I think I have a bot in my pc :s Just don't know how to kill it!

[Jose_49]

Guys, since yesterday (13 hours ago) I noticed my email to flood by "Delivery Status Failure" from emails I supposedly sent (Hotmail). The bad part of this is that I DID NOT SEND ANY of those messages. I even checked the 'Sent' status at the Hotmail page but it doesn't show up any of the sent emails.

I've already sent scanning my PC with MS Essentials and nothing has shown up.

The problem seems to be with Outlook because when I run it, email start to flood my inbox about a failure delivery.

What should I do? :s

[Scorbing]

Guys, since yesterday (13 hours ago) I noticed my email to flood by "Delivery Status Failure" from emails I supposedly sent (Hotmail). The bad part of this is that I DID NOT SEND ANY of those messages. I even checked the 'Sent' status at the Hotmail page but it doesn't show up any of the sent emails.

I've already sent scanning my PC with MS Essentials and nothing has shown up.

The problem seems to be with Outlook because when I run it, email start to flood my inbox about a failure delivery.

What should I do? :s

Download this. Install it, update it and then scan your computer, Use FULL scan.

www.malwarebytes.org

[Detection]

Change your password would be a good start, does it happen with other email programs like Windows live mail ?

Maybe its an Outlook issue ?

Anything stuck in the outbox ?

[Biohead]

Change Windows Live password (preferably using a different computer)

Run a full anti-virus/anti-malware scan - as you've already tried MSE, try a different one like the on posted above.

[Jose_49]

Change your password would be a good start, does it happen with other email programs like Windows live mail ?

Maybe its an Outlook issue ?

Anything stuck in the outbox ?

Nothing stuck in the outbox, and from the 3 accounts I have in Outlook, there's just one which is sending the mass email. I have the messenger program running and nothing fishy pops up.

I'll try with malwarebytes as Scorbing suggested.

[Detection]

Nothing stuck in the outbox, and from the 3 accounts I have in Outlook, there's just one which is sending the mass email. I have the messenger program running and nothing fishy pops up.

I'll try with malwarebytes as Scorbing suggested.

Check the server side too, ie hotmail.com

I definitely recommend changing your password though

[Jose_49]

Check the server side too, ie hotmail.com

I definitely recommend changing your password though

I'll be doing that now. It's better to prevent than to be sorry later.

[Detection]

I'll be doing that now. It's better to prevent than to be sorry later.

Yep, this is exactly why we were asking the hotmail team to add 2 step verification to hotmail email accounts then the worst you would have got was an sms requesting a log in code (If this is what has happened)

[Jose_49]

I've checked again, and seems is Outlook that has the problem. All of my emails are sending the delivery notification failure. F*ck. I want to know how did I get it, because I never visit strange websites nor open strange or ****ty emails. Maybe outlook downloaded it without concern and infected the system.

[Rippleman]

didn't know people still use outlook.. like mentioned above, try scan with www.malwarebytes.org since its the best scanner money can't buy :)

[c3ntury]

Maybe outlook downloaded it without concern and infected the system.

It doesn't work like that.

I'd change your email password, personally, swap to Gmail (you can still have the same addresses and have your mail forwarded, use it with outlook etc), do a full virus scan.

What anti-virus do you use?

[Jose_49]

It doesn't work like that.

I'd change your email password, personally, swap to Gmail (you can still have the same addresses and have your mail forwarded, use it with outlook etc), do a full virus scan.

What anti-virus do you use?

I have MSE installed. I used to have Kaspersky but let my subscription fade away.

[matt4pack]

Could just be someone spoofing your address from somewhere else so you end up getting all the undeliverables or logging into your account remotely. I don't know if hotmail allows you to see IP addresses that have accessed your account but I would check that if they do.

When you logon to hotmail through a browser do the failures still show up or is it only happening when outlook is open?

[Jose_49]

When you logon to hotmail through a browser do the failures still show up or is it only happening when outlook is open?

It only happens when I have outlook opened. But when I browse the email I do have recorded the failure delivery messages. (But can't see the sent ones)

[+BudMan MVC]

^ exactly.

Outlook seems to just be downloading your bounces.

You rarely see spam sent from a legit address ;) Its always someone else so all the bounces don't clog up the sending server..

Its childs play to send an email saying it came from address Y. If I send out a million random spam messages to all kinds of bogus email addresses, lots of them will get kicked back to what the return address says it is.

So I am spamming how to enlarge your penis and send to [email protected] and say it came from your address at Y, be it sent from that server or not. So somedomain.com says hey we don't have a lsjfdsf mailbox.. Lets make sure that Y knows that -- and sends it back to Y.. These now fill up your mailbox.. Nothing to do with infection, nothing to do with your mailbox being hacked, etc. Look at the kickbacks -- does it say it was sent from your server? Or somewhere in china or Ukraine, etc.. etc..

[Jose_49]

^ exactly.

Outlook seems to just be downloading your bounces.

You rarely see spam sent from a legit address ;) Its always someone else so all the bounces don't clog up the sending server..

Its childs play to send an email saying it came from address Y. If I send out a million random spam messages to all kinds of bogus email addresses, lots of them will get kicked back to what the return address says it is.

So I am spamming how to enlarge your penis and send to [email protected] and say it came from your address at Y, be it sent from that server or not. So somedomain.com says hey we don't have a lsjfdsf mailbox.. Lets make sure that Y knows that -- and sends it back to Y.. These now fill up your mailbox.. Nothing to do with infection, nothing to do with your mailbox being hacked, etc. Look at the kickbacks -- does it say it was sent from your server? Or somewhere in china or Ukraine, etc.. etc..

I don't think that's the case :s. I'm actually getting emails sent from my email address.

[+BudMan MVC]

Post the headers of one of these emails or a kickback and we can tell you where it came from exactly! Until you post some details there is no way to know if being sent from your machine or not.

But I can tell you one thing for SURE!! I have not seen a virus/bot/anything that actually uses the local email address when sending anything in years and years and years - its TOO easy to track.. They pull an address from your contacts to use, or make up ****.. They don't actually use your email address when sending. Because that kind of points to the infected box now doesn't it!

[Rippleman]

first things first, instead of going on and on and on about this, start at the easiest thing to do and work backwards. You should have already done this but guessing you havent yet.

STEP 1: download and install malwarebytes, update the definitions, and run a full scan.

step 2 will depend on the out come of step 1. So do step 1 and tell us if it found anything.

[Scorbing]

Jose did malwarebytes find anything on your system?

[Jose_49]

I already did a full scan and did found something in the recycle bin. Deleted and afterwards I had no problems (until now) with the Outlook.

@BudMan:

Here's what had in the body of the email:

(DO NOT CLICK IS SPAM!!!)

http://josephdupnik....fg.htm&dfh=rhcj

And the Subject was left in blank, plus it had my email name on it. Yes, it also came from my email address. Even my uncle asked me what the hell did I send.

BTW: Thanks a lot for the help! :p Malwarebytes did a great job!