News:

It appears that the upgrade forces a login and many, many of you have forgotten your passwords and didn't set up any reminders. Contact me directly through helpmelogin@dodgecharger.com and I'll help sort it out.

Main Menu

Rogue emails....

Started by hemi68charger, April 18, 2011, 12:02:47 PM

Previous topic - Next topic

hemi68charger

Hey gang..
My wife has informed me that people she sends emails to via her web-based yahoo and hotmail accounts are getting daily emails from her (she's not sending them). The only common denominator is our home desktop. Is there a free anti-virus/spyware site out there? Our desktop's OS is MS Vista. She just called me and said there was a pop-up window (not from a website) that claimed to have found a trojan-type of virus... I told her to shut the computer off and if she needed to do something, use her laptop for now. Is there anything on her yahoo and/or hotmail accounts that can detect this rogue virus or do their webbased email servers already screen things....

Thanks..
T
Troy
'69 Charger Daytona 440 auto 4.10 Dana ( now 426 HEMI )
'70 Superbird 426 Hemi auto: Lindsley Bonneville Salt Flat world record holder (220.2mph)
Houston Mopar Club Connection

moparstuart

I use         superantispyware free edition

  windows cleanup! is also good
GO SELL CRAZY SOMEWHERE ELSE WE ARE ALL STOCKED UP HERE

Steve P.

Facebook is doing the same damned thing. So if any of you get an ad for VIAGRA from me, I am sorry. I did NOT really come from me....  :P
Steve P.
Holiday, Florida

Just 6T9 CHGR

My hotmail acct got hacked recently as well....tell your wife to change her password.  The emails will stop
Chris' '69 Charger R/T


resq302

There is something similar on Facebook going around about "you've been tagged" in a photo.  Photo is of a girl in a white tank top that supposedly strips then commits suicide.
Brian
1969 Dodge Charger (factory 4 speed, H code 383 engine,  AACA Senior winner, 2008 Concours d'Elegance participant, 2009 Concours d'Elegance award winner)
1970 Challenger Convert. factory #'s matching red inter. w/ white body.  318 car built 9/28/69 (AACA Senior winner)
1969 Plymough GTX convertible - original sheet metal, #'s matching drivetrain, T3 Honey Bronze, 1 of 701 produced, 1 of 362 with 440 4 bbl - auto

BananaDan

I'm an IT engineer/architect and have helped friends that have encountered this as well.  There are tons of nasty bugs out there, the PC is very likely infected with one or multiple pieces of malware.  The best free anti-virus apps out there are AVG Free Edition (http://free.avg.com/us-en/download-free-antivirus) or Microsoft Security Essentials (http://www.microsoft.com/en-us/security_essentials/default.aspx).  I would unplug the network connection after you download the tool you're going to use, but before you install it.  Many bugs today can download new variants of themselves to avoid removal.  Most bugs today also have the ability to interfere with the installation of AV software, or prevent it from working properly.  Depending on what you have, you may have to do an offline scan (see below).  You're going to want to run a full system scan after AV is installed and reboot and run a scan again to make sure any malware apps/DLLs that are/were loaded in memory are removed.  If the second and third scans separated by reboots continue to show infections, you'll need to do an offline scan.

To do an offline scan, you'll need a USB to IDE/SATA adapter and another computer.  The adapter looks like this (http://www.newegg.com/Product/Product.aspx?Item=N82E16812816014&cm_re=usb_sata-_-12-816-014-_-Product), but there are many out there.  The best is to get one that has both SATA and IDE connections to cover all hard drive types out there.  You need to open up the infected computer and remove the hard drive, unless the case has enough room then you can just disconnect the cables from the back of the drive and attach the cables from the adapter kit, leaving the drive in the PC chassis.  Then, via USB, plug the adapter with drive attached to your second computer (desktop or laptop).  It will show up as an external disk, like a USB thumb drive.  Launch your AV software and run a full scan on the newly attached hard drive.  Make sure you are scanning the infected PC's hard drive, not the C: drive on your second computer.  You'll want the AV software installed already on your second computer and active so no bugs on the hard drive can infect your second computer.

This allows the entire disk to be scanned while no files on it are loaded into memory.  The issue is, when viruses/worms/trojans are active and loaded into memory, they can intercept and interfere with the AV software.  When the disk is attached to a second computer, nothing on that disk is active, it just a big filesystem.  A full scan will remove everything in this offline method.  This is what a computer repair shop or a place like Geek Squad is going to do if you were to bring your system to them to be cleaned.

Always run multiple full scans until they come up 100% clean and always make sure you update the AV scanner before any scans.  When you're done, just reinstall/reattach the the drive in the original computer and you should be ready to rock.  Oh, and always run AV on Windows systems!  Being the largest globally deployed OS on the planet means they have they most Malware exposure because Malware authors always want to hit the largest audience.  Alternatively you could move to a Mac, which is what I did two years ago and love it!  Windows is my day job.   :brickwall:

Dan
*This post brought to you by Carl's Jr.®*



Great spirits have always encountered violent opposition from mediocre minds. The mediocre mind is incapable of understanding the man who refuses to bow blindly to conventional prejudices and chooses instead to express his opinions courageously and honestly.  ~A. Einstein

Brock Samson

 oh, is that all..  :eek2:   :lol:

BananaDan

Yep, that's it!  It's actually not too bad.  It's sad that a repair shop or Geek Squad would charge a few hundred bucks to do what I wrote in a few paragraphs.

The issue isn't with Hotmail, Yahoo, Facebook or any of the online services.  It's Malware on your PCs that are written to use those services to spread.  As I mentioned, Malware authors always go where they get the most coverage of infection, which is usually going to be Windows OS and communications platforms like e-mail and instant messaging to use your address books and buddy lists to get new victims, looking like it's coming from a trusted source - YOU!  It doesn't surprise me that they are leveraging Facebook to spread now also since it's so popular.

Another tip.  If you are using Internet Explorer as your web browser, I'd switch to FireFox or Chrome.  Those browsers are more secure, and tend to be faster and have all kinds of plug-in features that allow you to extend the browser's functionality.  Remember, they target the largest audience and every Windows PC has IE on it.

Dan
*This post brought to you by Carl's Jr.®*



Great spirits have always encountered violent opposition from mediocre minds. The mediocre mind is incapable of understanding the man who refuses to bow blindly to conventional prejudices and chooses instead to express his opinions courageously and honestly.  ~A. Einstein

moparsons

Would it be counter productive or otherwise harmful to run more than one av program at a time? I have symantecs av and the free spybot.....but considered trying out the one listed above.

BananaDan

Multiple AV software on a computer is something you *can* do, but I tend to advise against it because AV software can collide with each other.  They are integrating deep into the OS's kernel and you typically want to minimize the amount of that going on.  Anti-Malware software will also place a performance impact on your system, more so if you use multiple.  That didn't hold true back when the big boys only did AV and didn't do spyware, so people used to run AV and a spyware tool (I did that at one point).  But now the big boys all look for that stuff, which is why they now call their products Anti-Malware, not Anti-Virus, which means they do viruses, worms, trojans, spyware, adware etc...

I would recommend you get one good tool and stick with that one.  And always get one that is a reputable company.  There are many free anti-spyware/virus type apps out there that are actually spyware themselves.  For free, I recommend only the two listed above.  I don't recommend anything else out there that advertises as free anti-malware.  For tools that cost money, I recommend (in order):

Symantec  http://us.norton.com/internet-security-us.html?s_tnt=23824:1:0
McAfee   http://home.mcafee.com/Store/PackageDetail.aspx?pkgid=275
Trend   http://us.trendmicro.com/us/home/

Dan
*This post brought to you by Carl's Jr.®*



Great spirits have always encountered violent opposition from mediocre minds. The mediocre mind is incapable of understanding the man who refuses to bow blindly to conventional prejudices and chooses instead to express his opinions courageously and honestly.  ~A. Einstein

Tilar

I'm with Stuart. Superantispyware is good and I also use Trendmicro.com
Dave  

God must love stupid people; He made so many.



Brock Samson

a couple days ago Via google i went to view a google image of something innocuous no, not porn - it was a pack of wrigleys' gum, and as soon as i clicked on it, a very official looking but not quite right screen popped up, saying my computer had been infected and I should click here to remove the threat, I had to work around it as it wouldn't let me minimize the "Pop Up" i performed my normal AVG and Adaware total computer scans and found nothing, so i suspect the pop up was a trojan of some sort and if i had clicked the "remove threat" i would have had downloaded a virus. Sound about right? And as to the OP FB has a habbit of sending around genaric messeges and Adverts.  from folks who seldom use their fB pages, but if you pay attention they never fit the personality of the supposed "Sharer".

BananaDan

Here's a few more tips.

1. If you have browser pop-ups that don't have a close X button in the corner or no easy way to get rid of them, try pressing Alt-F4 which is the hotkey to close the open application.  If that doesn't work, or the browser has been hijacked to generate tons of pop-up windows snowballing out of control, right-click on your start bar (a.k.a. taskbar) and click on Task Manager.  On professional editions of Windows XP/Vista/7 you can also access Task Manager via Ctrl-Alt-Del.  Then click on the Processes tab and sort the list by name alphabetically.  Look for your browser .exe file (iexplore.exe, firefox.exe etc), right-click on it and click End Process.  Click OK to the warning about closing it.  That will kill the browser hard and is far more effective that using the first tab of Task Manager where you'll see the running applications.  When you re-launch the browser, choose No when prompted to restore your session.  If you choose yes, it will just re-open the bad websites.

2. If you use Firefox, you must get AdBlock Plus.  Once that extension is added, go to it's preferences and add all of the subscriptions available for the country you live in.  This extension is a list of sites and paths on the internet that ads are generated from and it blocks any and all content from those paths.  The subscription feature keeps that list up to date with the ever changing source of internet-based advertising.  This is the first firefox extension I ever put on a computer and I never see ads, ever.  There are a small few websites that won't load their content if the ads aren't allowed to be displayed (Mopar Muscle's website is one of them).  If you encounter this, Ad Block Plus will have placed a button on your firefox toolbar next to the search bar, or you can access its preferences via the Tools menu.  Just click on that and on the drop-down menu choose the option to disable AdBlock Plus on that website.  This feature allows you to generate your own personal set of exclusions for websites you trust, or that you really want to work and will deal with the ads.

Dan
*This post brought to you by Carl's Jr.®*



Great spirits have always encountered violent opposition from mediocre minds. The mediocre mind is incapable of understanding the man who refuses to bow blindly to conventional prejudices and chooses instead to express his opinions courageously and honestly.  ~A. Einstein

hemi68charger

Thanks all..
Dan, I downloaded Malwarebytes' and did the full scan, found about 178 affected files. Deleted (quarantined) them. Then I ran the quick scan once more after a computer restart and got 6 affected files. Took care of them and once again, rebooted. A 2nd quick scan reflected no affected files. I have updated my Mozilla Firefox with the AdBlock Plus. So, we'll see how things go. Not to sound like a ignoramus, put are there any AV freeware packages that I can download I can use on a daily basis and routinely? My wife is on the computer throughout the day since she's a stay-home Mom watching the kids and my Mom.....

Troy
Troy
'69 Charger Daytona 440 auto 4.10 Dana ( now 426 HEMI )
'70 Superbird 426 Hemi auto: Lindsley Bonneville Salt Flat world record holder (220.2mph)
Houston Mopar Club Connection

BananaDan

Both the AVG or Microsoft free solutions would be actively running in the background at all times watching for infection attempts, and would also have the ability to setup a weekly full system scan which I highly recommend.  Regarding your system, it's good that Malwarebytes found some stuff, but when you know you have an infection you really want to do full scans, not just quick scans.  Also, I'd highly recommend you install either the AVG or Microsoft tools and do full scans with them.

Dan
*This post brought to you by Carl's Jr.®*



Great spirits have always encountered violent opposition from mediocre minds. The mediocre mind is incapable of understanding the man who refuses to bow blindly to conventional prejudices and chooses instead to express his opinions courageously and honestly.  ~A. Einstein

1969chargerrtse

Quote from: hemi68charger on April 18, 2011, 12:02:47 PM
Hey gang..
My wife has informed me that people she sends emails to via her web-based yahoo and hotmail accounts are getting daily emails from her (she's not sending them). The only common denominator is our home desktop. Is there a free anti-virus/spyware site out there? Our desktop's OS is MS Vista. She just called me and said there was a pop-up window (not from a website) that claimed to have found a trojan-type of virus... I told her to shut the computer off and if she needed to do something, use her laptop for now. Is there anything on her yahoo and/or hotmail accounts that can detect this rogue virus or do their webbased email servers already screen things....

Thanks..
T
That's happened to a few of my friends.  They changed their password and it stopped.
This car was sold many years ago to somebody in Wisconsin. I now am retired and living in Florida.

1969chargerrtse

This car was sold many years ago to somebody in Wisconsin. I now am retired and living in Florida.

Steve P.

I have been doing much better since installing AVG free. It has stopped me in my tracks a few times when I thought things looked fine. Look a bit closer and you'll sometimes see the spelling of the "HOST" name is off a letter.  Bassards!!!!!!  :flame:
Steve P.
Holiday, Florida

hemi68charger

Quote from: 1969chargerrtse on April 18, 2011, 08:38:38 PM
Quote from: hemi68charger on April 18, 2011, 12:02:47 PM
Hey gang..
My wife has informed me that people she sends emails to via her web-based yahoo and hotmail accounts are getting daily emails from her (she's not sending them). The only common denominator is our home desktop. Is there a free anti-virus/spyware site out there? Our desktop's OS is MS Vista. She just called me and said there was a pop-up window (not from a website) that claimed to have found a trojan-type of virus... I told her to shut the computer off and if she needed to do something, use her laptop for now. Is there anything on her yahoo and/or hotmail accounts that can detect this rogue virus or do their webbased email servers already screen things....

Thanks..
T
That's happened to a few of my friends.  They changed their password and it stopped.

She said she tried that and it didn't work... I'll have to double check.... But, I did find the trojan.Vundo file on my computer when I did the scan with Malwarebytes.. I've downloaded the AVG free package and it's scanning now. I also updated with the latest Firefox and added AdBlock Plus.
Troy
'69 Charger Daytona 440 auto 4.10 Dana ( now 426 HEMI )
'70 Superbird 426 Hemi auto: Lindsley Bonneville Salt Flat world record holder (220.2mph)
Houston Mopar Club Connection

BananaDan

*This post brought to you by Carl's Jr.®*



Great spirits have always encountered violent opposition from mediocre minds. The mediocre mind is incapable of understanding the man who refuses to bow blindly to conventional prejudices and chooses instead to express his opinions courageously and honestly.  ~A. Einstein

A383Wing

a little late to this post here...I'm running the 3 below at the same time...no issues so far

Microsoft Security Essentials
Lavasoft Ad-Aware
Malaware Bytes

BananaDan

You'll have less issues running anti-spyware/adware tools like malwarebytes or ad-aware along with true AV products like Symantec/McAfee/AVG/Microsoft Sec Ess.  When I gave my warning, it was more along the lines of don't install McAfee, Trend and Symantec Norton Internet Security all on the same machine at the same time.  Those are true kernel-level anti-malware security suites with hooks into the filesystem drivers with kernel-mode drivers and firewalls where malwarebytes and ad-aware don't embed themselves as deeply into the OS.
*This post brought to you by Carl's Jr.®*



Great spirits have always encountered violent opposition from mediocre minds. The mediocre mind is incapable of understanding the man who refuses to bow blindly to conventional prejudices and chooses instead to express his opinions courageously and honestly.  ~A. Einstein

Bob T

Good tips Banana Dan, Thanks
Old Dog, Old Tricks.

Arthu®

Quote from: BananaDan on April 18, 2011, 03:40:26 PM
Alternatively you could move to a Mac, which is what I did two years ago and love it!  Windows is my day job.   :brickwall:

With the recent jump in sales Mac's are going to be worse as well in a year or so. If you want to be safe, go linux.

Arthur
Striving for world domination since 1986

Foreman72

I had a similar situation recently. All i did was change my password on my yahoo account and everything was fine.  Getting an email from your ex gf asking you to stop spamming her...  :rotz:
Eric "Foreman"

Previous: 1972 Dodge Charger
Current: 2002 Volvo S60

"The steps of a man are ordered by the LORD, and He delights in his way. Though he fall, he shall not be utterly cast down; For the LORD upholds him with His hand.
=Psalm 37:23-24=
"But store up for yourselves treasures in heaven..."
=Matthew 6:19-21=
:pat