TechSpot

email hijacked, wanna help a dummy out?

By chipmagnet
Apr 9, 2007
  1. As you may notice this is my first thread here and I must let you know first off that I am a "point and click" kind of guy. I'm afraid that whatever kind of tech help I get here may be over my head but I thought I'd try anyway.

    My email has recently been infiltrated by someone/something that is sending spam to god knows who. I am apparently in the business of selling everthing from prescription drugs to dildos now. I only wish I could get my commission.
    My inbox is filled up with "undeliverable mail" messages from earthlink (my email provider.) These messages are to people I don't know and to whom I've never before sent messages to. Whatever is doing this hasn't been sending stuff to people in my address book. I find this strange. I've heard of hijackers before that relay spam but they always used the address book to do their dirty work. Another strange thing is that not all these returned mail messages are getting through my spam security filter. I have my spam filter set to the max in which only messages from people in my address book get through. The others are caught up in my "suspected spam folder" which I must go through occassionally and allow new contacts to get through. I find it weird that some of these undeliverable notices go straight to my inbox while other get blocked when they both appear to be coming from earthlink.

    I spoke to earthlink support about this and ran into a deadend somewhere in India. You must know how difficult it is to communicate with them and every large company these days has farmed out thier CS there. Soooo frustrating.
    All that guy could tell me to do was to change my password. I did that even though I was almost certain the bug wasn't accessing my email via a password. It is now about 24 hours later and I'm still getting the returned mail messages.

    I downloaded and ran "hijackthis" but have no idea what it's telling me. It appears to be geared more for the tech savvy such as yourselves. If anybody here could help me identify and exterminate this bug it would be much appreciated. And please remember to dumb it down for me.

    Thank You.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Go and read this thread HERE and post a HJT log as an attachment into this thread.

    Regards Howard :wave: :wave:

    This thread is for the use of chipmagnet only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. chipmagnet

    chipmagnet TS Rookie Topic Starter

    I downloaded HJT 2.0 and here is the log...
     
  4. jobeard

    jobeard TS Ambassador Posts: 9,311   +617

    fyi: email spam that appears to originate from you, IS NOT CAUSED
    by code/worms/trojans on your system!
    :wave:

    Instead, someone with the know-how has found your email address
    (in a newgroup, forum listing, or even a careless email forward on the CC: line)
    and is not mascarading as you. When the spam hits a non-existing mailbox,
    it is said to bounce back to the originator. That's how you see the
    undelivered return notice.

    At this point, your ONLY choice is to abandon your existing email address
    and to get another one. If you use the same ISP as before, make sure
    they DO NOT FORWARD future email to the old address to your new one!
    Otherwise, the spamming will just continue.

    Take your contacts and set them all a NEW EMAIL ADDRESS with the
    address AND a request to forward any future email using the Bcc: feature
    to hide your email from prying eyes.
     
  5. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your system is infected with malware.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :)

    This thread is for the use of chipmagnet only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...