SHOP PRODUCTS
Houzz Logo Print
hayjud_mn

Why did I get wierd email from my own addy?

hayjud_mn
14 years ago

This morning I got an email, one of those kind with the wierd jumble of letters.

When I tried to block it, I noticed that it was from my own email address. I didn't send it, or anything.

Can this be a major problem?

I use outlook Express for Email

I have Windows XP in my IE.

I did complete scan and my program found "one riskware"

It is a Trogan

Downloader.Win32.Agent.q

I am in total panic about needing to handle this and always end up backing down in the fight, because I am asked to do something I don't understand.

Comments (16)

  • bpgreen
    14 years ago
    last modified: 9 years ago

    It's a spammer. It probably wasn't sent from your address. Your address was probably spoofed.

  • hayjud_mn
    Original Author
    14 years ago
    last modified: 9 years ago

    How did they get my address - I thought is was quite unique?

  • Related Discussions

    Meyer Mike -- pls. send PG your email addy

    Q

    Comments (9)
    Karen... I hope your weather has been warmer than mine these days..It's 48 today and just miserable out. We can't even keep our windows open yet and stay warm. I would wrap the roots up in towel paper and then news paper around the whole plant..If you leave some soil on the root, basically just pull it carefully from the pot, I think it will do much better. If you rinse all the soil off and just send the roots, then that is bare root.. I usually use a small box and then surround the plant in the center with lots of newspaper so it doesn't get crushed in the mail..Hope that helps..Glad to receive such a beauty. I'll wait for your E-mail and have a much warmer sunnier day then me.. Mike
    ...See More

    OT: email addy????

    Q

    Comments (9)
    I, too, figured out that I don't have to put my real address! I'm hoping this is just a stage in the updating they're doing--we don't have links to our member pages anymore. It's a big annoyance, having to type in my info each time. But at least the pages are back up! My dsl finally got fixed, I went on here to see what was going on, and all the pages were down!
    ...See More

    PLEASE help. Why am I not getting emails?

    Q

    Comments (4)
    Thank you for your replies and suggestions. Ginny, checked my email address and it's OK. Tried unchecking and rechecking again so will see what happens. Breezy, I didn't originally sign up with email enabled, Changed it later and could have sworn I got emails, but that was at least a year ago. Only recently back trolling the boards. Thanks for telling me about Tamara; I'll contact her if other suggestions don't work. Appreciate your help!
    ...See More

    Hurry, Hurry, wouldn't want to lose my email addys

    Q

    Comments (8)
    Yahoo has been having dificulties with malware for the past week. I am the d coordinatior for a large group and recently several people have complained that wwhen they click on a link to a hostess es email they get sent to someones elses addy or yYahoo's home page. There is definitely a worm going on and I believe someone's Yhaoo account is the source but I have over a 100 ladies to oversee so I jsut told them to scan their 'puters for malware. Of course 2/3s of them don't know how or won't. They contimnue to complain to me that I am sending them bad links. My puter is squeaky clean but even I get the bad links. So something is going on. I never Yahoo.
    ...See More
  • grandms
    14 years ago
    last modified: 9 years ago

    Anytime you send an e-mail and someone forwards it without removing your address, it is out there for anyone to grab. That's why it is so important not to forward e-mails with the prior addresses still visible.

  • hayjud_mn
    Original Author
    14 years ago
    last modified: 9 years ago

    But, what about the Trojan? Can someone actually be using my computer.........Hacker?

  • ravencajun Zone 8b TX
    14 years ago
    last modified: 9 years ago

    that can a serious infection you need to install, update and run full scan with malwarebytes immediately.
    Malwarebytes' Anti-Malware

    it will give you a log if you would please post it so we can see what all it finds you may need to go to one of the help forums for clean up.
    there are many forms of trojan downloader agent

  • kudzu9
    14 years ago
    last modified: 9 years ago

    It's probably nothing to worry about. I've gotten this type of weird email a number of times. It wouldn't hurt to do the scan suggested by ravencajun, but mainly...just relax.

  • ravencajun Zone 8b TX
    14 years ago
    last modified: 9 years ago

    She HAS a trojan on her machine I think many of you may have missed this very important part of her message She had a 2 part question. Get that malwarebytes scan done asap and report back with the log please.

    always pay attention at the mention of a trojan!!

    also you did not mention what antivirus program found the infection please give the names of your security programs, are they all fully updated and are they running regular scans?

  • kudzu9
    14 years ago
    last modified: 9 years ago

    ravencajun-
    You're right...she does need to take care of that problem immediately. I missed that critical part of the message by skimming too fast.

    I will point out to her, however, that the Trojan likely has nothing to do with the weird email that was described in the main part of her post, but her concern about it coincidentally and fortunately helped her discover a Trojan.

  • hayjud_mn
    Original Author
    14 years ago
    last modified: 9 years ago

    Ravencajun,

    Last night I did another scan, It was very slow.
    I use Charter's High speed internet Security Suiet. It comes with my internet service.
    This trojan is not listed in their definitions.
    To be honest I have run into it previously and thought if they didn't do anything with it, it must not be serious. It was the email that allerted me to a possible connection.

    I also get some notices that say something that is acting as a server wants access. I always click deny!

    The following is the report after last night's scan.
    I really apperciate your concern and helpfulness!
    _________________________________________
    Scanning Report
    25 August 2009 20:30:53 - 21:55:14
    Computer name: D2JGNZB1
    Scanning type: Scan target
    Target: C:\

    --------------------------------------------------------------------------------

    Result
    No malware found


    --------------------------------------------------------------------------------

    Riskware found
    Downloader.Win32.Agent.q (Riskware)
    C:\14B5.tmp

    --------------------------------------------------------------------------------

    Statistics
    Scanned:
    Files: 132306
    Not scanned: 21
    Result:
    Viruses: 0
    Spyware: 0
    Suspicious items: 0
    Riskware: 1
    Actions:
    Disinfected: 0
    Renamed: 0
    Deleted: 0
    Quarantined: 0
    Failed: 0
    Boot Sectors:
    Scanned: 2
    Infected: 0
    Suspicious items: 0
    Disinfected: 0
    Files not scanned:
    Cannot open file (click here for more info) C:\PAGEFILE.SYS
    Cannot open file (click here for more info) C:\WINDOWS\TEMP\AVP427.TMP
    Cannot open file (click here for more info) C:\WINDOWS\TEMP\AVP428.TMP
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SAM
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
    Cannot open file (click here for more info) C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG
    Scanning of C:\WINDOWS\Installer\149cc.msp\stream 574 was aborted [F-Secure AVP]
    Scanning of C:\Program Files\Charter High-Speed Security Suite\FSAUA\content\70Software_PSC800\34\program\inst\fsma_7.80-127260.windows.fip\fsma\x86-windows\ILAUNCHR.EXE was aborted [F-Secure AVP]
    Scanning of C:\i386\DRIVER.CAB was aborted [F-Secure AVP]
    Cannot open a file in archive C:\DOCUMENTS AND SETTINGS\JUDITH HOESCHEN\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\(4E3254D7-522A-412A-9296-3F4767B3A2CB)\MICROSOFT\OUTLOOK EXPRESS\ANGUSHIRE MEDOWS.DBX
    Cannot open a file in archive C:\DOCUMENTS AND SETTINGS\JUDITH HOESCHEN\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\(4E3254D7-522A-412A-9296-3F4767B3A2CB)\MICROSOFT\OUTLOOK EXPRESS\COMPUTER HELPS AND TIPS.DBX
    Cannot open a file in archive C:\DOCUMENTS AND SETTINGS\JUDITH HOESCHEN\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\(4E3254D7-522A-412A-9296-3F4767B3A2CB)\MICROSOFT\OUTLOOK EXPRESS\INBOX.DBX
    Cannot open a file in archive C:\DOCUMENTS AND SETTINGS\JUDITH HOESCHEN\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\(4E3254D7-522A-412A-9296-3F4767B3A2CB)\MICROSOFT\OUTLOOK EXPRESS\HAYJUDO50.DBX
    Cannot open a file in archive C:\DOCUMENTS AND SETTINGS\JUDITH HOESCHEN\LOCAL SETTINGS\APPLICATION DATA\IDENTITIES\(2C545ACC-8A17-4851-B0AB-238D63125F07)\MICROSOFT\OUTLOOK EXPRESS\INBOX.DBX

    --------------------------------------------------------------------------------

    Options
    Definitions version:
    Viruses: 2009-08-25_08
    Spyware: 2009-08-25_08
    Scanning Engines:
    F-Secure AVP: 7.00.171, 2009-08-25
    F-Secure Hydra: 4.00.9271, 2009-08-25
    Scanning options:
    Scan all files
    Scan inside archives
    Actions:
    Viruses: Ask after scan
    Spyware: Ask after scan

    --------------------------------------------------------------------------------

    Error information
    "Cannot open file" error occurred:
    The "Cannot open file" error message means that the scanner was unable to open a file and that this file was not scanned. You can normally ignore this error message as there are many reasons for this message that do not imply a security threat, including:
    The file was a system file. System files are protected by the operation system by design. You can ignore this message in this case.
    You do not have permission to read the file. To scan the file, log in with a user account with sufficient permissions (for example the computer's administrator account) and rescan.
    The file was in use by an application when the scan was performed. To scan this file, close all applications and rescan.

    --------------------------------------------------------------------------------

    Copyright 1998-2008 Product support : Send virus sample to F-Secure

  • ravencajun Zone 8b TX
    14 years ago
    last modified: 9 years ago

    please do the malwarebytes scan as recommended antivirus programs will not always clean trojans, malwarebytes is the best out there it is what we use in the clean up help forums. If you choose not to do so I can not help you.
    did you notice how much of your scan was not able to be completed? that is often due to malware blocking the action of the programs on the pc so that they can not find or clean the malware. That is very common when a pc is infected, many can not even download or install new antimalware programs or visit online scanning sites.

    you Should be worried about any trojan more than the email message. I suggest you read up on the things that can be done with trojans. You asked if someone could have control of your pc well trojans are how those kinds of things happen.
    Trojan horse (computing)

    Here is the link to one of the fourms I am on you can see how often we use malwarebytes and how successful it is. Feel free to register there and ask for help.
    HijackThis Logs

  • hayjud_mn
    Original Author
    14 years ago
    last modified: 9 years ago

    Ravencajun,
    I don't know if I downloaded the right thing. I followed your link and ended up with PCTools Spyware Doctor. It did a scan, but only takes care of it if I order the product. Was that the wrong download?
    I couldn't figure out how to copy the report, but it said I have 7 threats and 40 infections. None of those were ranked with the most serious marking (red.) When I looked at the details on each one "Adware" was mentioned on most of them. Isn't that what I just downloaded from CNET?

    I also checked that forum, and it is so far over my head that it is scarry!

  • ravencajun Zone 8b TX
    14 years ago
    last modified: 9 years ago

    no I have no idea how you got that program from the malwarebytes link all that is on the page is the malwarebytes but here is another link to it. You want the malwarebytes, which is free, it will offer you to purchase it but you just select to have the free one.
    Welcome Malwarebytes Anti-Malware users

    the link I provided in my original post on this thread also has the direct link to the malwarebytes home page which has a download button.

    the other forum can look scary but the people are all extremely nice and will help step by step when someone needs help so don't worry if we find you need to go there I will help you get started.

    here are the directions we give for use with malwarebytes it might help you understand how to use it better.

    please download Malwarebytes' Anti-Malware to your desktop.

    * Double-click mbam-setup.exe and follow the prompts to install the program.
    * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    * If an update is found, it will download and install the latest version.
    * Once the program has loaded, select Perform full scan, then click Scan.
    * When the scan is complete, click OK, then Show Results to view the results.
    * Be sure that everything is checked, and click Remove Selected.
    * When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
    * Please post contents of that file in your next reply.

  • hayjud_mn
    Original Author
    14 years ago
    last modified: 9 years ago

    Before I even go to that site, do I need to uninstall the wrong one?

  • hayjud_mn
    Original Author
    14 years ago
    last modified: 9 years ago

    I'm Back! And I feel so squeaky clean!

    I un-installed the wrong one that in put in earlier LOL
    First try - they offered a $10 coupon code!
    Second try - They offered it FREE!
    Third try worked! LOL

    Ravencajun,
    I found the Download you sugested and have it installed - then ran it. It took forever, but I got a couple hours of sleep during the scan.

    Thank you so much for all your help!
    Good Night! I'm going to bed! I'll check back in the morning.
    Here is a copy of the report.
    ________________________

    Malwarebytes' Anti-Malware 1.40
    Database version: 2702
    Windows 5.1.2600 Service Pack 3

    8/27/2009 3:52:31 AM
    mbam-log-2009-08-27 (03-52-31).txt

    Scan type: Full Scan (C:\:)
    Objects scanned: 162722
    Time elapsed: 2 hour(s), 11 minute(s), 26 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 3
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 1
    Files Infected: 4

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\"0ed403e8-470a-4a8a-85a4-d7688cfe39a3> (Adware.Gamevance) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\"b64f4a7c-97c9-11da-8bde-f66bad1e3f3a> (Rogue.WinAntiVirus) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo (Adware.PurityScan) -> Quarantined and deleted successfully.

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    C:\Documents and Settings\Judith Hoeschen\Start Menu\Programs\Internet Speed Monitor (Adware.AdSponsor) -> Quarantined and deleted successfully.

    Files Infected:
    C:\Documents and Settings\Judith Hoeschen\Start Menu\Programs\Internet Speed Monitor\Check Now.lnk (Adware.AdSponsor) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Judith Hoeschen\Start Menu\Programs\Internet Speed Monitor\Uninstall.lnk (Adware.AdSponsor) -> Quarantined and deleted successfully.
    C:\Program Files\Common Files\Yazzle1552OinUninstaller.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ieupdates.exe.tmp (Adware.Agent) -> Quarantined and deleted successfully.

  • ravencajun Zone 8b TX
    14 years ago
    last modified: 9 years ago

    excellent work you did good and yes I would have said to remove the other program.

    Let me know if all seems well it looks like malwarebytes got you cleaned up. Please keep that program, update it and run it weekly, it is an excellent program.

    also if you do not have spywareblaster on your pc I highly recommend it also, there are no scans to do all you do is open it weekly hit update then hit enable all protection and it just sits there silently protecting you. It is also free.

    I would make sure your current antivirus program is functioning properly and is able to do full scans. I would do an online scan on occasion to double check.
    SpywareBlaster

    ESET Online Scanner

  • ravencajun Zone 8b TX
    14 years ago
    last modified: 9 years ago

    just as a precaution I think you might want to change your passwords on some of your more sensitive stuff like that email account for example, be sure you do create very strong passwords especially for email accounts, never use real words use a combo of numbers and letters in a non sense order.
    like last 4 digits of your phone number then the initials of your spouse or child, adding in characters helps $#*

Sponsored
Interior Style by Marisa Moore
Average rating: 4.9 out of 5 stars57 Reviews
Northern Virginia Interior Designer - Best of Houzz 2013-2020!