Tuesday 10 August 2004 1.45pm
Well, it shouldn't be a Trojan if you're running the full version of Grisoft AVG7.0 and your definitions are up to date. I would still run the Symantec Security Checker or McAfee Freescan just to make sure, as the last update to the virus checking engine (as opposed to the definitions) on AVG was a while ago.
"Spoofing" isn't about hacking into someone's mailbox - it's about making emails look like they've come from a particular address when they haven't - so it wouldn't necessarily need your passwords.
Two other things:
1. Check that your antivirus software specifically covers the Klez worm and all its variants (look in the AVG encyclopedia) - if not there's a free cleaner here:
2. Run a spyware program - Spybot is very good and free, just to check you haven't got a key logger (which records all your keystrokes like passwords and then mails them to someone else) installed.
If all of that comes back clean, then either someone has just got hold of your email address and is faking spam emails to look as if they come from you or someone's got your account and password details.
There is very little you can do about the spoofing - however I am still surprised that AOL would suspend your account on the strength of an email looking as if it comes from you - they usually only do that where they have evidence of actual emails being sent out.
I would send an email to technical support (rather than speaking to some customer service person), explaining the problem you are having, and all the anti-virus and spyware checks you have done, and asking them to explain in detail why they are suspending your account, what triggers it, and ask them to cut and paste a copy of the allegedly spam emails for you. Ask them also to mail you a complete list of times and dates when these emails have been sent and also provide the telephone number which was used to log onto the system.
As for hacking into your mail account - I think you mean that someone is dialling up your internet account seperately pretending to be you. There have been some press reports recently about people from various ISPs, including AOL, selling details to spammers - it could have happened here but it's pretty rare, and if you've changed your password three times, I seriously doubt that it would have happened to you three times over.
Sorry not to be more help.