Helping people with computers... one answer at a time.

Infected machines are thought to be a leading cause of spam today. What you should do if you're infected, and how to keep from being a spammer.

I have been accused of sending random emails through someone else's account. I don't even know the email address of this person. The IP address happens to be mine, but I did not send these emails. I was told by my ISP that my computer could have been compromised or have a virus. Could this be true? If so how do I try to clear my computer and fix this problem. It has been running very slow and also freezes up quite often. Secondly, how is someone able to steal your information and take over your computer?

Not only is it possible, it's an epidemic. It's likely that you are an unwitting participant in the spam war.

And you're playing for the wrong side.

Your machine may very well be a spam sending zombie.

The concept is very simple: your machine gets infected with a virus. That virus then installs a hidden program that can be controlled remotely. That program is periodically called on by spammers to send spam on their behalf. It looks like the spam email is coming from your machine, because it is.

Even though you know nothing about it, you have become a spammer.

How did this happen? The real question might be "why did you allow this to happen?"

In all likelihood you are not running anti-virus and anti-spyware software. If you are, you probably don't have up to date databases. You may not be behind a firewall. Your version of Windows may not be fully up to date.

Your PC is most likely vulnerable to attack from malware.

You may have unwittingly opened an attachment in email that you shouldn't have, or visited a web site that downloaded something you didn't want. Because you were vulnerable, your machine was infected.

The rest, as they say, is history.

The fact that you indicate your machine is running slow and freezing up often strongly supports my theory; that's classic behavior for a machine that's infected. Quite possibly you have multiple infections.

"... once your machine has been compromised, you really can't trust it ever again until you completely reformat and reinstall."

So what do you do?

There are two schools of thought.

  1. Scan repeatedly with anti-virus and anti-spyware software with up to date databases. Let those programs scan and clean your machine. Multiple times. Then update the databases and do it again. You may be able to clean your machine this way.

  2. Backup your data, reformat and reinstall Windows, from scratch. Make sure to enable a firewall before you connect to the internet, and install anti-virus software and anti-spyware software. And make sure that both are getting regular, automatic updates to their databases.

If you have only a minor infection, perhaps only one virus or so, it's possible that the first approach may be enough. But especially if you are as heavily infected as I suspect you are, you really have no recourse; you must reformat and reinstall. Safely.

There's an adage in computer server management that applies equally well to desktops: once your machine has been compromised, you really can't trust it ever again until you completely reformat and reinstall. It's a sad reality.

So like I said at the beginning, what you describe is not only possible, it's an epidemic. You are not alone. It's thought to be perhaps the single biggest cause of spam today.

So please, take the time and take the steps to keep your computer safe on the internet. It's no longer just about protecting you, it's about protecting everyone else on the internet as well.

Article C2971 - March 22, 2007 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

6 Comments
Ken
March 23, 2007 7:45 AM

My wife's consulting business has, over the past year or so, seen a tremendous increase in "malware", and now generates most of its business cleaning off people's computers. (Without losing any data >95% of the time, unlike "the easy way" of reformat and start over.) We have seen computers that can liteally take 10 minutes to boot because of all the malware on them. Some have been infected with literally thousands of copies of viruses and/or spyware.

It's amazing that people still run without any protection, or with 3-year-old antivirus databases, and no firewalls

Nina R. Santiago
March 23, 2007 7:17 PM

Really like your information.. thank so much..
I have never been able to sign into Outlook Express. something about my settings.. What to do? thanks again

Norman Rondeau
March 23, 2007 10:04 PM

Excellent article. I would like to add that there are a number of web sites where you can check your computer for viruses, malware and even check your firewall. These are a good supplement to whatever protection you run on your computer. The more active the roll you take in keeping your computer secure, the less chance of the dreaded reformat.

Gail Richardson
March 24, 2007 3:36 PM

I had exactly what happened in the email, happened to me while on aol. I got kicked out of aol. When I was finally able to clear my name, I changed my password. And was allowed to use aol, again. But since then I started using broadband, & free aol. But no virus's show up on my computer. I guess I was one of the lucky ones.

Star Ostgard
October 24, 2007 4:40 PM

Today I received a spam email - from me. The "sender" had my exact email address. I immediately followed your advice from another article and changed my password; I also reported it to Yahoo, whether they can do anything or not. I don't understand how I could have a virus, though. I have an up to date firewall, my virus protection automatically updates several times a day, and I run another virus/spyware detector at least once a day; nor do I ever open attachments (unless from someone I know and then I verify with them first). So as far as I know, I've been diligent about protecting my computer.

Leo A. Notenboom
October 25, 2007 3:08 PM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It may not be a virus, and may have NOTHING to do with you or your computer:
http://ask-leo.com/someones_sending_from_my_email_address_how_do_i_stop_them.html

Leo

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)

iD8DBQFHIRQbCMEe9B/8oqERAgdAAJ9NAHBC1ZyxJSIDZkylPFvDnXAxpgCbBhm0
4C2oDfD0uE2OKenw4Qv+Uts=
=RzDC
-----END PGP SIGNATURE-----

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.