Unstoppable mail spam

0

Few days ago, my friend mailed me. I noticed that the last message, coming again and again. The content of message is something like that:

same message + line break + right after line break attached spam message

He said that not only I receiving this messages. Everyone receiving content that I explained above.

His OS: Win 7 X64

E-mail client: Outlook 2007

Then I decided that, may be it is windows virus or something like that, which uses outlook to send message. Connected to his desktop remotely, uninstalled old antivirus and installed Norton 360. Then updated database signatures. It found some tracking cookies , but nothing else.

The messages are still coming with random delay. I have no idea how to stop them. One thing that I didn't try yet is: to uninstall office 2007 and install office 2010. Will try today. Any suggestions?

Tural Ali

Posted 2012-01-05T13:19:10.033

Reputation: 1 893

2Check the email headers and see where they are coming from. Also check the timestamps to see if it's actually being sent over and over, or just re-delivered over and over. – Ƭᴇcʜιᴇ007 – 2012-01-05T13:41:52.070

@techie007 http://pastie.org/3131239 here is 2 continuous emails headers. First one is older. my email (receiver) mail@tural.us , and sender's info@fulal.com

– Tural Ali – 2012-01-05T13:59:35.473

@techie007 also, timestamps are same – Tural Ali – 2012-01-05T14:05:16.260

Change the account information for the email account being used. Your friend IS infected with Malware. – Ramhound – 2012-01-05T14:10:42.843

@Ramhound then why norton can't catch this malware? – Tural Ali – 2012-01-05T14:18:12.153

@TuralTeyyuboglu - Norton isn't designed to find Malware, and any malware it can be found is often no longer used, this is the case for the major anti-virus vendors. You need software designed to detect malware ( which behave different then a virus ). Its also possible Norton is just not aware of the signature in question. – Ramhound – 2012-01-05T15:32:01.510

@Ramhound ok then I will install malware bytes and Norton side by side. – Tural Ali – 2012-01-05T15:45:14.817

Answers

1

You're looking at the wrong machine.

It's clear from the Received: headers in the messages that mail.fulal.com is sending the same message over and over to n1nlvphout01.shr.prod.ams1.secureserver.net. Talk to the appropriate postmaster for the former machine.

JdeBP

Posted 2012-01-05T13:19:10.033

Reputation: 23 855

please explain a bit more. I didn't understand well. – Tural Ali – 2012-01-05T19:31:56.983

Asked: 2012-01-05T13:19:10.033

Viewed: 221 times

Active: 2012-01-05T18:58:47.287