5 Replies Latest reply on Jan 22, 2010 7:30 PM by Peter M

    Probably a virus ... spam email! and what do I do?

    JWL

      My son uses Windows Vista and is one of the users of my Total Protection (which is up to date).

      (I have downloaded and run, as suggested in one of the discussions in the forum, SuperAntispyware but can not do the HiJackThis as it does not appear to be for Windows Vista.)

       

      Spam emails have been sent from my son's hotmail account.

      He received notifications that emails had not been delivered from addresses he does not know, though they were sent from his address.

      I received one of these emails (which I deleted immediately!)

       

      A recent occurance of this spam mail (I got him to forward to me a returned mail he had not yet deleted, and unfortunately do not have a copy of the previous lot sent out)

      The email

      - was sent to multiple addresses, all begining with "doc".

      - subject was "re: genuine brand electronics"

      - the message has references to

         - our company www (.llkf66.)com

         - you can contact our msn message llkf66(@hotmail.)com or send email to llkf66(@gmail.)com

       

      Full scans do not pick up anything.

      I know very little about viruses/spam/etc.I know very little about viruses/spam/etc.  So have spent 2 days trying to work out what virus and what to do.

      (Unfortunately I have established with McAfee that I can not use their chat virus removal service and I can not use the phone one as our phones do not work.  So that option is out.  Where I am there really isn't the expertise around to take the machine to.)

      I would really appreciate some guidance as what to do now.  I am at my wits end.

      (I sincerely hope I have done this all correctly and "posted" it in the correct place.  Am open to corrections.)

        • 1. Re: Probably a virus ... spam email! and what do I do?
          Peter M

          That's Vista SP2 I trust...always a good idea to keep the operating system and any software up to date.

           

          Receiving notifications of undelivered mail apparently from oneself is not unusual and is often nothing to worry about.

           

          It means that someone, somewhere, who has your son's email address in their address book, has an infection which is spoofing a random address from that list, in this case your son's, to send spurious spam emails willy-nilly across the web.

           

          Do you know for sure that they definately were generated at his email address - do they show in the outbox or sent folders?

           

          It's been a while since I used Hijackthis but I believe one can run it in Vista and Windows 7 for that matter by right-clicking the installer .exe and selecting Properties and under the Compatibility tab select "Run in compatibility with Windows XP", but I can't guarantee that.

           

          If SuperAntiSpyware found nothing you might want to run the free version of this tool too as it often finds obscure stuff that major anti-virus and anti-spyware applications overlook for whatever reason.   Update it before running and let it remove anything it finds and reboot immediately when asked to do so.

           

          http://www.malwarebytes.org/mbam.php

           

          If you do manage to get Hijackthis installed and want its log analyzed then follow these guidelines:

           

          TrendMicro HijackThis;

           

          For stubborn infections that nothing seems to budge try using an application called "Hijackthis" and posting its log on one of the forums below. They will check it and help you get rid of whatever ails your machine.

           

           

          DOWNLOAD HIJACKTHIS

           

           

          Do not post the log here, we can't help!

           

           

          Post the logs at a specialist Forum:

           

           

          AUMHA FORUM

           

           

          BLEEPING COMPUTER FORUM

           

           

          MAJOR GEEKS FORUM

           

           

          MALWAREBYTES FORUM

           

           

          MALWARE REMOVAL FORUM

           

           

          SPYWAREHAMMER FORUM

           

           

          SPYWARE INFO FORUM

           

           

          WHAT THE TECH FORUM

           

           

          Be sure to read all the sticky announcements/instructions at the top of each malware forum!

          1 of 1 people found this helpful
          • 2. Re: Probably a virus ... spam email! and what do I do?
            JWL

            Thank you, much appreciated, that has been most helpful.

            I have followed the links suggested.

             

            Clarification of one point, please.

            Referring to the comment "...  do they show in the outbox or sent folders?"

            - If the sent emails do not show up anywhere on his computer does that confirm the spam emails were definitely not sent from his computer?

            - Would this then mean that the spam mail came from a machine

               - with his address

               - as well as my address on it (as I received one of the spam mails sent from his address)

            • 3. Re: Probably a virus ... spam email! and what do I do?

              If the emails don't show anywhere on your son's computer, there are two possibilites:

               

              1. They are sent from elsewhere, because someone  has access to his hotmail account. Ask him to change the password just in case.

              2. His account is not stolen, spammers are faking his address in the From field.

               

              It's very likely you are not infected with anything in either case.

               

              Hope that helps,

              Irene

              1 of 1 people found this helpful
              • 4. Re: Probably a virus ... spam email! and what do I do?
                JWL

                Thank you very much for both replies.

                Your time and assistance is much appreciated and has been most helpful in both cases.