Email compromised?

boyse7en

I've had a couple of returned emails that refer to emails I have never sent. I'm worried that my computer may be compromised and is sending out spam/spoof/virus emails to the people in my address book (using Thunderbird). The returned emails are bouncing as teh addresses are no longer live, but I assume my live contacts are receiving the emails.

Return info is as follows (email address removed)
Return-Path:
Received: from imo-ma04.mx.aol.com (imo-ma04.mx.aol.com [64.12.78.139])
by imr-mb02.mx.aol.com (8.14.1/8.14.1) with ESMTP id o2K1Yo1V019099;
Fri, 19 Mar 2010 21:34:50 -0400
Received: from
by imo-ma04.mx.aol.com (mail_out_v42.9.) id d.d9e.6b0de8 (44667);
Fri, 19 Mar 2010 21:34:45 -0400 (EDT)
Received: from smtprly-mc03.mx.aol.com (smtprly-mc03.mx.aol.com [64.12.95.99]) by cia-mc01.mx.aol.com (v127_r1.2) with ESMTP id MAILCIAMC016-d3d74ba4262f154; Fri, 19 Mar 2010 21:34:45 -0400
Received: from webmail-d022 (webmail-d022.sim.aol.com [205.188.181.21]) by smtprly-mc03.mx.aol.com (v127.7) with ESMTP id MAILSMTPRLYMC031-d3d74ba4262f154; Fri, 19 Mar 2010 21:34:39 -0500
To:
Content-Transfer-Encoding: quoted-printable
Subject:
Date: Fri, 19 Mar 2010 21:34:39 -0400
X-MB-Message-Source: WebUI
X-AOL-IP: 96.28.64.106
X-MB-Message-Type: User
MIME-Version: 1.0
From:
Content-Type: text/plain; charset="us-ascii"
X-Mailer: AOL Webmail 31144-STANDARD
Received: from 96.28.64.106 by webmail-d022.sysops.aol.com (205.188.181.21) with HTTP (WebMailUI); Fri, 19 Mar 2010 21:34:39 -0400
Message-Id: [EMAIL="8CC95E4A42ED913-8E4-176CA&#64;webmail-d022.sysops.aol.com"]<8CC95E4A42ED913-8E4-176CA@webmail-d022.sysops.aol.com>[/EMAIL]
X-Spam-Flag:NO
X-AOL-SENDER:
And there are two attached files named "Part 1.2" and "Part 1.3" which I've not opened.

I've run Malwarebytes and Spybot, both give clean results, as does AVG.

Don't really know where else to look

JasX

you've left your email address in all the html links above where you've tried to remove it, (both your AOL email and the Tiscali one that mail was sent to) -I'd delete that asap before the spam trawlers pick it up

Other than that to fix your problem

1- Go change the password and ALL security reset /reminder questions and info on the account, that'll deal with anything on any other PC having access.

2-Check your PC for viruses/malware/security patches

boyse7en

JasX wrote: »

you've left your email address in all the html links above where you've tried to remove it, (both your AOL email and the Tiscali one that mail was sent to) -I'd delete that asap before the spam trawlers pick it up

Ta, now editted.

JasX wrote: »

Other than that to fix your problem

1- Go change the password and ALL security reset /reminder questions and info on the account, that'll deal with anything on any other PC having access.

2-Check your PC for viruses/malware/security patches

Have checked PC using Malwarebytes, Spybot and have AVG run a scan every night. Nothing showing up.
Surprised that my password has been compromised. I know that they can hit anything given enough time, but it is a random word and four-digit number combination which I thought would be pretty hard to crack.
Anyway, logged in and changed password and security question. Hopefully that'll stop it.

Markyt

You probably haven't been compromised. I've seen this a few times before, where spam houses have spoofed the return addresses. I've even had emails returned to myself whch are apparently from myself!

macman

Are the emails in your 'sent' folder? If not, then it's just the address being spoofed and your account has not been hacked.

boyse7en

Emails in my sent folder (I rarely use the webmail, and it seems that stuff sent through it doesn't appear in my Thunderbird sent folder), advertising the usual links for Poker and pill sites. At least they're not too offensive and they are obviously spam links.