Computer sending emails by itself

Posted on 2006-04-20
Last Modified: 2013-12-04

I am having a very strange problem. I currently have Norton Antivirus 2005 installed (and have so for months). I have the scanning of outgoing emails feature turned on, so when I compose and send a message from Outlook it is moved to the 'Sent Items' folder and then Norton relays the message (showing its progress near the systray in a popup). For the past couple of months my PC has been sending emails by itself occasionally.  They are not being sent through Outlook but the Norton outgoing email scanner does pop up briefly to let me know it is scanning an outgoing message.

I have done searches by date for files last modified and accessed and can see nothing suspicious. I am running Norton AV 2005 with all the latest updates and this PC also does weekly virus scans by itself. I have run Adaware as well and found nothing that strikes me as being odd. Also the smtp server I use for relaying is my own (located on a different PC, not on the same network). I have checked the logs on the server and these messages are not being relayed through my server.

I'd like to stop this from happening (or even confirm that it is indeed happening) but more importantly I'd like to know what is being sent and to whom. Does anyone have any suggestions on how I can track these outgoing messages or locate the source application which is sending them?
Question by:rite_eh
    LVL 48

    Expert Comment

    Hi rite_eh,

    thats perfectly normal my friend

    LVL 48

    Expert Comment


    ah wron Q damn QP!

    sorry mate
    LVL 8

    Assisted Solution


    you definatly have a problem here. Sounds like you got hacked :-) . Sounds even more like you have a rootkit.

    You should try using RootKit Revealer. You can download it here:

    Perhaps the reason why you can't find the offending file is because it IS a rootkit. Norton hooks into Winsock, that is probably the ONLY way this thing is being detected.

    If a rootkit is found, you best format your drive. Don't think you can clean it out yourself.


    LVL 1

    Expert Comment

    Can u check the LOGS od Norton and see what is happeneing exactally.

    and also check in Event Viewer .
    LVL 32

    Expert Comment

    You can also download and run HJT from  Post the log back to that web site (not here), click on "analyze" at the bottom, then click "Save Analysis" at the bottom of the next page, and finally post a link to that saved analysis page here.
    LVL 23

    Accepted Solution

    If I were you I'd immediately disconnect from the internet, and do not reconnect until you know what is being sent, and to where, and by what.
    Check Norton: "statistics" - "view logs" - "e-mail filtering". This should reveal some information about what is being sent.

    Try downloading, updating and running Ewido:

    Disable system restore and boot into safe mode. Run Ewido.
    Disable startups in msconfig.
    Bitdefender is an anti-virus program which I have seen find infections which Norton missed. Check it out here:

    An added bonus is - it's free!

    Are you running any peer-to-peer file sharing software: Limewire; Winmx; E-mule; etc.? If so, check the contents of your shared folder. I recently had a client whose HDD was colonized by a huge repository of porn. He was running Kazaa, but he isn't any more.

    Assisted Solution

    Right off, I'd tighten the rules on my software firewall. Make sure youi have not inadvertantly allowed access to an application you did not mean to. If you don't have a software firewall installed, I'd highly recommend it. It's typically pretty easy to block from the outside in, but it is the inside ---> Outside exploits that get us.  I had something similar happen abouit a year ago. I installed Zone alarm and caught the application in the act and was able to track it down from there.

    LVL 2

    Assisted Solution

    I strongly Advise you to go to

    download kaspersky anti virus personal (trial version)

    do a full scan.

    Cuz It may be key logger which collects information about ur pc and the keys u enter on keyborad and send them to the hacker.

    or just A trojan that sends the hacker ur ip everytime u connect to the internet

    I had this problem before when i used to using norton anti virus and some trojans couldnt be catched by it

    since 2 years i have been using kaspersky i havent got any virus or trojan....etc

    regards :)
    LVL 23

    Expert Comment


    Was any of the above info helpful?
    LVL 1

    Author Comment

    Yes, thank you to all of you who provided me with suggestions, links, etc. I have divided points up across multiple people. There were actually two reasons my PC was doing this.

    I had a spyware/virus application which was emailing out on a regular interval. Monitoring outgoing traffic helped me catch this one. Requests going out on port 80 for ad sites. It was emailing out ad re;ated data as far as I can tell. I've taken some precautions there (changed passwords, etc). Secondarily I stumbled across Outlook in the logs which was automatically sending read receipts (without my permission, which I have since turned off). The weird thing was it was doing this a minute or two after I opened the message (not right away as expected). I tracked this down while viewing the Norton Antivirus logs.

    Again thanks for the help and reminder on this question.

    Featured Post

    Better Security Awareness With Threat Intelligence

    See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

    Join & Write a Comment

    Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
    As a Mac user and former AppleCare AHA & Senior Advisor, I'm constantly bombarded with questions about Macs and if they need Antivirus. This short article is my response to those questions.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
    Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now