locked
SPAM generated from Outlook 2003...not caught by OneCare RRS feed

  • Question

  • Emails are being generated from my machine.  Did a full scan of computer and source not detected? Suggestions?

    Friday, September 5, 2008 3:51 PM

Answers

  • I moved your post to the anti-virus topic. How do you know the spam came from your machine? It is more likely that a spammer is simply using your email address in the "From" field in the sent spam. That's a very common spammer technique - forging headers and using real addresses in the "From" and "sent" fields, causing many bounced messages to be "returned" to your inbox.

     

    However, if you are using Windows Live OneCare and you believe that your PC is infected, but OneCare did not detect or cannot remove the malware, please contact support to report this and for help with removal.

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

     

    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx  for details.  For international information, see your local subsidiary Support site.

     

    -steve
    Friday, September 5, 2008 5:02 PM
    Moderator

All replies

  • I moved your post to the anti-virus topic. How do you know the spam came from your machine? It is more likely that a spammer is simply using your email address in the "From" field in the sent spam. That's a very common spammer technique - forging headers and using real addresses in the "From" and "sent" fields, causing many bounced messages to be "returned" to your inbox.

     

    However, if you are using Windows Live OneCare and you believe that your PC is infected, but OneCare did not detect or cannot remove the malware, please contact support to report this and for help with removal.

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

     

    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx  for details.  For international information, see your local subsidiary Support site.

     

    -steve
    Friday, September 5, 2008 5:02 PM
    Moderator
  • I too have started having the same problem. I am using Outlook2003, XP SP3, three days ago when I opened outlook immediately it sent 1 of 7 messages yet the outbox was empty. Shortly after I started getting bounced back emails, undeliverable. At first I thought it to be spam, yet the body of the email contained my computer's name, my email address, and IP address. Over the last three days I have changed my computer's name and still this is happening and each time the bounced back emails have the newer computer name. I have tried Avast AV, Norton AV, Windows Defender, Spyware Terminator. All state the computer is clean!!!! Yet it is still sending spam. Any help appreciated.
    Friday, September 26, 2008 2:36 AM
  • Hi there

     

    Hope this thread is being monitored and we can get some replies. My Outlook 2003 is doing exactly the same and generating spam that is sent from my my email address. The message source shows it originated from my IP address with the host name of my computer. I have access to my outgoing server logs and can see the log entries for the messages going out once they have been sent from my computer. I cannot see them in sent items and dont see them in the outbox when they are ready to be sent. This started happening on Monday morning and I've tried everything to determine what is going on. I've change the SMTP port number in Outlook to try to catch the spam in the outbox but whatever is doing this is able to detect this and wont try sending. I've tried making the smtp server localhost but again the spam is not generated if I do this. I used Norton Firewall to block port 25/587  and again no spam until I cleared the block and then it did it again. One thing I did notice is that the time from when i initially connect the machine to the iternet and open Outlook that there is a delay before the spam is being generated. This delay is anything from 10 minutes upto around half an hour.

    I've got spambot, Norton Security and mamutu running but none of them notice anything unusual going on.

     

    There is obviously something happening if there is more than a few of us with this problem which has started in the last few days. Can anyone shed any light on how it is being done? Is it some other program using Outlook as the transport via a com control or something of that nature?

    Friday, September 26, 2008 8:46 AM
  • Note this thread:
    http://www.techsupportforum.com/security-center/hijackthis-log-help/294858-outlook-auto-sending-spam.html#post1719067
    I now have two infected computers. The proof being the bounced back email contains the my sending computer's name, my email address and IP address. I am trying the http://www.kaspersky.com/virusscanner  as it is supposed to find this new virus. ......... Kaspersky did find this
    Infected: Trojan.Win32.Agent.aetc in my inbox and junk folders. Now how to get rid of it.
    Friday, September 26, 2008 12:16 PM
  • After an hour on the phone to MS help, they ended up creating a new Outlook profile. There solved!!!.
    Yeah right. The old profile with all the previous emails are still there. This method screams of "Just un-install and re-install" the program and let's hope the infected email does not get picked up in the new profile.
    Friday, September 26, 2008 2:52 PM
  • I am the network administrator for my company and actually run the mail server. I am *VERY* careful about what I run/install/use on my computer and have Avast Antivirus Professional (paid version) fully up to date. Last night I launched Outlook 2007 and after 2 minutes, I started receiving the bounce messages. I thought initially it was the usual spoofing thing but I always check the message headers just to make sure. The message headers were grim, because they showed the messages had IN FACT come from my laptop. I even went so far as to log into the mail server and checked the server's SMTP logs and the messages HAD come from my laptop.

     

    We even force SMTP authentication (Digest-MD5) and they were sent using SMTP AUTHENTICATION.

     

    This is very serious.

     

    I am running the Kapersky scan now to see if it reports the same thing as another user in this thread, but I would like to know if anyone else is seeing this or has an answer for it.

     

    I ran a complete scan using Avast last night and it found nothing, of course.

    Friday, October 24, 2008 3:35 PM
  • Okay, I might have good news for you if you get to this thread. If the subject line of your mail messages (the spam) start with "Not read:" then YOU ARE NOT INFECTED WITH ANYTHING.

     

    You are simply afflicted with a bug in Outlook that is detailed here.

    Saturday, October 25, 2008 3:14 AM