I am running incredimail as my main email programme and have started to get undeliverable mail messages from addresses I have not emailed.

I have a btinternet account and a pipex account running on it.

I only use my bt account to recieve messages, but I have just received a reply from what looks like an email that has been sent from my bt account.

Is it possible I have been hacked? I am running Zonealarm.

Below is the properties from the email I received. It was from a woman telling me to **** off, as she obviously thought that I had sent it.

The title of the email was Japanese girl vs playboy.

-----------------------------------------------------------------------------------------------

Received: from sulphur.cix.co.uk ([212.35.225.149])
by uranium.btinternet.com with esmtp (Exim 3.22 #8)
id 17cT6Z-0000hq-00
for smithycom@btinternet.com; Wed, 07 Aug 2002 16:52:11 +0100
Received: from LibDemEuroParty (5300-tele-1-cluster.117.ip-pool.cix.co.uk [194.153.22.117])
by sulphur.cix.co.uk (8.11.3/CIX/8.11.3) with SMTP id g77FqFU28946
for <smithycom@btinternet.com>; Wed, 7 Aug 2002 16:52:15 +0100 (BST)
X-Envelope-From: angela@dianawallismep.org.uk
Message-ID: <000001c23e2a$57bc4520$020a0a0a@LibDemEuroParty>
From: "Angela Kay" <angela@dianawallismep.org.uk>
To: "smithycom" <smithycom@btinternet.com>
References: <E17cAeo-000Plb-00@mk-smarthost-1.mail.uk.tiscali.com>
Subject: Re: Japanese girl VS playboy
Date: Wed, 7 Aug 2002 10:09:39 +0100
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0018_01C23DFA.8A5C0540"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2615.200
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200
Status:

---------------------------------------------------------------------------------------------

Anybody any ideas?

Try running the Cleaner to check for any trojans infecting your system:

http://www.moosoft.com/

Thanks, installed it m8, but nothing found.

Any other ideas?

very weird < you sure its not spam mail ?>

Does the email show up in your Sent Items???

Does anyone else have access to your PC??

Nothing in sent items.

The wierd thing is the the BT account is modem dial up, which is unplugged from the socket! So it cant have been sent from my PC.

Is it possible someone is using my account from another PC if they have the passwords?

Just had another one through from - Sue Wiseman. Subject - CImage.scr.

Message pane is blank, but in the properties it shows size 153KB

Here is the properties info

-----------------------------------------------------------------------------------------------

Received: from mk-smarthost-4.mail.uk.tiscali.com ([212.74.114.40])
by uranium.btinternet.com with esmtp (Exim 3.22 #8)
id 17cUVO-0003uv-00
for smithycom@btinternet.com; Wed, 07 Aug 2002 18:21:54 +0100
Received: from [62.6.92.105] (helo=Fouu)
by mk-smarthost-4.mail.uk.tiscali.com with smtp (Exim 4.05)
id 17cUUr-0002r6-00
for smithycom@btinternet.com; Wed, 07 Aug 2002 18:21:22 +0100
From: sue-wiseman <sue-wiseman@blueyonder.co.uk>
To: smithycom@btinternet.com
Subject: CImage.src
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary=PE8lEQK5t3v8776ln4x1
Message-Id: <E17cUUr-0002r6-00@mk-smarthost-4.mail.uk.tiscali.com>
Date: Wed, 07 Aug 2002 18:21:22 +0100
Status:

----------------------------------------------------------------------------------------------

LMK

Hi guys

Altered the settings on Cleaner and did another scan.

It found the trojan 'Klez' 3 times and sorted it.

Thanks CHR15

Also came up with this at the end as a 'problem.log' Dont know if its anything to worry about?

FILE: C:\hiberfil.sys

PROBLEM: I could not scan this file. Error Code 32: "The process cannot access the file because it is being used by another process."

SOLUTION: A common reason for this error is that Windows has locked the file for
SOLUTION: exclusive access. A swap file is a common example. Also, an antivirus
SOLUTION: program might be denying access to the file. In that case, you can
SOLUTION: temporarily disable the anti-virus to clean the trojan.

FILE: C:\PAGEFILE.SYS

PROBLEM: I could not scan this file. Error Code 32: "The process cannot access the file because it is being used by another process."

SOLUTION: A common reason for this error is that Windows has locked the file for
SOLUTION: exclusive access. A swap file is a common example. Also, an antivirus
SOLUTION: program might be denying access to the file. In that case, you can
SOLUTION: temporarily disable the anti-virus to clean the trojan.

Dont worry about those two. Hyberfil is used for windows hibernation and the other is the Page File.

Windows is constantly using them so the cleaner will not get full access to them.