Solved

No spam and virus-warnings after changing Email-password

Posted on 2004-04-26
8
166 Views
Last Modified: 2013-12-04


I had a lot of problems with my email. Receiving spam, provider who accused me of sending spam, not beiing able to make a good connection with pop3 and smpt. After i changed my password everything worked fine and the amount of spam was only about 10% of the usual load. What does this tell me????

I work with Windows XP, use MS-Outlook, McAfee AV  on my PC (Antivirus + patches Micrososft up-to-date), have my PC behind Ositus Winproxy (on Win98 machine) who's Antivirusprogram told me often about my PC sending OR receiving a file with Exploit/Eframe or W3p/Netsky.P.worm. I could not trace both on my machines. On my home-network are 4 more PC's with all users only using hotmail.

Because of the troubles I performed on my  PC and de Winproxy machine an extra scan with online virusscanning software adn firewall-testing stuff. All fine. I decided to use internet-mail, changed my password and suddenly my pop-up account inmediately worked fine.
0
Comment
Question by:dickprovoost
8 Comments
 
LVL 21

Expert Comment

by:jvuz
ID: 10925696
Check also for spyware/adware:
0
 
LVL 21

Accepted Solution

by:
jvuz earned 63 total points
ID: 10925700
SpyBot-S&D


SpyBot-S&D is an adware and spyware detection and removal tool. This includes removal of certain advertising components, that may gather statistics as well as detection of various keylogging and other spy utilities. In addition, it also securely removes PC and Internet usage tracks, including browser history, temporary pages, cookies (with option to keep selected) and more. The program offers an attractive outlook-style interface that is easy to use and multi-lingual. SpyBot-S&D allows you to exclude selected cookies, programs or extensions from being reported, allowing you to prevent false positive messages for items that you dont want to be alerted of every time. It can even scan your download directory for files that have been downloaded, but not yet installed, allowing you to detect unwanted programs before you even install them. SpyBot produces a detailed and easy to understand report before it deletes any files and allows you to deselect any item that you do not want to be processed. In addition, a recovery feature allows you to restore your settings if needed. Very nice tool, that exceeds the capabilities of the popular Ad-Aware application.


http://www.webattack.com/download/dlspybot.shtml


Ad-aware


AdAware is a privacy tool, that scans your memory, registry, hard, removable and optical drives for known data-mining, aggressive advertising, and tracking components. It then lists the results and offers to remove or quarantine the components. The program detects a wide range of adware/spyware related issues and can be updated with the latest signatures via the built-in update utility. Please be advised that removing certain components may impact the functionality of effected software applications. You should fully read the included Ad-aware documentation before removing any files!


http://www.webattack.com/download/dladaware.shtml


HijackThis


HijackThis is a tool, that lists all installed browser add-on, buttons, starup items and allows you to inspect them, and optionally remove selected items. The program can create a backup of your original settings and also ignore selected items. Additional features include a simple list of all startup items, default start page, online updates and more. Intended for advanced users.


http://www.webattack.com/download/dlhijackthis.shtml


Keylogger Hunter


Keylogger Hunter is a program that attempts to detect any keyloggers that may be running on your computer. It performs a system analysis, which takes about 3-5 minutes and then produces a list of suspicious files (if any). It detected 2 out of 3 running keyloggers in our test. Future versions are planned to be shareware.


http://www.webattack.com/download/dlklhunter.shtml


KL-Detector


KL-Detector is designed to provide a way to find out whether your activity is being recorded with a keylogger application. It uses the fact that most keyloggers create a hidden log file on your hard drive and therefore scans for any suspicious activity during a test period that you have to initiate. Basically, it asks you to use the keyboard for several minutes, type some text or do similar activities, while it is monitoring your system to check if it can detect any suspicious logging activity. KL-Detector is intended for occasional use and not as a permanently running program, as normal PC activity may cause false positives. During our test, it did detect changes in a keylogger log file (that we installed), but it did not find the activity suspicious enough to warn us. Advanced users may get value by inspecting the logged items, however novice users should not rely on the results.

http://www.webattack.com/download/dlkldetector.shtml


X-Cleaner Free


XCleaner is a privacy tool suite that detects and removes installed spyware and adware components and includes tools to securely delete files, edit the registry, disable startup programs and more. Additional features include IE home page protection, cookie, cache and history cleaning, built-in password generator and more. This free version also contains some additional feature options, however they are disabled and require upgrade to a full version. The spyware and adware scanning as well as many cleaning features however can be used freely.


http://www.webattack.com/download/dlxcleaner.shtml


SpywareBlaster


SpywareBlaster doesn`t scan and clean for so-called spyware, but prevents it from being installed in the first place. It achieves this by disabling the CLSIDs of popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage. This allows you to run Internet Explorer with Active-X enabled, but it will never download or even prompt you for any of the known ActiveX controls. All other Active-X controls or plug-ins will work fine. The SpywareBlaster database contains information on these known spyware Active-X controls and can be updated with the click of a button. The application windows displays a list of all controls that it is able to detect (this is not a list of what was found on your computer). The program cannot detect if you have any of the known objects already installed, but if you do, they will be disabled. The program also allows you to take a snapshot of your computer (certain settings) in its clean state and later revert many changes made by spyware and browser hijackers.


http://www.webattack.com/download/dlspywareblaster.shtml


SpywareGuard


SpywareGuard provides a real-time protection solution against so-called spyware. It works similar to an anti-virus program, by scanning EXE and CAB files on access and alerting you if known spyware is detected. If this is the case, it initially blocks access to the file and then allows the user to select an action. SpywareGuard provides a fast scanning engine, signature-based scanning, heuristic/generic scanning, a control panel, and an online-update utility for downloading of definition updates. It does not replace your anti-virus protection, but instead detects programs that may cause privacy concerns. The list of detected programs includes AdBreak, AdultLinks/LinkZZ, Brilliant Digital, CommonName, Cytron, FreeScratchAndWin, FriendGreetings, HighTraffic, HotBar, IEDisco, iGetNet, Lop.com, MoneyTree Dialer and others.


http://www.webattack.com/download/dlspywareguard.shtml


SpySites


SpySites allows you to manage the Internet Explorer Restricted Zone settings and easily add entries from a database of 1500+ sites that are known to use advertising tracking methods or attempt to install third party software. You can select the sites from the list, or optionally add all of them, or only the "worst offenders". The program then adds the URLs to the IE Restricted Zone settings. Once configured, there is no need to run the program again, unless you want to add additional sites.


http://www.webattack.com/download/dlspysites.shtml
0
 
LVL 16

Assisted Solution

by:JamesDS
JamesDS earned 62 total points
ID: 10925705
dickprovoost
You're online email account was almost certainly hacked and much of the messages you have been seeing are commercial antivirus and anti-spam software rejecting messages sent using your account without your knowledge. This is likely why the traffic reduced considerably when you changed your password.

Additionally there a few worms out there at the moment (NETSKY is a good example) that used SPOOFED email addresses during propagation as their source address and one of these maybe using your email address as a spoof. This also results in messages from commercial antivirus and anti-spam software installed on the would-be targets of the worms.

As long as you are not sending this stuff out, you change your password regularly, don't open spam or email from sources unknown to you and have a decent (and updated) AV program, then you will be fine.

Cheers

JamesDS
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 12

Expert Comment

by:trywaredk
ID: 10936710

Cleaning your computer  - and protecting it in the future -  can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 1

Expert Comment

by:jozambrana
ID: 11114709
I believe your not infected. Your email address is just spoofed just like JamesDS stated.

I believe you are just a victim of email spoofing. This means that your PC is not infected with Netsky.p worm.  It's just that a certain computer (we just don't know who owns that computer), was being infected by Netsky and unfortunately has your email address on his email's address book.  Instead of using the infected computer's email address, the worm spoofed it, used your email address and put it in the From header.

For additional information, pls. visit this site:
http://www.f-secure.com/v-descs/netsky_p.shtml.
0
 
LVL 21

Expert Comment

by:jvuz
ID: 11609631
Thanx,
Jvuz
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now