Results 1 to 13 of 13
  1. #1
    Newbie
    Join Date
    January 18th, 2005
    Posts
    2,694
    I've been getting very strange, blank messages from a former client who uses AOL for the past 2 weeks. The subject title makes no sense and there is always something odd in the From field. If I hadn't checked message options in Outlook I would never have known where they came from. I haven't been able to contact the person directly to ask about the messages. Now I am getting similar messages from an old friend who has AOL; these even have a fake return address.

    There is usually one or two specific but out-of-context words in the message subject that seem to refer to something we've discussed in the past via email.

    I took another look at the last message and noticed the script icon in the corner of it (I've got scripting disabled in Outlook).

    Anyone know what this is?

    thanks!
    {

    [ 08-21-2002: Message edited by: eaglefire ]

  2. #2
    15 years and counting
    Join Date
    January 18th, 2005
    Posts
    6,121
    Unfortunately, I'm getting hundred of these messages every day. The headers are forged. Look like W32 or Klez virus. I'm not an expert and I don't know what to do. They are filling up my mail boxes pretty fast. If anybody knows what to do to avoid receiving that, will be great.

  3. #3
    Content $ Queen Ebudae's Avatar
    Join Date
    January 18th, 2005
    Location
    Texas
    Posts
    2,823
    I am getting them too. Have even gotten them from myself -lol. But when you look close, it is not from who it says. It is useing one of those email alias things.

    Vicki [img]/infopop/emoticons/icon_wink.gif[/img]

  4. #4
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    Sounds like it could be Klez virus. Run your anti virus software and it should pick it up. If you don't have an anti virus program, you can go to Norton's and they have a download just to check for Klez and a fix if you are infected. That's http://www.nortons.com Just run a search for Klez and the link to the downloads are on the virus page. Good luck!

  5. #5
    Newbie
    Join Date
    January 18th, 2005
    Posts
    2,694
    I've got Norton and it runs nightly... problem is the people I am getting these from - Norton isn't going to stop me from getting the messages.. I guess I will have to try to call them and tell them about it. Seems to only be AOL users; there must be an outbreak of Klez on AOL. I don't use AOL except for a test account that I keep around.

    {

  6. #6
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    eagle,

    do you have auto protect turned on with Norton? All my incoming and outgoing emails get scanned at the time they are received or sent, so I know immediately if there's a problem. You can always send one the emails to Norton's SARC for evaluation in case it's something new.

    My brother was getting Klez emails before it was picked up by antivirus software. He has a Mac, so he wasn't infected but thought it was suspicous. He forwarded it to me and Norton's didn't detect it, so I forwarded it to Norton. Same thing when Klez morphed and started the email forging. Sent one of those to them and in about 4 days they started talking about the email forging thing.

    But I've gotten a couple with strange subject lines and no text. Showed clean. Don't know if something is happening with a potential virus, but for some reason the attachments isn't getting hooked to the email.

  7. #7
    Newbie
    Join Date
    January 18th, 2005
    Posts
    2,694
    I just got another from the second person that I'm getting these from - the second one had no script attachment. I can't use auto-protect - AFAIK you've got to have MAPI for that - but I've got everything disabled in Outlook that would enable a script to run.

    So are you saying that you were able to stop receiving the emails with Auto-protect turned on?

    {

  8. #8
    Full Member
    Join Date
    January 18th, 2005
    Posts
    236
    hi
    This virus is a nasty little one. Its has one of the highest infrection rates in the world at this moment in time.

    The worst thing is that your Anti-Virius software may be running but these virus strains delete the virus dat files so that when your virius software scans for any virius it will not find any as it does not have dat file to check from.

    Get the virius checker asap and do exatcly what it says, then get norton anti-virius loaded asap.

    Anyway, thats my 2p worth. GET YOUR SYSTEMS CHECKED NOW!!!!!!!!!!!!!!!!!!!
    http://securityresponse.symantec.com...oval.tool.html

    use the link above.

    regards John

  9. #9
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    John's right, Klez will disable your antivirus software. But I "believe" you have to get infected first. It happened to my sister. I got an email from someone we mutually know, but I knew it wasn't really from that person. By then I knew Klez was forging headers. So I checked the headers and traced it to my sister. I emailed her and told her what to do. Poor thing had been having problems with her computer anyway because of a Gator download. She knew she couldn't get Norton's to open, but didn't know why. So she ran the Klez fix, reinstalled Norton's, did a live update, and ran Adaware. Adaware showed 64 components to delete. But by then I think her registry has been totally screwed and she hasn't been able to get her computer working right since. [img]/infopop/emoticons/icon_frown.gif[/img]

    @eagle-- you still get the emails with autoprotect on but you can set what you want it to do at download. If a virus is detected you can delete, attempt to repair (which never works for me), or have it quarantine the virus part. The safe part of the email is still there. I just quarantine and then go into the quarantine directory through Norton and delete. I don't know about the MAPI thingy. I don't even know what that is. [img]/infopop/emoticons/icon_biggrin.gif[/img] All my accounts are POP accounts if that tells you something and the auto detect works great. You can set it to scan incoming, outgoing, or both. I do both just for extra protect since I send out a lot of business emails. Plus if I was still to catch something and it started sending out emails, I would see that from Norton kicking in.

    I feel like I'm standing nekkid in the middle of a crowd if my antivirus and firewall are not on. [img]/infopop/emoticons/icon_wink.gif[/img] My UPS software makes me disable Norton's whenever it does an upgrade (usually once a week) and it drives me crazy. I have to go and shutdown Outlook and MailWasher because I'm just not going to take a chance. I was getting infected emails at a rate of around 50 a day at one point. Thank goodnes that has stopped.

    eagle be sure you have the latest dat files for Norton. Check to make sure your live update is working. I just went and checked mine. For some reason I'm having a problem getting it to work automatically since I've gotten Windows XP. I just had to do it manually. Task scheduler doesn't seem to be kicking in.

  10. #10
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    @eaglefire

    If you want, you can send me one of the emails and I'll have Norton auto detect it. Just PM me and I'll send you one of my email addresses.

  11. #11
    Newbie
    Join Date
    January 18th, 2005
    Posts
    2,694
    Thanks FreeHouse. I've already deleted the ones I got today. If I get any more I'll PM you and run one over your way to see.

    I'm rather certain I haven't been infected; I've got all scripting disabled in Outlook, I run Symantec Live Update at least once a week, and I do a complete Symantec Virus scan nightly of all files on my system.

    You would have to be infected for the virus to affect your .dat files; if you aren't infected, there is nothing there to change them [img]/infopop/emoticons/icon_smile.gif[/img].

    In the meantime I did download the tool; I'll run that when I reboot just to make certain.

    {

    [ 08-21-2002: Message edited by: eaglefire ]

  12. #12
    Super Sh!t Stirrer SSanf's Avatar
    Join Date
    January 18th, 2005
    Posts
    9,944
    My ISP has a feature where I can go to their site on the net and check my e-mail before I ever download it to my computer. It also scans the e-mail for viruses and deletes viruses from any incoming e-mail. I am able to delete spam and anything I am not interested in before downloading it to my computer.

    It is such a wonderful service. I didn't even know I could do that before I called them about another matter. You all might ask your ISP if they have a similar service. It is wonderful.

  13. #13
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    It doesn't sound like you're infected. I'm curious now about what it might be. Definitely sounds like a virus. Wondering if it is Klez or something new Norton hasn't picked up on yet. I had a Klez email sneak past auto protect once. But my full scan caught the infected attachment. I wasn't infected though, because I hadn't opened it.

    @SSanf: That's a cool feature. I can access my email via browser and on one hosting company set filters at the domain, but neither scans for viruses. That's why I never read email from the web interface.

  14. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. AOL Search Marketplace - Buy Adwords Directly From AOL
    By Trust in forum Search Engine Optimization
    Replies: 3
    Last Post: April 9th, 2007, 06:45 PM
  2. Virus? Can't get to AOL, Google, Paypal...
    By PaulaSmiles in forum Midnight Cafe'
    Replies: 3
    Last Post: March 20th, 2004, 06:44 AM
  3. AOL Time Warner Moves to Eliminate AOL From Name
    By Adam Ward in forum Midnight Cafe'
    Replies: 2
    Last Post: August 11th, 2003, 04:01 PM
  4. AOL spinning off from AOL Time Warner ?
    By Andy Rodriguez in forum Midnight Cafe'
    Replies: 0
    Last Post: May 28th, 2003, 12:35 PM
  5. Another new virus ?
    By Elisac in forum Midnight Cafe'
    Replies: 8
    Last Post: December 10th, 2001, 03:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •