Questions regarding a possible virus infection

Steve_Brady
Steve_Brady used Ask the Experts™
on
Hello,

I'm wondering if the following scenario is indicative of my system being infected by some type of virus or parasite or having some other type of issue of concern.

I sent an e-mail message to a friend through MS Outlook (2010) but included no Cc's or Bc's.  A while later I got a message saying:

Delivery Status Notification (Failure)

This is an automatically generated Delivery Status Notification.

Delivery to the following recipients failed.

       s.arafat070@yahoo.com


However, that e-mail address is not the address of my intended recipient and in fact is not in my e-mail address directory and is completely unfamiliar to me.  Interestingly, I did a system search for "s.arafat070" and it turned out two results, both of which were also bounce backs but from e-mails I sent almost a year several months ago.  Even more curious is that this particular friend was a recipient on both of those messages (one as part of a distribution list iand the other as a single cc).

In case it is helpful, here is the content of the text file attached to the bounce back message:

Reporting-MTA: dns;col0-omc3-s2.col0.hotmail.com
Received-From-MTA: dns;COL0-MC1-F4.Col0.hotmail.com
Arrival-Date: Thu, 24 May 2012 21:08:17 -0700

Final-Recipient: rfc822;s.arafat070@yahoo.com
Action: failed
Status: 5.5.0
Diagnostic-Code: smtp;554 delivery error: dd This user doesn't have a yahoo.com account (s.arafat070@yahoo.com) [-5] - mta1458.mail.mud.yahoo.com


Questions:

1) Do these circumstances suggest an infection of either my friend's system or mine?

2) Is it possible/likely that messages I'm sending are going to unintended recipients and I just don't know about it because they are not bouncing back?

3) I have Kaspersky anti-virus Version 2011 but at the time I sent this e-mail, it was disabled because it slows down my Dragon NaturallySpeaking (DNS) voice recognition application.  Should I not Send/Receive e-mails when it is disabled?

4) What is the best fix if a fix is needed?

Thanks

My specs FYI:
•Processor: AMD Phenom(tm) II X6 1090T Processor 3.20 GHz
•Memory: 16.0 GB
•Operating System: Windows 7 Ultimate (64-bit)
•Drive C: Crucial 128GB SATA 6.0Gbps/2.5-inch Solid State Drive (CTFDDAC128MAG-1G1)
•Drive D: LG 12x SATA Blu-ray Writer Drive (WH12LS30K)
•Drive E: WD 500GB SATA 6.0Gbps/7200RPM/16MB/3.5-inch Internal HD (WD5000AAKX-001CA0)
•Drive F: Hitachi 1TB SATA 3.0Gbps/7200RPM/32MB/3.5-inch Internal HD (HDS721010CLA332)
•Drive G: Seagate 3TB SATA 6.0Gbps/7200RPM/64MB/3.5-inch Internal HD (ST3000DM001-9YN166)
•Video: ATI Radeon HD 5700 Series
•MS Office 2010
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
President
Top Expert 2010
Commented:
Somebody else entirely could have the virus.  I wouldn't worry about it unless you start getting a lot more messages.
Sounds like your email address might have been harvested.  If that is the case there is not a lot you can do.
Sounds strange... have you confirmed with your friend that he hasn't/hadn't a redirection to that account?

Is quite relevant that each time you found a reference to that address it's on a mail sent to the same person.
How to Generate Services Revenue the Easiest Way

This Tuesday! Learn key insights about modern cyber protection services & gain practical strategies to skyrocket business:

- What it takes to build a cloud service portfolio
- How to determine which services will help your unique business grow
- Various use-cases and examples

Sam Simon NasserIT Support Professional
Commented:
it's most possible that he got a malware on his PC. Advise him to scan using MalwareBytes AntiMalware, up date and scan.
http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

Open in new window

Author of the Year 2011
Top Expert 2006
Commented:
Just posting to concur with the first two experts - not for points. The symptoms most resemble "spoofing" which (1) has been around forever and (2) really has no cure.
=========

In the FWIW department, advice to 'run Malwarebytes' really isn't very effective these days. MBAM is so good that it is targeted by many variants of malware.

There are specific steps to follow before using it, as described here:
http://www.experts-exchange.com/A_4922.html Rogue-Killer-What-a-great-name
http://www.experts-exchange.com/A_5124.html Stop-the-Bleeding-First-Aid-for-Malware
harvesting is unlikely if these mails always come as an answer to an email you actually did send, and also if you do not have many of these.

a fogotten redirection is likely if you see similar messages every time you send a mail to that specific person

a malware on your computer is possible, but does not fit the symptoms

a malware on the recipient's computer is irrelevant to the matter

---

can you send the complete mail you received ? i mean the source of the email both headers and body. please attach the eml or raw message if you do not know how to retrieve the source.

can you tell us if the actual recipient is at yahoo ?

can you also tell us which smtp server you use ?

Author

Commented:
Great responses. Thanks.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial