I have a server set up remotely in another part of the country, with windows 2000 on it. It has a mail server, and I have been getting very strange e-mail messages from others who use my server (which they don't send) and they have been getting strange messages from my account (which I don't send). Also, I get messages from the internet that are strange from similar addresses. They are all e-mails that the Klez virus sends out. Here is one I just got a little over 2 hours ago:
--
SUBJECT: Undeliverable mail--"21 Mar 1999 06"
BODY:
The following mail can't be sent to wabbytwax@netscape.net:
From: my address
To: wabbytwax@netscape.net
Subject: 21 Mar 1999 06
The attachment is the original mail
--
I also have been getting other messages over the last month or two, with subjects such as:
Questionnaire (from an AOL address, blank body)
Some questions (from a different AOL address, blank body)
DownloadsAllUpInYerFace() (same)
Visibility (this is from the same addressed referenced in the first message, wabbytwax@netscape.net)
Worm Klez.E immunity (another known klez e-mail, from aol address)
W32.Klez.E removal tools (same)
--- and others that come from other people on my server that they didn't send, and from my server's administrator account.
I have tried running 2 norton klez removal programs (downloaded directly from symantec.com), and they don't find it. I have tried McAfee's command line scanner (renamed, so Klez won't stop it) with the newest virus DAT files, and it doesn't detect it. Same with our current version of Norton we already had installed, though Klez is known to mess that up.
I also notice that some people on our server, such as myself, get these strange klez e-mails frequently, while others have yet to get one.
Also, I only use our web based e-mail program to check my server mail, so I don't think I'm infected and sending out these e-mails (2 standalone Klez cleaners don't detect Klez on my computer either).
Please post any ideas here! Help would be greatly appreciated, I can not think of what else to try. I can not get into safe mode remotely. Thanks!
--
SUBJECT: Undeliverable mail--"21 Mar 1999 06"
BODY:
The following mail can't be sent to wabbytwax@netscape.net:
From: my address
To: wabbytwax@netscape.net
Subject: 21 Mar 1999 06
The attachment is the original mail
--
I also have been getting other messages over the last month or two, with subjects such as:
Questionnaire (from an AOL address, blank body)
Some questions (from a different AOL address, blank body)
DownloadsAllUpInYerFace() (same)
Visibility (this is from the same addressed referenced in the first message, wabbytwax@netscape.net)
Worm Klez.E immunity (another known klez e-mail, from aol address)
W32.Klez.E removal tools (same)
--- and others that come from other people on my server that they didn't send, and from my server's administrator account.
I have tried running 2 norton klez removal programs (downloaded directly from symantec.com), and they don't find it. I have tried McAfee's command line scanner (renamed, so Klez won't stop it) with the newest virus DAT files, and it doesn't detect it. Same with our current version of Norton we already had installed, though Klez is known to mess that up.
I also notice that some people on our server, such as myself, get these strange klez e-mails frequently, while others have yet to get one.
Also, I only use our web based e-mail program to check my server mail, so I don't think I'm infected and sending out these e-mails (2 standalone Klez cleaners don't detect Klez on my computer either).
Please post any ideas here! Help would be greatly appreciated, I can not think of what else to try. I can not get into safe mode remotely. Thanks!
