Hi,
I am using outlook xp on win xp dell laptop...

When I sent emails out I am occasionally seeing 'sending 0 of n'
emails.

This usually only occurs when sending acknowledgements for emails and
in these cases there are no acknowledgments......

I scanned using McAffee and AdAware and it showed up a keylogger
installed onto the OS disk which I have rebuilt inside the last 40
days.........I deleted the key-logger but it was in the temp folder
for my user name on the laptop.

So I think what has happened is that I have been 'bugged' by a key-
logger that was most likley delivered by email but did not get
detected by mcafee as the email was opened and it has been sending
keystrokes to whoever bugged me......(hope they have better things to
do than read my typing)......

Has anyone seen such a delivery mechanism for bugging? If so, how
would I make sure that the bug is not in any of the emails I am
opening so that I do not re-infect myself..?

Or is there any way to check outlook to see where the bug might be
being invoked?

Thanks

Peter

is there anything in the sent folder? Assuming the keylogger were using
outlook to send email, it would most likely be in the sent folder.

if you have all windows and office updates and do not open blocked
attachments and do not visit questionable, untrusted websites and use the
default security settings (or tighten them), you should be ok.

--
Diane Poremsky [MVP - Outlook]
Author, Teach Yourself Outlook 2003 in 24 Hours
Need Help with Common Tasks? http://www.outlook-tips.net/beginner/
Outlook 2007: http://www.slipstick.com/outlook/ol2007/

Outlook Tips by email:


Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com
Subscribe to Exchange Messaging Outlook newsletter:



"Peter Nolan" wrote in message
...
Hi,
I am using outlook xp on win xp dell laptop...

When I sent emails out I am occasionally seeing 'sending 0 of n'
emails.

This usually only occurs when sending acknowledgements for emails and
in these cases there are no acknowledgments......

I scanned using McAffee and AdAware and it showed up a keylogger
installed onto the OS disk which I have rebuilt inside the last 40
days.........I deleted the key-logger but it was in the temp folder
for my user name on the laptop.

So I think what has happened is that I have been 'bugged' by a key-
logger that was most likley delivered by email but did not get
detected by mcafee as the email was opened and it has been sending
keystrokes to whoever bugged me......(hope they have better things to
do than read my typing)......

Has anyone seen such a delivery mechanism for bugging? If so, how
would I make sure that the bug is not in any of the emails I am
opening so that I do not re-infect myself..?

Or is there any way to check outlook to see where the bug might be
being invoked?

Thanks

Peter

"Peter Nolan" wrote in message
...

I am using outlook xp on win xp dell laptop...

When I sent emails out I am occasionally seeing 'sending 0 of n'
emails.

This usually only occurs when sending acknowledgements for emails
and
in these cases there are no acknowledgments......
snip

I never send (automatically or via prompt) any read receipts so this
is a just a guess that Outlook doesn't count read receipts since YOU
didn't compose them. I wasn't aware that Outlook even gave you any
notification that it was sending a read receipt.

Do you have Outlook configured to automatically send read receipts
(when any senders requests them)? One of the first configuration
changes or checks you should do after installing Outlook is to ensure
that you neither automatically send read receipts or even bother with
the prompts for them. Set Outlook to *never* send read receipts.

On Dec 30, 11:00*am, "VanguardLH" wrote:
"Peter Nolan" wrote in message

...

I am using outlook xp on win xp dell laptop...

When I sent emails out I am occasionally seeing 'sending 0 of n'
emails.

This usually only occurs when sending acknowledgements for emails
and
in these cases there are no acknowledgments......

snip

I never send (automatically or via prompt) any read receipts so this
is a just a guess that Outlook doesn't count read receipts since YOU
didn't compose them. *I wasn't aware that Outlook even gave you any
notification that it was sending a read receipt.

Do you have Outlook configured to automatically send read receipts
(when any senders requests them)? *One of the first configuration
changes or checks you should do after installing Outlook is to ensure
that you neither automatically send read receipts or even bother with
the prompts for them. *Set Outlook to *never* send read receipts.

Hi All,
more on this one...

1. No..there is nothing in the sent items for the 0 of n emails being
sent....does anyone know how to track what emails are being sent
especially these 0 of 1? Can the tcp port be logged to see what is
going over it? Or can Outlook be made to log in more detail?


2. The directory that the spyware is in is "F:\Documents and Settings
\Peter Nolan\Local Settings\Temp\AAWTMP\C658777" and it is
familykeyloggersetup.exe..

Interestingly, if I open this folder in exlporer the name of the
subfolder keeps changing. I guess this is it's attempt to hide...

3. I have a dual boot machine so I booted the other OS opened outlook
there and scanned using ad aware and ad aware + mcafee found the key
logger again, this time on the C drive....So it would seem to me that
the spyware is somehow attached to the outlook folder because the
instance of outlook was completely separate. Does anyone know how to
look for what programs are loaded when outlook starts up? Is there
a .ini file or something? I would think the spyware must be attached
to the startup of outlook via the folder that held the original bugged
email.

"If you have all windows and office updates and do not open blocked
attachments and do not visit questionable, untrusted websites and use
the
default security settings (or tighten them), you should be ok. "

I gather that I have received an email that had the bug in it.....they
have done a pretty good job since they avoided mcafee on the way
in...though mcafee finds it when scanned by ad aware....it is
interesting to note that mcafee does NOT find it if it is run by
itself....probably because of the changing folder name.......

4. I have not yet figured out how to make sure I can get rid of it so
no credit card numbers getting typed into this laptop any time
soon.....

All ideas most welcome....

I will also post to the mcafee site.

Thanks

Peter

The best way to remove it is to reformat. Yeah, it's a lot of work, but it's
the only way you'll know for sure that its gone.

Are you sure it came in via an email? Based on both the file name and
google, it looks like a spy program a suspicious spouse or parent would
install.
http://www.google.com/search?q=familykeylogger

Outlook does not load via an ini file. How that particular keylogger works
is something those who frequent security forums would know.

--
Diane Poremsky [MVP - Outlook]
Author, Teach Yourself Outlook 2003 in 24 Hours
Need Help with Common Tasks? http://www.outlook-tips.net/beginner/
Outlook 2007: http://www.slipstick.com/outlook/ol2007/

Outlook Tips by email:


Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com
Subscribe to Exchange Messaging Outlook newsletter:



"Peter Nolan" wrote in message
...


Hi All,
more on this one...

1. No..there is nothing in the sent items for the 0 of n emails being
sent....does anyone know how to track what emails are being sent
especially these 0 of 1? Can the tcp port be logged to see what is
going over it? Or can Outlook be made to log in more detail?


2. The directory that the spyware is in is "F:\Documents and Settings
\Peter Nolan\Local Settings\Temp\AAWTMP\C658777" and it is
familykeyloggersetup.exe..

Interestingly, if I open this folder in exlporer the name of the
subfolder keeps changing. I guess this is it's attempt to hide...

3. I have a dual boot machine so I booted the other OS opened outlook
there and scanned using ad aware and ad aware + mcafee found the key
logger again, this time on the C drive....So it would seem to me that
the spyware is somehow attached to the outlook folder because the
instance of outlook was completely separate. Does anyone know how to
look for what programs are loaded when outlook starts up? Is there
a .ini file or something? I would think the spyware must be attached
to the startup of outlook via the folder that held the original bugged
email.

"If you have all windows and office updates and do not open blocked
attachments and do not visit questionable, untrusted websites and use
the
default security settings (or tighten them), you should be ok. "

I gather that I have received an email that had the bug in it.....they
have done a pretty good job since they avoided mcafee on the way
in...though mcafee finds it when scanned by ad aware....it is
interesting to note that mcafee does NOT find it if it is run by
itself....probably because of the changing folder name.......

4. I have not yet figured out how to make sure I can get rid of it so
no credit card numbers getting typed into this laptop any time
soon.....

All ideas most welcome....

I will also post to the mcafee site.

Thanks

Peter

Additionally, I would inquire of my family members who have access to your computer what they had in mind when installing this piece of spyware. Sounds like there may be a trust issue there.

See http://www.spywareremove.com/removeFamilyKeyLogger.html for how to thoroughly remove this.

Then password protect your computer with a screensaver you can kick in automatically when you leave your computer and set a password on it.

I have created a simple shortcut to lock my computer when I leave it at work - no need to use it at home, cats don't have access to my desktop, they have their own laptops!) - then drag it to your quick launch bar:

%windir%\system32\rundll32.exe user32.dll,LockWorkStation

Works on Windows XP, not sure about Windows Vista.

--�
Milly Staples [MVP - Outlook]

Post all replies to the group to keep the discussion intact. All
unsolicited mail sent to my personal account will be deleted without
reading.

After furious head scratching, Peter Nolan asked:

| On Dec 30, 11:00 am, "VanguardLH" wrote:
|| "Peter Nolan" wrote in message
||
|| ...
||
||| I am using outlook xp on win xp dell laptop...
||
||| When I sent emails out I am occasionally seeing 'sending 0 of n'
||| emails.
||
||| This usually only occurs when sending acknowledgements for emails
||| and
||| in these cases there are no acknowledgments......
||
|| snip
||
|| I never send (automatically or via prompt) any read receipts so this
|| is a just a guess that Outlook doesn't count read receipts since YOU
|| didn't compose them. I wasn't aware that Outlook even gave you any
|| notification that it was sending a read receipt.
||
|| Do you have Outlook configured to automatically send read receipts
|| (when any senders requests them)? One of the first configuration
|| changes or checks you should do after installing Outlook is to ensure
|| that you neither automatically send read receipts or even bother with
|| the prompts for them. Set Outlook to *never* send read receipts.
|
| Hi All,
| more on this one...
|
| 1. No..there is nothing in the sent items for the 0 of n emails being
| sent....does anyone know how to track what emails are being sent
| especially these 0 of 1? Can the tcp port be logged to see what is
| going over it? Or can Outlook be made to log in more detail?
|
|
| 2. The directory that the spyware is in is "F:\Documents and Settings
| \Peter Nolan\Local Settings\Temp\AAWTMP\C658777" and it is
| familykeyloggersetup.exe..
|
| Interestingly, if I open this folder in exlporer the name of the
| subfolder keeps changing. I guess this is it's attempt to hide...
|
| 3. I have a dual boot machine so I booted the other OS opened outlook
| there and scanned using ad aware and ad aware + mcafee found the key
| logger again, this time on the C drive....So it would seem to me that
| the spyware is somehow attached to the outlook folder because the
| instance of outlook was completely separate. Does anyone know how to
| look for what programs are loaded when outlook starts up? Is there
| a .ini file or something? I would think the spyware must be attached
| to the startup of outlook via the folder that held the original bugged
| email.
|
| "If you have all windows and office updates and do not open blocked
| attachments and do not visit questionable, untrusted websites and use
| the
| default security settings (or tighten them), you should be ok. "
|
| I gather that I have received an email that had the bug in it.....they
| have done a pretty good job since they avoided mcafee on the way
| in...though mcafee finds it when scanned by ad aware....it is
| interesting to note that mcafee does NOT find it if it is run by
| itself....probably because of the changing folder name.......
|
| 4. I have not yet figured out how to make sure I can get rid of it so
| no credit card numbers getting typed into this laptop any time
| soon.....
|
| All ideas most welcome....
|
| I will also post to the mcafee site.
|
| Thanks
|
| Peter

This isn't a key logger problem at all. I don't know why but all Outlook
2007s actually say they are sending whatever number of how many emails. I
sometimes see 24 of 26 and I am sending only 2 emails. Not sure what it is
all about but I know it is not spyware or otherwise related.

"Peter Nolan" wrote in message
...
Hi,
I am using outlook xp on win xp dell laptop...

When I sent emails out I am occasionally seeing 'sending 0 of n'
emails.

This usually only occurs when sending acknowledgements for emails and
in these cases there are no acknowledgments......

I scanned using McAffee and AdAware and it showed up a keylogger
installed onto the OS disk which I have rebuilt inside the last 40
days.........I deleted the key-logger but it was in the temp folder
for my user name on the laptop.

So I think what has happened is that I have been 'bugged' by a key-
logger that was most likley delivered by email but did not get
detected by mcafee as the email was opened and it has been sending
keystrokes to whoever bugged me......(hope they have better things to
do than read my typing)......

Has anyone seen such a delivery mechanism for bugging? If so, how
would I make sure that the bug is not in any of the emails I am
opening so that I do not re-infect myself..?

Or is there any way to check outlook to see where the bug might be
being invoked?

Thanks

Peter

Diane,

Not even reformatting gets rid of everything. If someone wants to be THAT
paranoid, they really should dump the old drive and put a new windows on a
new hard drive not touched before assuming they are using legal windows
disks. However, if you are going to be that paranoid about things that may
get into your computer, the best advice is never to turn it on. That way
nothing gets into it.

Me, I like to live dangerously and turn mine on!

"Diane Poremsky" wrote in message
...
The best way to remove it is to reformat. Yeah, it's a lot of work, but
it's the only way you'll know for sure that its gone.

Are you sure it came in via an email? Based on both the file name and
google, it looks like a spy program a suspicious spouse or parent would
install.
http://www.google.com/search?q=familykeylogger

Outlook does not load via an ini file. How that particular keylogger works
is something those who frequent security forums would know.

--
Diane Poremsky [MVP - Outlook]
Author, Teach Yourself Outlook 2003 in 24 Hours
Need Help with Common Tasks? http://www.outlook-tips.net/beginner/
Outlook 2007: http://www.slipstick.com/outlook/ol2007/

Outlook Tips by email:


Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com
Subscribe to Exchange Messaging Outlook newsletter:



"Peter Nolan" wrote in message
...


Hi All,
more on this one...

1. No..there is nothing in the sent items for the 0 of n emails being
sent....does anyone know how to track what emails are being sent
especially these 0 of 1? Can the tcp port be logged to see what is
going over it? Or can Outlook be made to log in more detail?


2. The directory that the spyware is in is "F:\Documents and Settings
\Peter Nolan\Local Settings\Temp\AAWTMP\C658777" and it is
familykeyloggersetup.exe..

Interestingly, if I open this folder in exlporer the name of the
subfolder keeps changing. I guess this is it's attempt to hide...

3. I have a dual boot machine so I booted the other OS opened outlook
there and scanned using ad aware and ad aware + mcafee found the key
logger again, this time on the C drive....So it would seem to me that
the spyware is somehow attached to the outlook folder because the
instance of outlook was completely separate. Does anyone know how to
look for what programs are loaded when outlook starts up? Is there
a .ini file or something? I would think the spyware must be attached
to the startup of outlook via the folder that held the original bugged
email.

"If you have all windows and office updates and do not open blocked
attachments and do not visit questionable, untrusted websites and use
the
default security settings (or tighten them), you should be ok. "

I gather that I have received an email that had the bug in it.....they
have done a pretty good job since they avoided mcafee on the way
in...though mcafee finds it when scanned by ad aware....it is
interesting to note that mcafee does NOT find it if it is run by
itself....probably because of the changing folder name.......

4. I have not yet figured out how to make sure I can get rid of it so
no credit card numbers getting typed into this laptop any time
soon.....

All ideas most welcome....

I will also post to the mcafee site.

Thanks

Peter

Reformatting will remove the bad stuff that affects the typical user. No
paranoia required.

--
Diane Poremsky [MVP - Outlook]
Author, Teach Yourself Outlook 2003 in 24 Hours
Need Help with Common Tasks? http://www.outlook-tips.net/beginner/
Outlook 2007: http://www.slipstick.com/outlook/ol2007/

Outlook Tips by email:


Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com
Subscribe to Exchange Messaging Outlook newsletter:



"Diamontina Cocktail" wrote in message
...
Diane,

Not even reformatting gets rid of everything. If someone wants to be THAT
paranoid, they really should dump the old drive and put a new windows on a
new hard drive not touched before assuming they are using legal windows
disks. However, if you are going to be that paranoid about things that may
get into your computer, the best advice is never to turn it on. That way
nothing gets into it.

Me, I like to live dangerously and turn mine on!

"Diane Poremsky" wrote in message
...
The best way to remove it is to reformat. Yeah, it's a lot of work, but
it's the only way you'll know for sure that its gone.

Are you sure it came in via an email? Based on both the file name and
google, it looks like a spy program a suspicious spouse or parent would
install.
http://www.google.com/search?q=familykeylogger

Outlook does not load via an ini file. How that particular keylogger
works is something those who frequent security forums would know.

--
Diane Poremsky [MVP - Outlook]
Author, Teach Yourself Outlook 2003 in 24 Hours
Need Help with Common Tasks? http://www.outlook-tips.net/beginner/
Outlook 2007: http://www.slipstick.com/outlook/ol2007/

Outlook Tips by email:


Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com
Subscribe to Exchange Messaging Outlook newsletter:



"Peter Nolan" wrote in message
...


Hi All,
more on this one...

1. No..there is nothing in the sent items for the 0 of n emails being
sent....does anyone know how to track what emails are being sent
especially these 0 of 1? Can the tcp port be logged to see what is
going over it? Or can Outlook be made to log in more detail?


2. The directory that the spyware is in is "F:\Documents and Settings
\Peter Nolan\Local Settings\Temp\AAWTMP\C658777" and it is
familykeyloggersetup.exe..

Interestingly, if I open this folder in exlporer the name of the
subfolder keeps changing. I guess this is it's attempt to hide...

3. I have a dual boot machine so I booted the other OS opened outlook
there and scanned using ad aware and ad aware + mcafee found the key
logger again, this time on the C drive....So it would seem to me that
the spyware is somehow attached to the outlook folder because the
instance of outlook was completely separate. Does anyone know how to
look for what programs are loaded when outlook starts up? Is there
a .ini file or something? I would think the spyware must be attached
to the startup of outlook via the folder that held the original bugged
email.

"If you have all windows and office updates and do not open blocked
attachments and do not visit questionable, untrusted websites and use
the
default security settings (or tighten them), you should be ok. "

I gather that I have received an email that had the bug in it.....they
have done a pretty good job since they avoided mcafee on the way
in...though mcafee finds it when scanned by ad aware....it is
interesting to note that mcafee does NOT find it if it is run by
itself....probably because of the changing folder name.......

4. I have not yet figured out how to make sure I can get rid of it so
no credit card numbers getting typed into this laptop any time
soon.....

All ideas most welcome....

I will also post to the mcafee site.

Thanks

Peter

Sorry, no. It doesn't get rid of everything. You don't have to believe me
though. Google is your friend.

"Diane Poremsky" wrote in message
...
Reformatting will remove the bad stuff that affects the typical user. No
paranoia required.

--
Diane Poremsky [MVP - Outlook]
Author, Teach Yourself Outlook 2003 in 24 Hours
Need Help with Common Tasks? http://www.outlook-tips.net/beginner/
Outlook 2007: http://www.slipstick.com/outlook/ol2007/

Outlook Tips by email:


Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com
Subscribe to Exchange Messaging Outlook newsletter:



"Diamontina Cocktail" wrote in message
...
Diane,

Not even reformatting gets rid of everything. If someone wants to be THAT
paranoid, they really should dump the old drive and put a new windows on
a new hard drive not touched before assuming they are using legal windows
disks. However, if you are going to be that paranoid about things that
may get into your computer, the best advice is never to turn it on. That
way nothing gets into it.

Me, I like to live dangerously and turn mine on!

"Diane Poremsky" wrote in message
...
The best way to remove it is to reformat. Yeah, it's a lot of work, but
it's the only way you'll know for sure that its gone.

Are you sure it came in via an email? Based on both the file name and
google, it looks like a spy program a suspicious spouse or parent would
install.
http://www.google.com/search?q=familykeylogger

Outlook does not load via an ini file. How that particular keylogger
works is something those who frequent security forums would know.

--
Diane Poremsky [MVP - Outlook]
Author, Teach Yourself Outlook 2003 in 24 Hours
Need Help with Common Tasks? http://www.outlook-tips.net/beginner/
Outlook 2007: http://www.slipstick.com/outlook/ol2007/

Outlook Tips by email:


Outlook Tips: http://www.outlook-tips.net/
Outlook & Exchange Solutions Center: http://www.slipstick.com
Subscribe to Exchange Messaging Outlook newsletter:



"Peter Nolan" wrote in message
...


Hi All,
more on this one...

1. No..there is nothing in the sent items for the 0 of n emails being
sent....does anyone know how to track what emails are being sent
especially these 0 of 1? Can the tcp port be logged to see what is
going over it? Or can Outlook be made to log in more detail?


2. The directory that the spyware is in is "F:\Documents and Settings
\Peter Nolan\Local Settings\Temp\AAWTMP\C658777" and it is
familykeyloggersetup.exe..

Interestingly, if I open this folder in exlporer the name of the
subfolder keeps changing. I guess this is it's attempt to hide...

3. I have a dual boot machine so I booted the other OS opened outlook
there and scanned using ad aware and ad aware + mcafee found the key
logger again, this time on the C drive....So it would seem to me that
the spyware is somehow attached to the outlook folder because the
instance of outlook was completely separate. Does anyone know how to
look for what programs are loaded when outlook starts up? Is there
a .ini file or something? I would think the spyware must be attached
to the startup of outlook via the folder that held the original bugged
email.

"If you have all windows and office updates and do not open blocked
attachments and do not visit questionable, untrusted websites and use
the
default security settings (or tighten them), you should be ok. "

I gather that I have received an email that had the bug in it.....they
have done a pretty good job since they avoided mcafee on the way
in...though mcafee finds it when scanned by ad aware....it is
interesting to note that mcafee does NOT find it if it is run by
itself....probably because of the changing folder name.......

4. I have not yet figured out how to make sure I can get rid of it so
no credit card numbers getting typed into this laptop any time
soon.....

All ideas most welcome....

I will also post to the mcafee site.

Thanks

Peter