Can't get rid of spam sending trojan

travelover

travelover

Give me a museum and I'll fill it. (Picasso) Give me a forum ...
Joined
Mar 31, 2007
Messages
14,328
I noticed the other day that I was getting undeliverable email notices for emails that I did not send. The message is spam for a place called pillsxxx.

So far I have run the free versions Spybot, Microsoft Security Essentials, Malware and Avast. I updated each before running a full scan. All missed this virus / Trojan.

Any tips from you folks that are more computer savvy?

Thanks.
 
Could be a number problems.

Some of these things shutdown the AV to protect themselves. Or it could be that the AV does not have the signatures and is not effective at removing it. You might need to update the AV signatures or perhaps a different product.

You might check and see if symantec has a free removal tool for the virus.


If it is protecting itself...

One approach is to create an AV scan disk on a CD (or thumb drive) and boot from the CD or thumb drive and let it scan the PC's hard drives.... not booting from the C Drive should not allow the virus to be loaded into memory.

Be careful though... many viruses will infect the CD, thumb drives, etc. You would need to create the bootable disk with the AV scanner on a clean computer. Besure the infected computer is shutdown (and off) before you boot the scan disk.

Also, if you have other PCs on your network, they may be infected also.

If you suspect this is the case... shutdown all devices and clean them one at a time (with the other devices turned off).
 
Which email service do you use:confused:

I just started getting a few.... ignored the first one, but change my password at Yahoo and they seemed to stop... I think they hacked your online account, so nothing on your computer to get rid of...
 
On your email service, can you "mark" those emails as spam. That way, in the future they should automatically be placed in the spam folder and not your inbox. Those email filters that determine the probablility that an email is spam work pretty well after some learning. More about them here: Bayesian spam filtering - Wikipedia, the free encyclopedia
 
Texas Proud hit one of the major points. I know several people that have been sending spam from yahoo accounts. If it is not an web mail account, then you might also try erasing you restore points before running your scanner. Many worms live in the restore points and the scanners do not touch them.
 
There was an email based worm that began last week. One way it spreads is by using an infected computer's contact list and sending an email to contacts.

Some email services have begun blocking those emails... if you have it, that could be why you are getting undelivered messages.

Beware of 'Here you have' e-mail virus - The Problem Solver



Of course... you could have a different virus or other problems.
 
Interestingly, I have had experiences with two forum members involving this sort of thing. One had emails coming from his account to people in his address book. The emails were bogus. IIRC he ended up changing his passwords and never did find anything infecting his machine. If he is listening maybe he will chime in. ;) This is similar to what happened to Texas Proud.

Another former forum member is a FB friend and somehow a private message was sent purporting to be from his account flogging some product. No idea how that happened and he was mystified as well.

It looks like there are a lot of possibilities. You might google and see if your email provider is having these sorts of problems.
 
I agree with What Texas Proud has to say. I had the same problem earlier this year with my Hotmail account. I changed the password and the problem immediately stopped.
 
MissMolly said:
I had the same problem earlier this year with my Hotmail account. I changed the password and the problem immediately stopped.
Click to expand...
Hotmail's had a problem for years with hackers getting into their servers, accessing user accounts, changing the "vacation reply" feature, and spamming the user's address list.

Hotmail never admitted that they had a problem, but they "fixed" it by getting rid of their vacation reply feature.

I fixed it by switching to Gmail. I've had my Hotmail accounts forwarding to Gmail for a while and eventually I'll shut them off.

So, Travelover, if you haven't already then you should change your e-mail password. Then you could check your e-mail's "out of office" or "vacation reply" feature (if you have one) and see what other settings have been messed with.

You might want to think about whether the hacker could have accessed any other passwords or logins from your e-mail account. Lots of users store that info in an e-mail folder...
 
TooFrugal said:
It may not be an issue with your computer at all. Spammers might just be spoofing your email address.

http://www.bluehostforum.com/showthread.php?132-how-to-stop-spoofed-email-addresses
Click to expand...
This is by far the most likely explanation.

None of the anti-virus products on the market actually work very well. When I get stuck I use ComboFix (download it only from Bleeping Computer; there are fake versions around). The instructions are a bit scary, but it's safe to run and will remove stuff that none of the commercial packages can find.
 
If the emails are going to people in your address book, then the most likely explanation is that your email has been hacked or you have malware.

If you are just getting undeliverable notices from random places, it is most likely just email spoofing. I own many domain names, and I have gotten thousands, more likely tens of thousands, of these returned emails over the years from spammers sending out fake emails spoofing an email address using one of my domain names. They find the domains by sending out spambots crawling the web. It is less likely to happen with personal email addresses but still eminently possible, especially if your email address is posted somewhere on the web like a forum or profile page.

Here is another link on the topic:

email spoofing.

The reason email spoofing works is due to basic design flaws in the way emails are sent and received, plus the way the filter software is written. The SPF option is an attempt to patch these design / logic flaws after the fact.
 
Last edited:
Wow! Thanks for all the helpful suggestions.

Based on your suggestions, I think that my Yahoo DSL account has been hacked. I deleted all my contacts there and also changed my password.

We shall see over the next few days if this nonsense stops. :mad:

Added: Maybe not so coincidentally, I got an offer on Facebook to link to my Yahoo account to find "friends". This started just after I clicked "OK"
 
Last edited:
Hey Nords,
I also was forwarding my Hotmail emails to Gmail too, with the plan to switch over to Gmail, but then it stopped and I couldn't get them to keep forwarding. It seemed that they only wanted to allow Hotmail email forwarded top other MS email accounts....any tricks?

Got some insane south swells down in Panama this year. Hows the surf been in Hawaii?

Surf
 
Surfs_Up said:
Hey Nords,
I also was forwarding my Hotmail emails to Gmail too, with the plan to switch over to Gmail, but then it stopped and I couldn't get them to keep forwarding. It seemed that they only wanted to allow Hotmail email forwarded top other MS email accounts....any tricks?
Click to expand...
Well, I spoke a little imprecisely.

I have my Gmail spam account set up to query my Hotmail spam account via POP3, which seems to happen every hour. (Of course spam ends up in Hotmail's spam folder and is not POP'd by Gmail, so I log into Hotmail every week and clean out the spam folder.) I've imported all the Hotmail contacts and I've downloaded all the Hotmail folder archives (over a decade's worth) to Gmail as well as to Thunderbird. I'm probably going to shut that Hotmail address down in another month or two.

I also have my personal Gmail account set up to POP3 my personal Hotmail account. I still have to clean 30+ spams out of Hotmail's spam folder every week. I've imported all those Hotmail contacts and I've downloaded all those Hotmail folder archives (14 year's worth) to Gmail & Thunderbird. I've spent quite a bit of time updating all the various websites & friends from that Hotmail address but I'm about done, so in another 3-4 months I'll send out a final warning e-mail and then shut down that Hotmail account.

Finally I set my personal Gmail account to forward to my spam Gmail account. (That seems to happen within a minute or two.) That way I can see all my e-mails (except spam) while just staying logged in to my spam Gmail account, which is also the account I use for all my other Google services. I like the way Gmail lets me reply by using either of my Gmail addresses from my spam Gmail account, so it confuses fewer people. I only log into my personal Gmail account every week or two to clean out the 1-2 spams in its spam folder.

Early in the process I tried to have Gmail POP3 my Juno account, but Juno does not allow that in their free accounts. I finally moved a couple dozen e-mails manually and then tried to delete my Juno account. I'd had that for so long (since 1995? '96?) that I couldn't do it on my own and finally had to
get Juno's webmaster to take care of it.

It was painful to make sure that everything POP'd over and got archived, but it worked. I just hope Google continues not being evil for another few decades.

I do my e-mail online from my desktop or a laptop, but every month or two I log into my two Gmail accounts using my desktop's Thunderbird software and synch up those archives. That's probably unnecessary-- Google probably does a better job of backing up my e-mail than I do-- but it makes me happy. Of course e-mail archives were a lot more important when I was working, but I like to have some of the old ones from family & friends.

Surfs_Up said:
Got some insane south swells down in Panama this year. Hows the surf been in Hawaii?
Click to expand...
I'm jealous! Last month was great for our kid's final month at home before college, and just as good for our houseguests. Every day was at least 2-4 and we had a couple at 6-8. At one point we surfed five times in nine days.

Then everyone left and I could surf anytime I wanted to, but for nearly two weeks it's been 0-2 and 1-3. Luckily I had work to do so I finished the pocket version of "The Military Guide" and caught up on other projects. Today it's 2-4 and they're predicting 6-8 in two more days, so I think I'll have enough to keep me busy for a few days.

Only two more months until the North Shore starts kicking up again. I'm ready to keep my daughter's 7'9" custom epoxy from drying out while she's at college...
 
Nice one Nords.
Sounds like you scored great waves with your daughter. Yes, the southern hemisphere swells start to quiet down soon in October and the northern hemisphere swells start to light up in Hawaii.....enjoy.

Surf
 
You must log in or register to reply here.

Similar threads

E
How to be alerted that you *didn't* get a daily email?
Replies
3
Views
856
ERD50
E
JoeWras
Comparing TurboTax Deluxe and H&R Block Deluxe
2
Replies
33
Views
4K
ownyourfuture
ownyourfuture
B
Is there a safe way to email money scammers?
Replies
14
Views
2K
easysurfer
easysurfer
M
kudo's to fidelity
2 3
Replies
64
Views
8K
mathjak107
M
Midpack
Getting Old Pharts on Social Media!
2
Replies
36
Views
3K
Midpack
Midpack

Latest posts

Back
Top Bottom