Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 6 subscribers
  • Views 2546 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to find the email a threat is coming from?

wirth

An friend of mine has been getting a couple of threat notifications from Sophos Anti-Virus with the text "Virus/Spyware Troj-Redir-T has been detected and listed in Quarantine Manager". Obviously somebody is sending her this virus again and again. The threat seems to be in an attachment by the name FullDetails.html but she has no idea with which emails these attachments are being sent to her. She has no emails with such an attachment - possibly because Anti-Virus removed the attachment from such emails.

Is there a possibility to find out the exact email that contains the threat?

If not - why not? Are there possibly other products (whether from Sophos or a different company) that would be more specific about the origin of such a threat?

Thanks for your help.

:1010968


This thread was automatically locked due to age.
Parents
  • 0

    Hello Christian,

    Thanks for your reply. Sophos Anti-Virus reported a threat within a file FullDetails.html, said the file is in the "Quarantine Manager" and pointed to a location very deep within the Mail folder within the user's Library folder. However, there is no email with such an attachment. There is even no email at all with any attachment on the day in question. That's why I am asking how to find the email that this threat was coming with originally, and I assumed - obviously incorrectly - that Sophos Anti-Virus had moved the file from the email to some "safe" place.

    You write: "As for "identifying" the email - what might it help?" A lot. I could write the person who has sent me this email and let the person know that his or her computer seems to be infected or hijacked by some malware and is sending out viruses to other people.

    So the question now is more: Why is there no email with an attachment FullDetails.html if Sophos Anti-Virus reports such a threat?

    Greetings - desertman

    :1011058
Reply
  • 0

    Hello Christian,

    Thanks for your reply. Sophos Anti-Virus reported a threat within a file FullDetails.html, said the file is in the "Quarantine Manager" and pointed to a location very deep within the Mail folder within the user's Library folder. However, there is no email with such an attachment. There is even no email at all with any attachment on the day in question. That's why I am asking how to find the email that this threat was coming with originally, and I assumed - obviously incorrectly - that Sophos Anti-Virus had moved the file from the email to some "safe" place.

    You write: "As for "identifying" the email - what might it help?" A lot. I could write the person who has sent me this email and let the person know that his or her computer seems to be infected or hijacked by some malware and is sending out viruses to other people.

    So the question now is more: Why is there no email with an attachment FullDetails.html if Sophos Anti-Virus reports such a threat?

    Greetings - desertman

    :1011058
Children
No Data