HKLM\SECURITY\Policy\Secrets|SAI*

Discussion in 'other security issues & news' started by dlevere, Sep 7, 2007.

Thread Status:
Not open for further replies.
  1. dlevere
    Offline

    dlevere Registered Member

    Someone using this IP is sending e-mail out in my name:

    80.12.242.139

    canonical name smtp2a.orange.fr.
    aliases
    addresses 80.12.242.139

    I used Rootkit Revealer and found the following Registry Key:
    HKLM\SECURITY\Policy\Secrets|SAI*

    How do I get rid of this? I don't know how I got it. o_O :doubt: :blink:
  2. Climenole
    Offline

    Climenole Look 'n' Stop Expert

  3. dlevere
    Offline

    dlevere Registered Member

    I received a bunch of E-mails that said Mail undelivered, returned to sender, and I know that I didn't send them out. I'll see if I can get one of the headers, I deleted most of them.
  4. SG1
    Offline

    SG1 Registered Member

    dlevere;

    I could be wrong on this, but seems to me that I read somewhere recently about getting "undeliverable" mail returned with something attached in hopes that users would just click/open them... which they'd have cause to regret.

    SG1 (Pat)
  5. stapp
    Offline

    stapp Global Moderator

  6. dlevere
    Offline

    dlevere Registered Member

    No, I don't open attachments, even from people that I know.

    I only opened one of them, it had no attachment, and I deleted the rest, and blocked smtp2a.orange.fr
  7. Climenole
    Offline

    Climenole Look 'n' Stop Expert

    Hi dlevere :)

    May be your email address is known and used by spammers as phony email source.
    When spams reach some of their targets they are bounced to you.

    The same trick was used about 2 years ago with email from phony "Microsoft":
    these mail have malware attached and hide their real source by forging
    the headers with the real Microsoft address...

    Why don't send an email to your email provider about this?
    Just to protect your butts...

    If your email address is in the spammers list I guess the best solution is
    to cancel this address and create a new one.

    You may also create more than one email addr.:

    personnal: only know by people you know personnaly (e.g. familly members, well known friends)

    professionnal: only for job or business purpose

    "social" : other contacts...

    Example: 3 gmail account and centralised with an email client ...

    :)

    Some references:

    wikipedia: E-mail_spam
  8. dlevere
    Offline

    dlevere Registered Member

    Thanks, I'll take your advice and notify my E-mail provider.
Thread Status:
Not open for further replies.