Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Can't get rid of spam sending trojan
Old 09-12-2010, 09:00 AM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,874
Can't get rid of spam sending trojan

I noticed the other day that I was getting undeliverable email notices for emails that I did not send. The message is spam for a place called pillsxxx.

So far I have run the free versions Spybot, Microsoft Security Essentials, Malware and Avast. I updated each before running a full scan. All missed this virus / Trojan.

Any tips from you folks that are more computer savvy?

Thanks.
__________________

__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 09-12-2010, 09:13 AM   #2
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Could be a number problems.

Some of these things shutdown the AV to protect themselves. Or it could be that the AV does not have the signatures and is not effective at removing it. You might need to update the AV signatures or perhaps a different product.

You might check and see if symantec has a free removal tool for the virus.


If it is protecting itself...

One approach is to create an AV scan disk on a CD (or thumb drive) and boot from the CD or thumb drive and let it scan the PC's hard drives.... not booting from the C Drive should not allow the virus to be loaded into memory.

Be careful though... many viruses will infect the CD, thumb drives, etc. You would need to create the bootable disk with the AV scanner on a clean computer. Besure the infected computer is shutdown (and off) before you boot the scan disk.

Also, if you have other PCs on your network, they may be infected also.

If you suspect this is the case... shutdown all devices and clean them one at a time (with the other devices turned off).
__________________

__________________
chinaco is offline   Reply With Quote
Old 09-12-2010, 09:15 AM   #3
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: May 2005
Posts: 13,256
Which email service do you use

I just started getting a few.... ignored the first one, but change my password at Yahoo and they seemed to stop... I think they hacked your online account, so nothing on your computer to get rid of...
__________________
Texas Proud is offline   Reply With Quote
Old 09-12-2010, 09:31 AM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
easysurfer's Avatar
 
Join Date: Jun 2008
Posts: 7,884
On your email service, can you "mark" those emails as spam. That way, in the future they should automatically be placed in the spam folder and not your inbox. Those email filters that determine the probablility that an email is spam work pretty well after some learning. More about them here: Bayesian spam filtering - Wikipedia, the free encyclopedia
__________________
Have you ever seen a headstone with these words
"If only I had spent more time at work" ... from "Busy Man" sung by Billy Ray Cyrus
easysurfer is offline   Reply With Quote
Old 09-12-2010, 09:42 AM   #5
Thinks s/he gets paid by the post
Rustic23's Avatar
 
Join Date: Dec 2005
Location: Lake Livingston, Tx
Posts: 3,624
Texas Proud hit one of the major points. I know several people that have been sending spam from yahoo accounts. If it is not an web mail account, then you might also try erasing you restore points before running your scanner. Many worms live in the restore points and the scanners do not touch them.
__________________
If it is after 5:00 when I post I reserve the right to disavow anything I posted.
Rustic23 is offline   Reply With Quote
Old 09-12-2010, 09:51 AM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
There was an email based worm that began last week. One way it spreads is by using an infected computer's contact list and sending an email to contacts.

Some email services have begun blocking those emails... if you have it, that could be why you are getting undelivered messages.

Beware of 'Here you have' e-mail virus - The Problem Solver



Of course... you could have a different virus or other problems.
__________________
chinaco is offline   Reply With Quote
Old 09-12-2010, 10:14 AM   #7
Recycles dryer sheets
 
Join Date: Mar 2009
Posts: 281
It may not be an issue with your computer at all. Spammers might just be spoofing your email address.

http://www.bluehostforum.com/showthread.php?132-how-to-stop-spoofed-email-addresses
__________________
TooFrugal is offline   Reply With Quote
Old 09-12-2010, 10:28 AM   #8
Moderator Emeritus
Martha's Avatar
 
Join Date: Feb 2004
Location: minnesota
Posts: 13,212
Interestingly, I have had experiences with two forum members involving this sort of thing. One had emails coming from his account to people in his address book. The emails were bogus. IIRC he ended up changing his passwords and never did find anything infecting his machine. If he is listening maybe he will chime in. This is similar to what happened to Texas Proud.

Another former forum member is a FB friend and somehow a private message was sent purporting to be from his account flogging some product. No idea how that happened and he was mystified as well.

It looks like there are a lot of possibilities. You might google and see if your email provider is having these sorts of problems.
__________________
.


No more lawyer stuff, no more political stuff, so no more CYA

Martha is offline   Reply With Quote
Old 09-12-2010, 10:32 AM   #9
Recycles dryer sheets
MissMolly's Avatar
 
Join Date: Jun 2010
Posts: 470
I agree with What Texas Proud has to say. I had the same problem earlier this year with my Hotmail account. I changed the password and the problem immediately stopped.
__________________
MissMolly is offline   Reply With Quote
Old 09-12-2010, 10:45 AM   #10
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Quote:
Originally Posted by MissMolly View Post
I had the same problem earlier this year with my Hotmail account. I changed the password and the problem immediately stopped.
Hotmail's had a problem for years with hackers getting into their servers, accessing user accounts, changing the "vacation reply" feature, and spamming the user's address list.

Hotmail never admitted that they had a problem, but they "fixed" it by getting rid of their vacation reply feature.

I fixed it by switching to Gmail. I've had my Hotmail accounts forwarding to Gmail for a while and eventually I'll shut them off.

So, Travelover, if you haven't already then you should change your e-mail password. Then you could check your e-mail's "out of office" or "vacation reply" feature (if you have one) and see what other settings have been messed with.

You might want to think about whether the hacker could have accessed any other passwords or logins from your e-mail account. Lots of users store that info in an e-mail folder...
__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Old 09-12-2010, 11:13 AM   #11
Thinks s/he gets paid by the post
 
Join Date: Jun 2010
Location: France
Posts: 1,195
Quote:
Originally Posted by TooFrugal View Post
It may not be an issue with your computer at all. Spammers might just be spoofing your email address.

http://www.bluehostforum.com/showthread.php?132-how-to-stop-spoofed-email-addresses
This is by far the most likely explanation.

None of the anti-virus products on the market actually work very well. When I get stuck I use ComboFix (download it only from Bleeping Computer; there are fake versions around). The instructions are a bit scary, but it's safe to run and will remove stuff that none of the commercial packages can find.
__________________
Age 56, retired July 1, 2012; DW is 60 and working for 2 more years. Current portfolio is 2000K split 50 stocks/20 bonds/30 cash. Renting house, no debts.
BigNick is offline   Reply With Quote
Old 09-12-2010, 01:16 PM   #12
Recycles dryer sheets
 
Join Date: Mar 2009
Posts: 281
If the emails are going to people in your address book, then the most likely explanation is that your email has been hacked or you have malware.

If you are just getting undeliverable notices from random places, it is most likely just email spoofing. I own many domain names, and I have gotten thousands, more likely tens of thousands, of these returned emails over the years from spammers sending out fake emails spoofing an email address using one of my domain names. They find the domains by sending out spambots crawling the web. It is less likely to happen with personal email addresses but still eminently possible, especially if your email address is posted somewhere on the web like a forum or profile page.

Here is another link on the topic:

email spoofing.

The reason email spoofing works is due to basic design flaws in the way emails are sent and received, plus the way the filter software is written. The SPF option is an attempt to patch these design / logic flaws after the fact.
__________________
TooFrugal is offline   Reply With Quote
Old 09-12-2010, 02:13 PM   #13
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
travelover's Avatar
 
Join Date: Mar 2007
Posts: 9,874
Wow! Thanks for all the helpful suggestions.

Based on your suggestions, I think that my Yahoo DSL account has been hacked. I deleted all my contacts there and also changed my password.

We shall see over the next few days if this nonsense stops.

Added: Maybe not so coincidentally, I got an offer on Facebook to link to my Yahoo account to find "friends". This started just after I clicked "OK"
__________________
Yes, I have achieved work / life balance.
travelover is online now   Reply With Quote
Old 09-12-2010, 02:54 PM   #14
Recycles dryer sheets
 
Join Date: Aug 2004
Posts: 86
Hey Nords,
I also was forwarding my Hotmail emails to Gmail too, with the plan to switch over to Gmail, but then it stopped and I couldn't get them to keep forwarding. It seemed that they only wanted to allow Hotmail email forwarded top other MS email accounts....any tricks?

Got some insane south swells down in Panama this year. Hows the surf been in Hawaii?

Surf
__________________
If you really do what you want.........you will please few and astonish many.
Surfs_Up is offline   Reply With Quote
Old 09-12-2010, 03:30 PM   #15
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Quote:
Originally Posted by Surfs_Up View Post
Hey Nords,
I also was forwarding my Hotmail emails to Gmail too, with the plan to switch over to Gmail, but then it stopped and I couldn't get them to keep forwarding. It seemed that they only wanted to allow Hotmail email forwarded top other MS email accounts....any tricks?
Well, I spoke a little imprecisely.

I have my Gmail spam account set up to query my Hotmail spam account via POP3, which seems to happen every hour. (Of course spam ends up in Hotmail's spam folder and is not POP'd by Gmail, so I log into Hotmail every week and clean out the spam folder.) I've imported all the Hotmail contacts and I've downloaded all the Hotmail folder archives (over a decade's worth) to Gmail as well as to Thunderbird. I'm probably going to shut that Hotmail address down in another month or two.

I also have my personal Gmail account set up to POP3 my personal Hotmail account. I still have to clean 30+ spams out of Hotmail's spam folder every week. I've imported all those Hotmail contacts and I've downloaded all those Hotmail folder archives (14 year's worth) to Gmail & Thunderbird. I've spent quite a bit of time updating all the various websites & friends from that Hotmail address but I'm about done, so in another 3-4 months I'll send out a final warning e-mail and then shut down that Hotmail account.

Finally I set my personal Gmail account to forward to my spam Gmail account. (That seems to happen within a minute or two.) That way I can see all my e-mails (except spam) while just staying logged in to my spam Gmail account, which is also the account I use for all my other Google services. I like the way Gmail lets me reply by using either of my Gmail addresses from my spam Gmail account, so it confuses fewer people. I only log into my personal Gmail account every week or two to clean out the 1-2 spams in its spam folder.

Early in the process I tried to have Gmail POP3 my Juno account, but Juno does not allow that in their free accounts. I finally moved a couple dozen e-mails manually and then tried to delete my Juno account. I'd had that for so long (since 1995? '96?) that I couldn't do it on my own and finally had to
get Juno's webmaster to take care of it.

It was painful to make sure that everything POP'd over and got archived, but it worked. I just hope Google continues not being evil for another few decades.

I do my e-mail online from my desktop or a laptop, but every month or two I log into my two Gmail accounts using my desktop's Thunderbird software and synch up those archives. That's probably unnecessary-- Google probably does a better job of backing up my e-mail than I do-- but it makes me happy. Of course e-mail archives were a lot more important when I was working, but I like to have some of the old ones from family & friends.

Quote:
Originally Posted by Surfs_Up View Post
Got some insane south swells down in Panama this year. Hows the surf been in Hawaii?
I'm jealous! Last month was great for our kid's final month at home before college, and just as good for our houseguests. Every day was at least 2-4 and we had a couple at 6-8. At one point we surfed five times in nine days.

Then everyone left and I could surf anytime I wanted to, but for nearly two weeks it's been 0-2 and 1-3. Luckily I had work to do so I finished the pocket version of "The Military Guide" and caught up on other projects. Today it's 2-4 and they're predicting 6-8 in two more days, so I think I'll have enough to keep me busy for a few days.

Only two more months until the North Shore starts kicking up again. I'm ready to keep my daughter's 7'9" custom epoxy from drying out while she's at college...
__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Old 09-12-2010, 11:08 PM   #16
Recycles dryer sheets
 
Join Date: Aug 2004
Posts: 86
Nice one Nords.
Sounds like you scored great waves with your daughter. Yes, the southern hemisphere swells start to quiet down soon in October and the northern hemisphere swells start to light up in Hawaii.....enjoy.

Surf
__________________

__________________
If you really do what you want.........you will please few and astonish many.
Surfs_Up is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Has anyone retired before sending their kids to college? bank5 Other topics 50 08-10-2009 07:41 AM
Getting rid of spam coming to your computer Orchidflower Other topics 0 04-06-2008 05:05 PM
Help with Startpage Trojan MJ Other topics 37 11-01-2007 09:55 PM
Error on sending a PM cute fuzzy bunny Forum Admin 16 07-23-2006 03:30 PM

 

 
All times are GMT -6. The time now is 02:39 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.