HKLM\SECURITY\Policy\Secrets|SAI*

Someone using this IP is sending e-mail out in my name:

80.12.242.139

canonical name smtp2a.orange.fr.
aliases
addresses 80.12.242.139

I used Rootkit Revealer and found the following Registry Key:
HKLM\SECURITY\Policy\Secrets|SAI*

How do I get rid of this? I don't know how I got it.

 

Hi dlevere

Read this please:

http://forum.sysinternals.com/forum_posts.asp?TID=8882


This is not related to your email problem.

Give us more details...

 

I received a bunch of E-mails that said Mail undelivered, returned to sender, and I know that I didn't send them out. I'll see if I can get one of the headers, I deleted most of them.

 

dlevere;

I could be wrong on this, but seems to me that I read somewhere recently about getting "undeliverable" mail returned with something attached in hopes that users would just click/open them... which they'd have cause to regret.

SG1 (Pat)

 

No, I don't open attachments, even from people that I know.

I only opened one of them, it had no attachment, and I deleted the rest, and blocked smtp2a.orange.fr

 

Hi dlevere

May be your email address is known and used by spammers as phony email source.
When spams reach some of their targets they are bounced to you.

The same trick was used about 2 years ago with email from phony "Microsoft":
these mail have malware attached and hide their real source by forging
the headers with the real Microsoft address...

Why don't send an email to your email provider about this?
Just to protect your butts...

If your email address is in the spammers list I guess the best solution is
to cancel this address and create a new one.

You may also create more than one email addr.:

personnal: only know by people you know personnaly (e.g. familly members, well known friends)

professionnal: only for job or business purpose

"social" : other contacts...

Example: 3 gmail account and centralised with an email client ...



Some references:

wikipedia: E-mail_spam

 

Thanks, I'll take your advice and notify my E-mail provider.