Sober/Beagle infection and Outlook Spam problem

  • Thread starter Thread starter Tom Jubb
  • Start date Start date
T

Tom Jubb

I am working on a friends laptop after reports of huge amounts of
incoming spam. I have confirmed that this machine was infected with
the w32.Beagle.Cl@mm and W32.Sober.X@mm viruses. They have both been
cleaned with Norton AntiVirus and I have confirmed this by looking for
the registry keys these add and they are no longer there. Here's where
my question comes in. When I check this persons email with Outlook
2003 I get huge amounts of spam coming in to the inbox. After it
downloads 200 or so messages with the bulk of them identical, I then do
another send/recieve and it starts to download 162 new junk messages
with just about all of them the same identical message. I have
confirmed that this behaviour DOES NOT ocurr on another unifected
machine. So it's not pulling these multiple identical junk messages
from their usual SMTP server. It's as if it's coming from another mail
server that I can't identify.

Can anyone shed any light on what is going on here?
BTW, I've also run CA Pest Patrol and it cleaned up 50 or so spyware
modules.

Thanks,
Tom
 
(e-mail address removed) AKA Tom Jubb on 1/26/2006 in
I am working on a friends laptop after reports of huge amounts of
incoming spam. I have confirmed that this machine was infected with
the w32.Beagle.Cl@mm and W32.Sober.X@mm viruses. They have both been
cleaned with Norton AntiVirus and I have confirmed this by looking for
the registry keys these add and they are no longer there. Here's
where my question comes in. When I check this persons email with
Outlook 2003 I get huge amounts of spam coming in to the inbox.
After it downloads 200 or so messages with the bulk of them
identical, I then do another send/recieve and it starts to download
162 new junk messages with just about all of them the same identical
message. I have confirmed that this behaviour DOES NOT ocurr on
another unifected machine. So it's not pulling these multiple
identical junk messages from their usual SMTP server. It's as if
it's coming from another mail server that I can't identify.

Can anyone shed any light on what is going on here?
BTW, I've also run CA Pest Patrol and it cleaned up 50 or so spyware
modules.

Thanks,
Tom
Click to expand...

Before going any further,you should make backups of any important files.
Next go through all instructions here to make sure the system is clean-
Virus Removal Instructions: http://home.neo.rr.com/manna4u/

max
--
Keeping Windows Clean: http://home.neo.rr.com/manna4u/keepingclean.html
Windows Help: http://home.neo.rr.com/manna4u/tools.html
Specific Fixes: http://home.neo.rr.com/manna4u/fixes.html
Forums for HiJackThis Logs:
http://home.neo.rr.com/manna4u/forums_for_hijackthis_logs.html
To reply by e-mail change nomail.afraid.org to gmail.com
nomail.afraid.org is setup specifically for use in USENET
feel free to use it yourself. Registered Linux User #393236
 
I am working on a friends laptop after reports of huge amounts of
incoming spam. I have confirmed that this machine was infected with
the w32.Beagle.Cl@mm and W32.Sober.X@mm viruses. They have both been
cleaned with Norton AntiVirus and I have confirmed this by looking for
the registry keys these add and they are no longer there. Here's where
my question comes in. When I check this persons email with Outlook
2003 I get huge amounts of spam coming in to the inbox. After it
downloads 200 or so messages with the bulk of them identical, I then do
another send/recieve and it starts to download 162 new junk messages
with just about all of them the same identical message. I have
confirmed that this behaviour DOES NOT ocurr on another unifected
machine. So it's not pulling these multiple identical junk messages
from their usual SMTP server. It's as if it's coming from another mail
server that I can't identify.

Can anyone shed any light on what is going on here?
BTW, I've also run CA Pest Patrol and it cleaned up 50 or so spyware
modules.
Click to expand...

Is there a Web front-end to your friend's e-mail? This would give you a more
direct look into what's really in the inbox. If the inbox is only a few
messages ... well, how they [spammers] can pull this off, I don't know.
 
Back
Top