was in when she last wrote to me? - I suspect it is France which would make it really hard to accept that I won't be able to see them.
Thanks everyone.

Spybot is very good for keeping spyware out or removing it.

On the subject of Netsky/Sasser etc. There is a free download at McAfee's website called Stinger.exe which will remove about 40 current infections. I downloaded it on a clean PC, burned it to a CD and used it to clean out a Sasser infection from a friend's PC yesterday. Worked like a dream.

Stinger from McAfee

Spybot download