TB! & AVG woes; MAJOR!....HELP!!!

  • 7 Replies
  • 4017 Views
*

Offline Angel

  • Noctule
  • **
  • 25
    • http://www.angelsempire.com
TB! & AVG woes; MAJOR!....HELP!!!
« on: November 05, 2002, 04:04:04 PM »
Hi all,

I use the AVG plugin for use with TB!. I don't know if this is an AVG thing or a TB! thing but...

For some reason, whenever AVG catches virus-riddled mails (usually the klez virus) and sticks them in quarantine I seem to get wads of "undeliverable mail" notifications and "bounced" notifications BACK TO ME saying I SENT virii emails! This only happens when I get something tossed into quaratine. Usually, it is saying I sent it to myself or something because it is FROM one of my affected addresses TO ANOTHER one of my affected addresses. Sometimes it is listing the same address (mine) as both the sender AND recipient. SOMEtimes, the bounce message will say I sent it BACK TO the person who sent the virus to ME. This is become a VERY large problem and I want it to stop.
The other day I got a warning email from an "abuse@" address and I sent a reply saying I did NOT send that email, my address is registered with my home-state and so forth and so on. I DID NOT SEND ANY MAIL, to my knowledge, TO THAT ADDRESS! FWIW: I haven't sent mail from that account in MONTHS...but I DON'T want to be getting into trouble because of this!

I have checked ALL my filters in that account and none have a "send reply" or anything..so there should be NO emails being sent ANYwhere...they should just be quarantined and then deleted, right? I have checked AVGs MINIMAL setting-preferences and I cannot figure out what is causing this. What in tarnation could be going on, and how do I get it to STOP?  :cry:

TIA,
Ciao for now!
~~~Angel
Do I
Bug You? :P
Click here to capture TheBat!

*

Offline Anne

  • Administrator
  • Golden Crowned
  • *****
  • 1193
  • Gender: Female
  • Rabbit Lady
    • Yobunny Enterprises
  • The Bat! version: 6.8.8
TH! and AVG and viruses
« Reply #1 on: November 05, 2002, 07:23:04 PM »
Angel,
Just as a thought - have you got the send notification to sender when a virus received set?  Check under Options » Virus Protection » Default Settings  and see if the Send Notificaton to the Sender option is ticked. If it is then untick it and see if this solves the problem.
Cheers!
Anne


*

Offline PerryNelson

  • Noctule
  • **
  • 28
Re: TB! & AVG woes; MAJOR!....HELP!!!
« Reply #2 on: November 05, 2002, 10:13:51 PM »
Quote from: Angel
For some reason, whenever AVG catches virus-riddled mails (usually the klez virus) and sticks them in quarantine I seem to get wads of "undeliverable mail" notifications and "bounced" notifications BACK TO ME saying I SENT virii emails! This only happens when I get something tossed into quaratine. Usually, it is saying I sent it to myself or something because it is FROM one of my affected addresses TO ANOTHER one of my affected addresses.

I have checked ALL my filters in that account and none have a "send reply" or anything..so there should be NO emails being sent ANYwhere...they should just be quarantined and then deleted, right? I have checked AVGs MINIMAL setting-preferences and I cannot figure out what is causing this. What in tarnation could be going on, and how do I get it to STOP?  


Angel,

I would recommend that you get the Klez removal tool, located here http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html, and treat your system as though it were infected with Klez.  I realize that TheBat! advertises that it isn't susceptible to that virus but your system is acting as though it is infected.  Using the removal tool isn't going to hurt anything and there's a chance this might solve your problem.

--
Perry

*

Offline Angel

  • Noctule
  • **
  • 25
    • http://www.angelsempire.com
Re: TH! and AVG and viruses
« Reply #3 on: November 05, 2002, 10:38:49 PM »
Quote from: Anne
Check under Options » Virus Protection » Default Settings  and see if the Send Notificaton to the Sender option is ticked. If it is then untick it and see if this solves the problem.



EXCELLENT suggestion; I'd forgotten about that. Unfortunately in this case it wasn't checked.  :?  Im going to download and run the program Perry suggested and see if that works. Other than that, I can't think of anything :(

I have been using AVG for eons, and using the plugin prior to the hooplah about the klez virus ...so I am truly stumped :shock: but I REALLY do appreciate all the help with this... :)

Will let you know how it turns out,
Ciao for now!
~~~Angel
Do I
Bug You? :P
Click here to capture TheBat!

*

Offline Anne

  • Administrator
  • Golden Crowned
  • *****
  • 1193
  • Gender: Female
  • Rabbit Lady
    • Yobunny Enterprises
  • The Bat! version: 6.8.8
Tb and AVG etc
« Reply #4 on: November 05, 2002, 10:58:28 PM »
It's always worth running a virus specific tool like the anti-klez - if nothing else it will rule out the virus as the cause if you're system's clean. Remember though that Klez does spoof sender addresses - and I know of several people who apparently have sent themselves Klez from an address to the same address!!!  :roll: What it means is that someone who is infected has your address in their address book or on their PC somewhere else - like internet cached web pages etc.
Cheers!
Anne


*

Offline Angel

  • Noctule
  • **
  • 25
    • http://www.angelsempire.com
Re: Tb and AVG etc
« Reply #5 on: November 07, 2002, 03:32:08 PM »
Quote from: PerryNelson
I would recommend that you get the Klez removal tool, located here http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.removal.tool.html, and treat your system as though it were infected with Klez.  I realize that TheBat! advertises that it isn't susceptible to that virus but your system is acting as though it is infected.  Using the removal tool isn't going to hurt anything and there's a chance this might solve your problem.

Thanks for this, Perry. Excellent advice! I did run it yesterday; but, my system was found to be clean. So I tend to think....

Quote from: Anne
...snip...
What it means is that someone who is infected has your address in their address book or on their PC somewhere else - like internet cached web pages etc.

oi vey...  :roll:  lol Well, how to figure out who what where ? Cos it's really getting to be a nuisance :/
Ciao for now!
~~~Angel
Do I
Bug You? :P
Click here to capture TheBat!

*

Offline marck

  • Pipistrelle
  • *
  • 5
    • http://www.silverstones.com
TB! & AVG woes; MAJOR!....HELP!!!
« Reply #6 on: November 09, 2002, 01:30:44 AM »
Well, for one thing, you do know that Klez send mails with fake "from" addresses.

If you've received a klez virus in a message then it's certain that someone you know is infected. If they're infected then their infection is spewing out infected mails. And those mails are being sent out as if they came from other addresses klez has found in the infected system - including yours.

Most of the automated notices that get sent round by folks warding off infection have been going to innocent parties, especially where Klez is concerned.

So don't panic too much about getting those kind of notices.

Why do they happen when you have something moved into quarantine? Because that's the point at which someone who has your email address in your system is sending out klez infected messages.

Does this make any sense?
.\arck

*

Offline Angel

  • Noctule
  • **
  • 25
    • http://www.angelsempire.com
Re: TB! & AVG woes; MAJOR!....HELP!!!
« Reply #7 on: November 11, 2002, 11:08:13 AM »
Quote from: marck

....snip....
Does this make any sense?

Yes. And thank you, too, for your help with this.. :)
Ciao for now!
~~~Angel
Do I
Bug You? :P
Click here to capture TheBat!

 

SMF spam blocked by CleanTalk