| Author | Thread |
|
|
06/13/2005 08:01:11 AM · #1 |
Okay, so my computer is showing me the blue screen, I've got trojans that I can't get rid of, apparently my email account is being used to send spam and I'm getting complaints...help!
I've got Adaware, Spybot and AVG on my computer and they recognize and delete/heal/quarantine problems but this last week they seem to have been popping up faster than I can get rid of them. And there's one that it can't get rid of (level 10, whatever that means).
What now? Do I try and rescue all my important files to DVD and format my hard drive?
Will copying my photos/files to DVD allow the virus onto the DVD as well so that when I throw them back on my reformatted hard drive the virus will reappear?
How did I get this in the first place? Is it from a website (like online poker)? I'm usually very careful.
I know I must sound like a computer-rookie...and I am...but I need your help!!
Message edited by author 2005-06-13 08:01:47.
|
|
|
|
06/13/2005 08:05:20 AM · #2 |
In this case I'd first try a full virus scan, and then I'd use Ad-Aware to get rid of the spyware. This may not work, as some viruses are quite tenacious. You may end up with a full format. What virus scaning software are you using?
|
|
|
|
06/13/2005 08:05:37 AM · #3 |
viruses cannot attach themselves to music files or pictures. I would however be weary of all .exe, .com, etc.
edit: worst case scenario bring me your pc and I will fix it for you. my usual turn around time is about 24hrs to either fix/repair or fully reload.
Message edited by author 2005-06-13 08:06:54.
|
|
|
|
06/13/2005 08:06:25 AM · #4 |
|
|
|
06/13/2005 08:08:41 AM · #5 |
I'm not familiar with that one, but most virus scanners will check files as their copied or moved, so they may be detected as you copy them to your DVD drive.
|
|
|
|
06/13/2005 08:17:06 AM · #6 |
Originally posted by thatcloudthere:
Do I try and rescue all my important files to DVD and format my hard drive? |
If you can rescue all your files and are confident on a reinstall, this would be my advice.
|
|
|
|
06/13/2005 08:20:10 AM · #7 |
I'm just going to presume that you have WinXP... why ... hmmmm because that's what I do ... I presume... ;-)
Anyways, give this a go Anti-Spyware Software ... Microsoft Anit-Spyware is beta but it works like a charm and is free for now.
But one thing I would suggest if you are having issue removing virus/spyware and stuff....
So get the Microsoft product, install it, updated it and than ....
Go into your Control Panel | System Properties | System Restore and click Turn off system Restore on all drives ....
Reboot and go into Safe Mode (usually by pressing F8 during the reboot right when the system starts booting but before it starts booting into Windows).
When you turn off system restore the infected files (which are most likely newer then the original gets moved back into your computer and you can't clean up the restore points without turning that off first), secondly going under safe mode most of the programs that are causing you problems are not started so they are not in memory which allows you to clean them with your virus scanner.
AVG is nice because it's free however it's no replacement for McAfee or Norton remember that, read the fine print and you will notice the limitation of AVG.
Remember, to turn on System Restore after you are done....
If you do have WinXP ... make sure you are on Service Pack 2 and have your Firewall Turned On.
Good Luck hope this helps a bit.
Message edited by author 2005-06-13 08:20:44. |
|
|
|
06/13/2005 08:27:55 AM · #8 |
Thanks Moose...I will follow your advice when I get home.
|
|
|
|
06/13/2005 08:30:06 AM · #9 |
Oh...another question...
I asked my wife not to use the computer at all today. Will this stop spam from being sent from my account in the meantime?
I really don't want my ISP to shut down my account...
|
|
|
|
06/13/2005 08:33:26 AM · #10 |
Originally posted by thatcloudthere:
I asked my wife not to use the computer at all today. Will this stop spam from being sent from my account in the meantime? |
Is your computer turned off? If not, have you disconnected it from the net?
If it is on, and connected to the net, it may still be sending spam.
Ideally, turn it off, and when you work in it later, make sure it is disconnected from the net.
|
|
|
|
06/13/2005 08:33:54 AM · #11 |
Seriously, I would go one step further and purchase an off the shelf broadband router/firewall.
Honestly, that is your very best bet for significantly increasing the security of your home computer system.
If you save off all of your data and then perform a full system restore, by formating the Hard Drive, Fdisking the Master Boot Record, reinstall Windows XP and then hook it up to the Internet to start downloading patches, you will likely be in the same place you are right now, before you even get a chance to complete the download of any updates.
There are so many automatic remote root exploits for unpatched Windows XP machines that your computer will likely be exploited in roughly 6 minutes after reconnecting it to the Internet to download Windows updates.
If you have broadband router/firewall in place, then you will have little to worry about while you update your PC through Windows Update.
Good luck and I am sorry to hear that you are experiencing issues. |
|
|
|
06/13/2005 08:34:51 AM · #12 |
Originally posted by Nelzie:
Seriously, I would go one step further and purchase an off the shelf broadband router/firewall.
Honestly, that is your very best bet for significantly increasing the security of your home computer system. |
That won't stop spam zombies, viruses or spyware, though.
|
|
|
|
06/13/2005 08:39:11 AM · #13 |
It sounds like a mess.
But you need to take a deep breath, disconnect from the internet, and figure out how bad it is.
Are the ones not being stopped popups or viruses? If viruses have gotten past your defenses, which ones? List them, find another PC, go online and look them up. I say find another PC, because if you have a trojan/virus or your PC is a zombie under remote control, you probably shouldn't be online. But installing Zonealarm might be a good way to catch what programs are infected or doing that.
Now you have a list of offenders, perhaps caught the trojans trying to get out, and you can decide whether it is better to reformat or fix.
And one activity you can do is to disconnect from the internet and back up your data files to DVD. During the course of various recovery procedures, you may in fact, either end up with a trashed hard drive, or simply end up reformatting it. Don't back up any program files. You may want to export your emails to a text only format, or print them to PDF, assuming the source of the trojan or virus may be in there, and you don't want to backup your email, especially any with attachments.
For spyware, add spywareblaster to your list to better innoculate yourself from picking up spyware.
You can get a trojan from a JPEG though, contrary to what was said. Those are buffer overflow attacks, which Microsoft has presumably patched. So you might only want to backup only your own files--not ones you may have downloaded from other sites (the ones here are probably safe).
Good luck!
|
|
|
|
06/13/2005 08:40:54 AM · #14 |
A lot of spam pretends to be from people who have had nothing to do with it. You can have a PC as well protected as Fort Knox, it won't stop this happening. I had a scary time a couple of years ago with an underage porn site which pretended to be from my email address. As you can imagine, I got a lot of angry emails asking why a respectable photographer was involved in such nastyness. Not good.
There's usually not a lot you can do about it other than ride it out. |
|
|
|
06/13/2005 08:53:17 AM · #15 |
Originally posted by BobsterLobster:
A lot of spam pretends to be from people who have had nothing to do with it. You can have a PC as well protected as Fort Knox, it won't stop this happening. I had a scary time a couple of years ago with an underage porn site which pretended to be from my email address. As you can imagine, I got a lot of angry emails asking why a respectable photographer was involved in such nastyness. Not good.
There's usually not a lot you can do about it other than ride it out. |
Yes, that's a good point. My Yahoo address must have gotten on some list and is always getting "spoofed". That means that bad messages appear to come from me, even though I'm not infected (nor is Yahoo mail). And the bounces from servers therefore all come to me. You would think they would be smart enough to not bother bouncing back to me--since messages with viruses, ads, etc., are almost always spoofed to someone other than the senders address!
So if that's what's happening, your PC may not be a zombie after all. It could just be your email address is being spoofed by someone. Look at the headers of the bounced mail, and see if they originated from your ISP, just as your real mails do (you can send yourself a message to see the path. Turn on full headers and look at all the IPs in there.) |
|
|
|
06/13/2005 08:58:20 AM · #16 |
Originally posted by notonline:
viruses cannot attach themselves to music files or pictures. I would however be weary of all .exe, .com, etc.
|
I would be careful witrh this statement - it is not true. Virii can attached themselves in pics/music files. Or more correctly, be embedded in them.
|
|
|
|
06/13/2005 09:15:58 AM · #17 |
Try this one: //antivirus.trustix.com/ It has more virus signatures then any other A/V, and you can install it for 30 days for free.
|
|
|
|
06/13/2005 09:17:45 AM · #18 |
System restore if all else fails.
|
|
|
|
06/13/2005 09:31:30 AM · #19 |
I had the email problem once. I called my ISP and told them that I was receiving email replies where I had sent spam mail. They told me once someone has stolen your email account there was nothing that could be done. Not even changing the password helped. I had to have them delete that email address and assign another. Hope everything works out. I could have my computer off and the emails would still be sent by the hacker because they were originating from my ISP not my computer.
One of the ways to tell if the email is generated on your computer or the ISP is check your sent mail. If it's not there then it is being set through the ISP not your computer. So turning off the computer will not help.
Message edited by author 2005-06-13 09:35:20.
|
|
|
|
06/13/2005 09:36:29 AM · #20 |
this is a stab in the dark here but...
didnt SP2 sweep your hardrive for any and all malware? would reinstalling only SP2 clean up your computer and keep all your clean data?
...just a thought...
|
|
|
|
06/13/2005 09:39:53 AM · #21 |
Originally posted by SDW65:
I had the email problem once. I called my ISP and told them that I was receiving email replies where I had sent spam mail. They told me once someone has stolen your email account there was nothing that could be done. Not even changing the password helped. I had to have them delete that email address and assign another. Hope everything works out. I could have my computer off and the emails would still be sent by the hacker because they were originating from my ISP not my computer.
One of the ways to tell if the email is generated on your computer or the ISP is check your sent mail. If it's not there then it is being set through the ISP not your computer. So turning off the computer will not help. |
Still doesn't sound like they were actually using your email account, it sounds like they were spoofing it. If they were actually using your account, I'd have got your ISP to restrict it to your IP address. |
|
|
|
06/13/2005 09:42:58 AM · #22 |
Originally posted by SDW65:
If it's not there then it is being set through the ISP not your computer. So turning off the computer will not help. |
This isn't the problem thatcloudthere is encountering, so turning off the computer WILL help.
|
|
|
|
06/13/2005 09:48:26 AM · #23 |
Actually your email address doesn't even have to be stolen for you to be spoofed. More times than not someone we know be it a friend, co-worker, acquaintence or the likes, has our email address in their address book and they become infected with a mass mailing trojan.
Web crawlers grab email addresses from our internet sites.
Many people reply to those "Unsubscribe by Clicking the link" Emails that they receive...which do nothing more for then verify an active email address for the guy that is making a list to sell. 1000 emails = 100 bucks, it's easy to get the uniformed to bite on this one.
Once our email address is in someone elses address book there is about zilch we can do...
As far as Scanning an infected pewter with a stand alone that will fit on a thumb drive or floppy I use Stinger from McAfee it is small, free and always (near) up-to-date. You have to check regularly as virus signature files are frequently.
|
|
|
|
06/13/2005 09:48:47 AM · #24 |
Originally posted by PaulMdx:
Originally posted by Nelzie:
Seriously, I would go one step further and purchase an off the shelf broadband router/firewall.
Honestly, that is your very best bet for significantly increasing the security of your home computer system. |
That won't stop spam zombies, viruses or spyware, though. |
Most of those you need to actively install yourself by clicking on something or surfing to a bad website.
The purchase of the broadband router/firewall will provide that first line of defense that will allow the user to update the PC through Windows Update without fear of getting hacked by the automatic hacks that regularly scour the Internet and the blocks of IP Addresses regularly assigned to home users.
The first thing would be to install the OS, the second thing would be to install any third-party AV software, then connect that PC to a Firewall/router, then run all the updates.
That's my standard mode of operation and I haven't been hit by a virus or trojan or automatic Microsoft Windows hack in a good number of years. In fact, the only time I have ever had one of my PCs hit by a virus was nearly ten years ago when I knew next to nothing about PCs. |
|
|
|
06/13/2005 10:00:18 AM · #25 |
Originally posted by Nelzie:
Originally posted by PaulMdx:
That won't stop spam zombies, viruses or spyware, though. |
Most of those you need to actively install yourself by clicking on something or surfing to a bad website. |
Correct, which is where thatcloudthere's problem most likely stemmed from, as does a significant majority of other users' issues.
Message edited by author 2005-06-13 10:01:07.
|
|
Home -
Challenges -
Community -
League -
Photos -
Cameras -
Lenses -
Learn -
Help -
Terms of Use -
Privacy -
Top ^
DPChallenge, and website content and design, Copyright © 2001-2026 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 01/10/2026 05:37:23 AM EST.
