Solved

Spam Emails being sent through my computer

Posted on 2004-10-09
18
8,233 Views
Last Modified: 2013-11-16
My computer is sending hundreds of emails.  A pop up from symantec states "Your email message was unable to be sent because your mail server rejected the message."  I have NAV.  I have tried many of the virus/spyware scan freeware sites with no luck.  Any help on stopping this would be helpful.  Thankyou.
0
Comment
Question by:summit76
  • 4
  • 4
  • 3
  • +5
18 Comments
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12268697
Are you using any email client to send emails ? If yes , first close the email client.

a) Install a good firewall like zonealarm.

b) Update the virus definition of NAV.
Scan virus using these both in NORMAL AND SAFE MODE.

Stinger : http://vil.nai.com/vil/stinger/

NAV

and this Online virus scanner :http://housecall.trendmicro.com/

c) Then remove all temporary files

Remove temporary internet files, folders and cookies
Also remove windows Temp files going to

1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%

d) Spams are very tricky to figure out.. Do you have any spamkiller installed , if not install it..
0
 

Author Comment

by:summit76
ID: 12268716
I am not using a email client

I have a firewall through Norton is that good?

NAV is updated.

I tried Stinger and houscall with no luck.

I did this.  What should I delete once these pages are up.
1) Start --> run --> typein:  %systemroot%/temp
2) Start  --> run --> typein: %temp%

I do not know what spam killer is.
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 12268723
summit76,
> I have a firewall through Norton is that good?

It depends to say whether it is good or not. It is better to have zonealarm ..

NAV most of the time doesnot find latest virus. Run the virus scanners , i have suggested to be sure

You can remove all the files once that temp folder comes in. DONOT remove the TEMP folder , remove only the contents.
some files you cannot remove , donot worry about those. you can remove them in safe mode..

0
U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

 
LVL 49

Expert Comment

by:sunray_2003
ID: 12268732
0
 
LVL 4

Expert Comment

by:gemchest
ID: 12268865
Hi,

Is it really the problem caused by NAV? Is these mails those you wanna sent? or is it on its own? My point is, maybe you'd check the sending/receiving servers are ok and active first, probably the server isn't responding correctly after all..

If the mails arent ones u wanna send, you should try to do a full scan for any program that makes the computer sending out mails.

cheers,
Luis
0
 
LVL 3

Expert Comment

by:happythedog
ID: 12270726
disable ports 25 110 113 in out tcp udp all ip addresses , this should stop the pc from sending all e-mails , course if its an internal spam app it could dos yourself but odds of it are slim if you make sure firewall is set to
DENY the connections
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 12271139
Sounds very much like Blaster trying to replicate.
Run a full Stinger scan in SAFE MODE - http://vil.nai.com/vil/stinger/
0
 

Expert Comment

by:futurelogix
ID: 12272063
jus scans the ports online  with the help of softwares available in

http://www.diamondcs.com.au/index.php?page=home

tds3 trojan scanner can perfectly look for any worms that send mails from ur pc
also there is port scanner software which could help u ports online!!!

0
 
LVL 3

Expert Comment

by:happythedog
ID: 12273309
deny the ports use the utils on grc.com if your curious
0
 
LVL 4

Expert Comment

by:ferg-o
ID: 12277581
Tim is right - boot your machine to safe mode and scan all your drives.
0
 
LVL 3

Expert Comment

by:happythedog
ID: 12278776
go to a format
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 12285581
If the operating system is bootable, then no format required...
0
 
LVL 3

Expert Comment

by:happythedog
ID: 12286464
required it isnt , but would clean things up
quote from author Your email message was unable to be sent because your mail server rejected the message."
knowing what error code was recieved would be helpful , this could be user has gone over an e-mail quota , a misconfigured mailserver,
the fact its rejecting i assume means hes authenticating propertly so the second choice is probably out
try taking down NAV and all other av/firewalls you have , then see if you can send an e-mail this will narrow the issues some
0
 

Author Comment

by:summit76
ID: 12290026
I ran stinger and it did not detect anything.  I installed zonealarm and the pop ups stating "Your email message was unable to be sent because your mail server rejected the message" have stopped(which is very good).  Most of the email titles being sent were pornographic.  These are not emails I am sending or want sent.  They slow my internet connection and were at such high volumes that the pop up alerts made it difficult to use the computer at all.  Like I said the pop ups have stopped but its difficult to tell if these spam emails are still being sent.  During the first hour after being instaled zone alarm noted 9000 intrusion attemps.  This problem first started a couple months ago and then stopped.  My computer never ran as well and now that its back it makes me belive that it was never really gone.    
0
 

Expert Comment

by:John-Reilly
ID: 12294346
"During the first hour after being instaled zone alarm noted 9000 intrusion attemps.  This problem first started a couple months ago and then stopped.  My computer never ran as well and now that its back it makes me belive that it was never really gone."

My friend, your machine is badly 'hosed'.  We could give you accurate and professional advice that would gradually reduce your symptoms after hours of your own hard efforts, and still not be certain you have rid your machine of serious trouble.

I don't know what your technical experience level is, but I steer you towards reformating your hardrive. It will take you 5-10 hours assuming you have ALL of your origninal software CD's, usernames, and passwords handy, and access to another PC for researching trouble - but it's the only way to ensure a clean PC.

How do you decide what to do?  If you answer yes to any of the following, I'd reformat.  

-Are you behind a router/firewall from your ISP?
-do you do Online banking?
-do you do use the Internet to access your credit cards?
-do you do use the Internet for Online Bill payments
-did you ever create Excel, Word, etc., documents with personal information (SS#, drivers license, DOB, passwords, etc.)
-Have anything you wouldn't like someone to steal.
-do you connect to Employers VPN?

Reformatting is painful and slow, but the surefire way of cleaning a machine that has been compromised for months.  You will also be able to start fresh with the previous suggestion of Zone Alarm, AV, anti-spyware tools, etc.  If you're really paranoid (like me),and answered yes to most of the above items, then I'd also order a credit report.  

If you have XP, you could do a system restore to a date many months back.  But this will give you a false sense of security if you don't know how to go about 'hardening' your PC from future attacks.

Reformat and sleep better.  But backup your music and family photos first =)
0
 
LVL 4

Expert Comment

by:gemchest
ID: 12294620
hi,

hmm... i believe something really messed up is happening in your computer. try to use antivirius software to give it a thorugh scan or use adaware and hijackthis to remove unwanted entries...

http://www.zerosrealm.com/downloads/hjt.zip
http://www.download.com/3000-2144-10045910.html?part=69274&subj=dlpage&tag=button

of course, the best way for such big entanglement is to re-format, it's up to your discretion.

cheers,
Luis
0
 
LVL 23

Accepted Solution

by:
Tim Holman earned 500 total points
ID: 12297885
Hosed or not, everything's fixable...  ;)  Here's my standard blurb:

Getting rid of the problem...

1)  Run a full Stinger scan in Safe Mode - http://vil.nai.com/vil/stinger/
2)  Install and run LavaSoft AdAware - http://www.lavasoftusa.com/support/download/
3)  Download and run HijackThis (HJT) http://www.snapfiles.com/get/hijackthis.html
4)  Post the log at http://www.hijackthis.de/index.php?langselect=english
5)  Run MSBA - http://www.microsoft.com/technet/security/tools/mbsahome.mspx & take appropriate patching action

Stopping it happen again...

1)  Ensure WindowsUpdate is set to update your system
2)  Download a pop-up blocker - eg toolbar.google.com
3)  Install Lavasoft AdAware and run regular scans, or just leave it and have it handy for when problems start recurring.
4)  Keep your AV software up to date - daily updates recommended
5)  Enable Internet Connection Firewall, or use ZoneAlarm if you don't use XP
6)  Stay vigilant.  Don't bother opening non-work related email attachments, or install an on-access virus scanner so that it doesn't matter if you do.
7)  Look at a host IPS - eg www.prevx.com to cover your machine between when a virus hits the wild and when a patch is finally released that fixes it.  Average time is roughly 6 days.

0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 12341201
Which bit fixed this ?  
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question