PCWorld Forums

PCWorld Forums: Email Hijacked - PCWorld Forums

Jump to content

Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

Email Hijacked my account is sending out spam

#1 User is offline   DBCIII 

  • Newbie
  • Pip
  • Group: New Member
  • Posts: 5
  • Joined: 31-May 11

Posted 31 May 2011 - 09:41 AM

People are getting emails purportedly from my email account with various semi-literate product promotions.

They go to addresses I have used, but most are very old and many are obsolete. The ones to obsolete addresses "bounce" back to me with an "unable to deliver" message, which I think indicates the malware is actually using my email account, not just faking the "from" field. Some of the accounts are current, and I've heard from people asking about it. It also sends a copy to me. I tell them not to open, forward, reply, or click on any links, since I think that is how I got infected. A relative had this issue with an old hotmail account she had not used in years, and I opened a couple, forwarded one to her to show her what was happening.

I've run some cleanup software which found nothing and will try malwarebytes, since I've seen it recommended.

Is there any point in my creating a new email account and telling people to just send the old one to spam filter? Once I get them switched I can delete that account. But will the malware be able to infect one of my other accounts? Anything else I can do?

-DBC
0

#2 User is offline   coastie65 

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 20,651
  • Joined: 02-April 07
  • Location:Henrico, Va.

Posted 31 May 2011 - 12:00 PM

View PostDBCIII, on 31 May 2011 - 09:41 AM, said:

People are getting emails purportedly from my email account with various semi-literate product promotions.

They go to addresses I have used, but most are very old and many are obsolete. The ones to obsolete addresses "bounce" back to me with an "unable to deliver" message, which I think indicates the malware is actually using my email account, not just faking the "from" field. Some of the accounts are current, and I've heard from people asking about it. It also sends a copy to me. I tell them not to open, forward, reply, or click on any links, since I think that is how I got infected. A relative had this issue with an old hotmail account she had not used in years, and I opened a couple, forwarded one to her to show her what was happening.

I've run some cleanup software which found nothing and will try malwarebytes, since I've seen it recommended.

Is there any point in my creating a new email account and telling people to just send the old one to spam filter? Once I get them switched I can delete that account. But will the malware be able to infect one of my other accounts? Anything else I can do?

-DBC

Hi and welcome to the forum. First, it most likely isn't in your computer, but it never hurts to run malwarebytes. I have had the same thing happen as well a lot of friends, so it isn't new. If you have a Facebook account, check to make sure your address book isn't visble to all as that is one thing they use. the upside to that is once you have secured it, it will stop as they apparently don't copy it, but just go back and send more stuff to the addresses on there. You can change you password as well for your email.
Coolermaster HAF 912 Case....ASUS Z87Pro MOBO.....Intel Core i7 4770k Haswell ( OC'd to 4.6 Ghz ) .... Gelid Tranquillo cooler.... Samsung 830 256 GB SSD.... Primary HDD- WD 1TB Caviar Black SATA III /6.0 .... SECONDARY HDD - WD 1TB Caviar Black SATA II / 3.0....16Gb GSkill Ripjaws Series X 2133 Mhz Memory....Corsair AX850w PSU....EVGA GTX 680 Super Clocked Signature 2 Gb GDDR5 Video Card....Samsung CD/DVD RW, DL, DVD-Ram, w/ Lightscribe Optical Drive....Samsung SyncMaster 2243BWX 22" Monitor..... Windows 7 Home Premium 64 Bit OS




______________________________________________________________

Gateway FX6800-01e----Intel Core i7 960 ( 3.2 GHz)---- Seagate Barracuda 750 Gb SATA II / 3.0 Hdd---- 6 Gb Crucial 1066 Mhz memory, running in Tri Channel conf-----Corsair TX650w PSU----- EVGA Nvidia GTX 560Ti 1gb GDDR5 Vram ----DVD +/- RW / CD ,RAM/DL Optical drive w/ Label Flash-----Gateway TBGM-01 Motherboard.... Vista Home Premium 64 bit OS w/ SP2; Samsung Synch Master 2243BWX 22" Monitor.
0

#3 User is offline   DBCIII 

  • Newbie
  • Pip
  • Group: New Member
  • Posts: 5
  • Joined: 31-May 11

Posted 31 May 2011 - 12:45 PM

Thanks.
I have a FB account, but have security set tight. And I don't ever use any features to "find friends" using address book on FB or anywhere else. I've changed email password a couple of times. That's one reason I decided to switch email accounts. I wanted to communicate clearly to my actual acquaintances that it was not me and tell them to put that account in spam filter. That is to avoid the scenario where they don't understand and just filter me and also hate me!

The fact that most of the email addresses it sends to are ones I've not used in several years (from before Facebook) suggests it is getting them from an archive somewhere - and my PC would seem the only place for that. Maybe an old pst? The only ones I know of that I still am active with are ones I've used for a long time - dating back to same time as the obsolete ones.

Malwarebytes scanned and found nothing. That was the "quick" scan that took 1.5 hrs. I'll run the full one.

View Postcoastie65, on 31 May 2011 - 12:00 PM, said:

View PostDBCIII, on 31 May 2011 - 09:41 AM, said:

People are getting emails purportedly from my email account with various semi-literate product promotions.

They go to addresses I have used, but most are very old and many are obsolete. The ones to obsolete addresses "bounce" back to me with an "unable to deliver" message, which I think indicates the malware is actually using my email account, not just faking the "from" field. Some of the accounts are current, and I've heard from people asking about it. It also sends a copy to me. I tell them not to open, forward, reply, or click on any links, since I think that is how I got infected. A relative had this issue with an old hotmail account she had not used in years, and I opened a couple, forwarded one to her to show her what was happening.

I've run some cleanup software which found nothing and will try malwarebytes, since I've seen it recommended.

Is there any point in my creating a new email account and telling people to just send the old one to spam filter? Once I get them switched I can delete that account. But will the malware be able to infect one of my other accounts? Anything else I can do?

-DBC

Hi and welcome to the forum. First, it most likely isn't in your computer, but it never hurts to run malwarebytes. I have had the same thing happen as well a lot of friends, so it isn't new. If you have a Facebook account, check to make sure your address book isn't visble to all as that is one thing they use. the upside to that is once you have secured it, it will stop as they apparently don't copy it, but just go back and send more stuff to the addresses on there. You can change you password as well for your email.

0

#4 User is offline   coastie65 

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 20,651
  • Joined: 02-April 07
  • Location:Henrico, Va.

Posted 31 May 2011 - 02:54 PM

View PostDBCIII, on 31 May 2011 - 12:45 PM, said:

Thanks.
I have a FB account, but have security set tight. And I don't ever use any features to "find friends" using address book on FB or anywhere else. I've changed email password a couple of times. That's one reason I decided to switch email accounts. I wanted to communicate clearly to my actual acquaintances that it was not me and tell them to put that account in spam filter. That is to avoid the scenario where they don't understand and just filter me and also hate me!

The fact that most of the email addresses it sends to are ones I've not used in several years (from before Facebook) suggests it is getting them from an archive somewhere - and my PC would seem the only place for that. Maybe an old pst? The only ones I know of that I still am active with are ones I've used for a long time - dating back to same time as the obsolete ones.

Malwarebytes scanned and found nothing. That was the "quick" scan that took 1.5 hrs. I'll run the full one.

View Postcoastie65, on 31 May 2011 - 12:00 PM, said:

View PostDBCIII, on 31 May 2011 - 09:41 AM, said:

People are getting emails purportedly from my email account with various semi-literate product promotions.

They go to addresses I have used, but most are very old and many are obsolete. The ones to obsolete addresses "bounce" back to me with an "unable to deliver" message, which I think indicates the malware is actually using my email account, not just faking the "from" field. Some of the accounts are current, and I've heard from people asking about it. It also sends a copy to me. I tell them not to open, forward, reply, or click on any links, since I think that is how I got infected. A relative had this issue with an old hotmail account she had not used in years, and I opened a couple, forwarded one to her to show her what was happening.

I've run some cleanup software which found nothing and will try malwarebytes, since I've seen it recommended.

Is there any point in my creating a new email account and telling people to just send the old one to spam filter? Once I get them switched I can delete that account. But will the malware be able to infect one of my other accounts? Anything else I can do?

-DBC

Hi and welcome to the forum. First, it most likely isn't in your computer, but it never hurts to run malwarebytes. I have had the same thing happen as well a lot of friends, so it isn't new. If you have a Facebook account, check to make sure your address book isn't visble to all as that is one thing they use. the upside to that is once you have secured it, it will stop as they apparently don't copy it, but just go back and send more stuff to the addresses on there. You can change you password as well for your email.



Hi, All that stuff is stored with the email provider and not actually in your computer. If it was in your computer, you coud access it without actually having to be logged in online. As far as I know, the only way you can access your email is by first going online. As Isaid, It has ahppened to me and they spammed my Congressman as well, because he was in my address book. :D The point is, they would have to hack into gmail, MSN mail, Hotmail, etc to get that stuff. In my case, I think my address book was visible in Facebook. I locked things down and have no repeat of that. Tells me they didn't keep a copy of the things and were just going back to Facebook for the addresses ( It only happened once ).
Coolermaster HAF 912 Case....ASUS Z87Pro MOBO.....Intel Core i7 4770k Haswell ( OC'd to 4.6 Ghz ) .... Gelid Tranquillo cooler.... Samsung 830 256 GB SSD.... Primary HDD- WD 1TB Caviar Black SATA III /6.0 .... SECONDARY HDD - WD 1TB Caviar Black SATA II / 3.0....16Gb GSkill Ripjaws Series X 2133 Mhz Memory....Corsair AX850w PSU....EVGA GTX 680 Super Clocked Signature 2 Gb GDDR5 Video Card....Samsung CD/DVD RW, DL, DVD-Ram, w/ Lightscribe Optical Drive....Samsung SyncMaster 2243BWX 22" Monitor..... Windows 7 Home Premium 64 Bit OS




______________________________________________________________

Gateway FX6800-01e----Intel Core i7 960 ( 3.2 GHz)---- Seagate Barracuda 750 Gb SATA II / 3.0 Hdd---- 6 Gb Crucial 1066 Mhz memory, running in Tri Channel conf-----Corsair TX650w PSU----- EVGA Nvidia GTX 560Ti 1gb GDDR5 Vram ----DVD +/- RW / CD ,RAM/DL Optical drive w/ Label Flash-----Gateway TBGM-01 Motherboard.... Vista Home Premium 64 bit OS w/ SP2; Samsung Synch Master 2243BWX 22" Monitor.
0

#5 User is offline   DBCIII 

  • Newbie
  • Pip
  • Group: New Member
  • Posts: 5
  • Joined: 31-May 11

Posted 31 May 2011 - 03:35 PM

Actually, the .pst files are on my computer, and include plenty of very old email addresses, some accumulated when I was using different providers. I can browse those pst's all day long with Outlook without going online. I have five different email accounts with three different providers, all of which are downloaded to Outlook and deleted from server. I don't keep address lists online - they are all on my pc. If I access email from another computer w/o Outlook, then I use webmail and only recently used addresses are cached.

Malwarebytes is running the full scan now, and has found three "infections." Won't know what they are 'til it finishes, probably tomorrow!


View Postcoastie65, on 31 May 2011 - 02:54 PM, said:

View PostDBCIII, on 31 May 2011 - 12:45 PM, said:

Thanks.
I have a FB account, but have security set tight. And I don't ever use any features to "find friends" using address book on FB or anywhere else. I've changed email password a couple of times. That's one reason I decided to switch email accounts. I wanted to communicate clearly to my actual acquaintances that it was not me and tell them to put that account in spam filter. That is to avoid the scenario where they don't understand and just filter me and also hate me!

The fact that most of the email addresses it sends to are ones I've not used in several years (from before Facebook) suggests it is getting them from an archive somewhere - and my PC would seem the only place for that. Maybe an old pst? The only ones I know of that I still am active with are ones I've used for a long time - dating back to same time as the obsolete ones.

Malwarebytes scanned and found nothing. That was the "quick" scan that took 1.5 hrs. I'll run the full one.

View Postcoastie65, on 31 May 2011 - 12:00 PM, said:

View PostDBCIII, on 31 May 2011 - 09:41 AM, said:

People are getting emails purportedly from my email account with various semi-literate product promotions.

They go to addresses I have used, but most are very old and many are obsolete. The ones to obsolete addresses "bounce" back to me with an "unable to deliver" message, which I think indicates the malware is actually using my email account, not just faking the "from" field. Some of the accounts are current, and I've heard from people asking about it. It also sends a copy to me. I tell them not to open, forward, reply, or click on any links, since I think that is how I got infected. A relative had this issue with an old hotmail account she had not used in years, and I opened a couple, forwarded one to her to show her what was happening.

I've run some cleanup software which found nothing and will try malwarebytes, since I've seen it recommended.

Is there any point in my creating a new email account and telling people to just send the old one to spam filter? Once I get them switched I can delete that account. But will the malware be able to infect one of my other accounts? Anything else I can do?

-DBC

Hi and welcome to the forum. First, it most likely isn't in your computer, but it never hurts to run malwarebytes. I have had the same thing happen as well a lot of friends, so it isn't new. If you have a Facebook account, check to make sure your address book isn't visble to all as that is one thing they use. the upside to that is once you have secured it, it will stop as they apparently don't copy it, but just go back and send more stuff to the addresses on there. You can change you password as well for your email.



Hi, All that stuff is stored with the email provider and not actually in your computer. If it was in your computer, you coud access it without actually having to be logged in online. As far as I know, the only way you can access your email is by first going online. As Isaid, It has ahppened to me and they spammed my Congressman as well, because he was in my address book. :D The point is, they would have to hack into gmail, MSN mail, Hotmail, etc to get that stuff. In my case, I think my address book was visible in Facebook. I locked things down and have no repeat of that. Tells me they didn't keep a copy of the things and were just going back to Facebook for the addresses ( It only happened once ).

0

#6 User is offline   coastie65 

  • Moderator
  • PipPipPipPipPipPipPipPip
  • Group: Moderators
  • Posts: 20,651
  • Joined: 02-April 07
  • Location:Henrico, Va.

Posted 31 May 2011 - 04:05 PM

Ahhh, ok. I don't use Outlook and that is a different animal all together when it comes to that stuff. I haven't even checked for .pst files on my computers as I assumed they were kept elsewhere. I know I did a scam as well with Malwarebytes and it came up clean, so I assumed they got that stuff from somewhere besides my computer. I did notify Microsoft ( I use MSN primariy and it was that email, MSN that the stuff was coming from ) and they said that email was getting hacked and gave a me a list of things to do ( most all had been done anyway ). Would be interesting to see what Malwarebytes comes up with.

This post has been edited by coastie65: 31 May 2011 - 04:06 PM

Coolermaster HAF 912 Case....ASUS Z87Pro MOBO.....Intel Core i7 4770k Haswell ( OC'd to 4.6 Ghz ) .... Gelid Tranquillo cooler.... Samsung 830 256 GB SSD.... Primary HDD- WD 1TB Caviar Black SATA III /6.0 .... SECONDARY HDD - WD 1TB Caviar Black SATA II / 3.0....16Gb GSkill Ripjaws Series X 2133 Mhz Memory....Corsair AX850w PSU....EVGA GTX 680 Super Clocked Signature 2 Gb GDDR5 Video Card....Samsung CD/DVD RW, DL, DVD-Ram, w/ Lightscribe Optical Drive....Samsung SyncMaster 2243BWX 22" Monitor..... Windows 7 Home Premium 64 Bit OS




______________________________________________________________

Gateway FX6800-01e----Intel Core i7 960 ( 3.2 GHz)---- Seagate Barracuda 750 Gb SATA II / 3.0 Hdd---- 6 Gb Crucial 1066 Mhz memory, running in Tri Channel conf-----Corsair TX650w PSU----- EVGA Nvidia GTX 560Ti 1gb GDDR5 Vram ----DVD +/- RW / CD ,RAM/DL Optical drive w/ Label Flash-----Gateway TBGM-01 Motherboard.... Vista Home Premium 64 bit OS w/ SP2; Samsung Synch Master 2243BWX 22" Monitor.
0

#7 User is offline   LincolnSpector 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 2,611
  • Joined: 16-October 06

Posted 01 June 2011 - 08:03 AM

Hi, DBC and welcome to the forums.

I doubt that this is caused by an infection. Yes, a lot of Spam is sent by infected PCs, but they seldom use the user's own email address. Remember that the only connection between your computer and your email account is that you use one to access the other. It's far more likely that someone you know has an infected PC, or that a criminal has hijacked your account.

See Am I Mailing Spam? for details.


Lincoln
0

#8 User is offline   DBCIII 

  • Newbie
  • Pip
  • Group: New Member
  • Posts: 5
  • Joined: 31-May 11

Posted 01 June 2011 - 09:16 AM

Good points. It COULD be the same agent that was sending mail under my neice's old hotmail account. Or another one. But there is still that question of why it has a lot of really old addresses, and no recently-added ones. Unless the carrier's email server had a cached version of my contacts from seven years ago, it makes no sense. And the "to's" are definitely mine, although old. So it is not someone else's distribution list with my return address. And I DO have pst's from back then on my PC. Regardless, creating a new email account and telling people to ignore anything from the old one will put an eventual end to it. Once I have changed the various subscriptions and such, I'll just delete the account.

View PostLincolnSpector, on 01 June 2011 - 08:03 AM, said:

Hi, DBC and welcome to the forums.

I doubt that this is caused by an infection. Yes, a lot of Spam is sent by infected PCs, but they seldom use the user's own email address. Remember that the only connection between your computer and your email account is that you use one to access the other. It's far more likely that someone you know has an infected PC, or that a criminal has hijacked your account.

See Am I Mailing Spam? for details.


Lincoln

0

#9 User is offline   mjd420nova 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 3,340
  • Joined: 05-August 06
  • Location:Fremont, California

Posted 01 June 2011 - 10:01 AM

My first response to anyone that has a machine infected with a virus that it sends out e-mails, UNPLUG IT, remove the ethernet cable from it and then tackle the problem (spybot and malwarebytes) with removal approaches without any network support. When all else fails, do a restore to a date previous to your infection, if you know it. But do not reconnect it to the network until the thing is clean or things will just resume. Backtracking e-mails and links imbed within thode sites and so on but should only be attempted at risk of re-infecting or even spreading to a friends machine where you can in contact again while looking for clues to your infection. A local library with machines to use have protections that will stop any attempts and could yield some clues too.
0

#10 User is offline   LincolnSpector 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 2,611
  • Joined: 16-October 06

Posted 02 June 2011 - 08:14 AM

View PostDBCIII, on 01 June 2011 - 09:16 AM, said:

Good points. It COULD be the same agent that was sending mail under my neice's old hotmail account. Or another one. But there is still that question of why it has a lot of really old addresses, and no recently-added ones. Unless the carrier's email server had a cached version of my contacts from seven years ago, it makes no sense. And the "to's" are definitely mine, although old. So it is not someone else's distribution list with my return address. And I DO have pst's from back then on my PC. Regardless, creating a new email account and telling people to ignore anything from the old one will put an eventual end to it. Once I have changed the various subscriptions and such, I'll just delete the account.



It's possible that your email provider has a list of every address with whom you've sent and received mail. However, if you've successfully changed your password and didn't stop the spam, we can assume that your account hasn't been hijacked.

If your PC is infected, changing your email account won't solve the problem. You'll still be mailing out spam, because you've lost control of your PC.

See The Cleanest Malware Scan for some scanning suggestions.


Lincoln


0

#11 User is offline   LiveBrianD 

  • Elite
  • PipPipPipPipPipPipPipPip
  • Group: Members
  • Posts: 12,210
  • Joined: 31-December 09
  • Location:::1

Posted 02 June 2011 - 08:15 PM

View Postmjd420nova, on 01 June 2011 - 10:01 AM, said:

My first response to anyone that has a machine infected with a virus that it sends out e-mails, UNPLUG IT, remove the ethernet cable from it and then tackle the problem (spybot and malwarebytes) with removal approaches without any network support. When all else fails, do a restore to a date previous to your infection, if you know it. But do not reconnect it to the network until the thing is clean or things will just resume. Backtracking e-mails and links imbed within thode sites and so on but should only be attempted at risk of re-infecting or even spreading to a friends machine where you can in contact again while looking for clues to your infection. A local library with machines to use have protections that will stop any attempts and could yield some clues too.


Another thing: unplug it for a day or two, and ask your friends if they keep getting spam from you.

Also, although I know you guys will treat this nuclear idea as a last resort, reinstalling Windows is a surefire way to get rid of malware (unless it hides in the HD's MBR, which is unlikely but possible).

This post has been edited by LiveBrianD: 02 June 2011 - 08:16 PM

Spoiler
"The Internet will be used for all kinds of spurious things, including fake quotes from smart people." -Albert Einstein
Need a Windows ISO image?
0

#12 User is offline   LincolnSpector 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 2,611
  • Joined: 16-October 06

Posted 05 June 2011 - 10:44 AM

View PostLiveBrianD, on 02 June 2011 - 08:15 PM, said:

Another thing: unplug it for a day or two, and ask your friends if they keep getting spam from you.

That's an excellent idea. And in almost cases, they will continue getting spam from "you."

View PostLiveBrianD, on 02 June 2011 - 08:15 PM, said:


Also, although I know you guys will treat this nuclear idea as a last resort, reinstalling Windows is a surefire way to get rid of malware (unless it hides in the HD's MBR, which is unlikely but possible).

That is definitely a last resort approach. I'd only recommend it if a) the unplugged PC test temporarily stops the spam, B) plugging your PC started it again, and c) scans with three or four good security programs didn't stop the problem.

Lincoln
0

#13 User is offline   LiveBrianD 

  • Elite
  • PipPipPipPipPipPipPipPip
  • Group: Members
  • Posts: 12,210
  • Joined: 31-December 09
  • Location:::1

Posted 05 June 2011 - 11:47 AM

View PostLincolnSpector, on 05 June 2011 - 10:44 AM, said:

That is definitely a last resort approach. I'd only recommend it if a) the unplugged PC test temporarily stops the spam, B) plugging your PC started it again, and c) scans with three or four good security programs didn't stop the problem.

Lincoln


You know how I tend to do things - if there's a decently large problem, I just nuke the OS install. I can't be bothered to try to actually fix the problem. :D
Spoiler
"The Internet will be used for all kinds of spurious things, including fake quotes from smart people." -Albert Einstein
Need a Windows ISO image?
0

#14 User is offline   DBCIII 

  • Newbie
  • Pip
  • Group: New Member
  • Posts: 5
  • Joined: 31-May 11

Posted 09 June 2011 - 07:47 AM

Good suggestion to unplug. Would have provided a good test. As it is, the malwarebytes full scan found nine copies of a trojan in some animated graphics files I had received six years ago - same timeframe as the email list that was being used. Don't know what trojan it was, but I think it was getting outlook to send mail using a list it stored when it came in, using outlook's stored password, so it didn't have to actually steal the pwd and changing it had no affect.

I disabled sendmail in outlook for the affected account by putting a bogus server name. Also changed password on the server. none of my other email accounts are affected, and that one is no longer doing it. it still receives mail, which I autoforward to the new account. Once i have gotten COA to all that matter, I'll just delete it.

View PostLiveBrianD, on 02 June 2011 - 08:15 PM, said:

View Postmjd420nova, on 01 June 2011 - 10:01 AM, said:

My first response to anyone that has a machine infected with a virus that it sends out e-mails, UNPLUG IT, remove the ethernet cable from it and then tackle the problem (spybot and malwarebytes) with removal approaches without any network support. When all else fails, do a restore to a date previous to your infection, if you know it. But do not reconnect it to the network until the thing is clean or things will just resume. Backtracking e-mails and links imbed within thode sites and so on but should only be attempted at risk of re-infecting or even spreading to a friends machine where you can in contact again while looking for clues to your infection. A local library with machines to use have protections that will stop any attempts and could yield some clues too.


Another thing: unplug it for a day or two, and ask your friends if they keep getting spam from you.

Also, although I know you guys will treat this nuclear idea as a last resort, reinstalling Windows is a surefire way to get rid of malware (unless it hides in the HD's MBR, which is unlikely but possible).

0

#15 User is offline   LincolnSpector 

  • Expert
  • PipPipPipPipPipPip
  • Group: Members
  • Posts: 2,611
  • Joined: 16-October 06

Posted 10 June 2011 - 07:37 AM

View PostDBCIII, on 09 June 2011 - 07:47 AM, said:

Good suggestion to unplug. Would have provided a good test. As it is, the malwarebytes full scan found nine copies of a trojan in some animated graphics files I had received six years ago - same timeframe as the email list that was being used. Don't know what trojan it was, but I think it was getting outlook to send mail using a list it stored when it came in, using outlook's stored password, so it didn't have to actually steal the pwd and changing it had no affect.

I disabled sendmail in outlook for the affected account by putting a bogus server name. Also changed password on the server. none of my other email accounts are affected, and that one is no longer doing it. it still receives mail, which I autoforward to the new account. Once i have gotten COA to all that matter, I'll just delete it.


I doubt that disabling outgoing mail in Outlook will help. These spam-sending programs don't generally use your email program to send their spam. They just send it directly, themselves without using other software.

Anyway, I'm glad you removed the malware and, hopefully, solved the problem. But if the problem persists anyway, definitely try unplugging.


Lincoln
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users