Anybody know ajax50@attbi.com? He's got the Klez!

Dog97

Don't know if he is a member of this board but he is a collector/dealer. Reason I know this is the email was sent to my gilftel.com address which I only use for coin biz on eBay. Maybe he will see this and fix his PC.

relayer

Actually the Klez virus uses the Outlook contacts to pick a name at random to use as sender, as to disguise which PC is infected.

If you got an email from him, it came from an infected machine in which both you and he are both in someones Outlook contacts.

LanLord

Dog97, can you review the properties of the message? If so, you may be able to track down the entry of the true originator of the message. I am not sure how to do it in every mail application, only the one I have used which is Lotus Notes. But the information should reside in the header properties.

mdwoods

I have had it sent to me. Fortunately my virus software caught it every time. I didn't realize at first, either, that the real sender was not who was listed as the sender. I hate viruses, but in a way, they ultimately make our software more secure as programmers have to make the code more secure from attack. Or at least I hope that is the what's happening. Mark

Dog97

I wouldn't accuse anyone of being infected unless I was sure they were. Clicking on the properties of the infected email show it was "from" rwcrmhc51.attbi.com but I know he is the poor guy who was in the address book and whos address was spoofed. The return path properties of the headers show ajax50@attbi.com as being the originator of the virus.
Being that my gulftel email is handled by Outlook Express which they say is highly vulnerable to auto exec viruses I chose not to try to contact the guy but posted this warning here in case any of you have done biz with him and are in his address book. The name of the infected email was parent.userid