Forum Moderators: phranque
I received a viagra email from him on a forward, I was *presuming* this was one that slipped through the form filters on his site. So (jokingly) I replied, "hey you been talking to my wife? Seriously, did this come from your web site?"
He opened his sent items in Outlook, and lo and behold, there it was, and he obviously didn't send it.
Given the fact that this is **ALL** the information I have, what would be the most likely resources I could investigate and reference for him to clean this up? He's halfway across the state, a physical visit is not a likely event, so I'm limited to helping remotely.
He was previously using Norton, and has switched to Trend Micro, but this many not even be a virus, it is most likely some hack on Outlook itself, and I have never used it other than coaching customers through setting up connections.
The first place you might want to check are the Outlook rules. If a forwarding rule has been slipped in there it should be easy to spot.
If you need to do remote assistance Windows has that capacity with Remote Desktop. If that's not successful then there are a ton of VNC tools, both free and paid options, that could help you access the machine remotely.
Was this from a website, or a physical PC? Are the headers legit?
All of the headers were spoofed and at first glance, looked like I forwarded the message.
Jake66, was the email in your sent items in your Outlook? This is an important point - doesn't look like a Joe Job since it was in his sent items, on his PC.
The first place you might want to check are the Outlook rules. If a forwarding rule has been slipped in there it should be easy to spot.
EDIT: actually the more I look at it, the more I think this may be the case. He's got 30 or so email addresses, with them forwarding here and there to other domains addresses - I'll bet this is the case, simple case of user error.
